Cybersecurity Predictions for 2023: Thoughts from Abnormal's CISO

Learn how validating your tools, ensuring ROI, and extracting the optimal benefits from your investment can help protect you from cyberattacks in 2023.
December 19, 2022

The new year is fast-approaching, and a glance at the headlines reveals that economists are predicting a rather lean 2023. Concerns about an impending recession engender feelings of fear, uncertainty, and doubt—all of which cybercriminals can exploit in social engineering attacks. And while never celebrated under any circumstances, in such an environment, security risks are about as welcome as ants at a picnic.

Yet threat actors are already on the march.

For those of us who are hungry for growth, revenue, and security in 2023, these adversaries are well worth identifying. Knowing how to detect and divert them from our organizations is essential for preventing costly consequences.

It’s been said, “A preemptive mindset is always more efficient than a reactive one.” Nevertheless, for every successful attack, there is still plenty of repair and reinforcement available.

In this article, we’ll propose solutions that can help heal and protect you from future attacks by validating your tools, ensuring ROI, and extracting the optimal benefits from your investment.

The Usual Suspects Will Return in 2023, Have No Doubt

Modern email attacks are considerably more sophisticated than the poorly-worded phishing emails and obviously malicious links from years past. And socially-engineered attacks are undeniably ticking upward. Nearly every day, employees fall victim to credential phishing and business email compromise (BEC) attacks that lure them into revealing proprietary and sensitive information, often incurring significant and unrecoverable financial losses.

Microsoft also reports a “disturbing rise” in nation-state attack activity. The tragic war in Ukraine has opened up fresh vulnerabilities to Russian targeting and disruption, as well as aggressive espionage activity toward Ukraine’s allies—including the U.S.

Interestingly, Ukraine’s decision to migrate government and critical services to the cloud has fortified its resilience to resist and recover from these incursions. That speaks to the rapid improvement in cloud security.

Further, thinking preemptively means that you should stay on the lookout for threat campaigns from unexpected origins. Ransomware is particularly ferocious, tenacious, and lucrative; Iranian sources have been executing these attacks blatantly, according to Microsoft.

Workplace Cybercrime for Profit

Prescriptive vigilance recommends digging deeper into areas beyond email.

In my experience, we have to be on constant watch for misconfigured SaaS. Those misconfigurations may be responsible for up to 63% of security incidents, says a recent survey by the Cloud Security Alliance (CSA). Do you have too many departments with access to SaaS security settings? (Yes, 35% is too many, scolds TechBeacon).

Also, lack of visibility into setting changes opens the door to prowlers. A whopping 43% of organizations have dealt with one or more SaaS misconfiguration incidents, so you’re not alone.

With attackers becoming more ingenious and destructive by the hour, you can expect them to pivot to and exploit familiar collaboration tools like Teams, Slack, and GitHub to extract sensitive information. Remote and hybrid workforces rely on these communication vessels to carry out their workflow, meaning a breach can deliver a brow-furrowing headache!

Such vulnerability underscores the need to explore beyond initial authentication vectors to truly identify and detect lurking risks, bad actors, and malicious activity. Only machine learning and behavioral data science as part of an integrated security platform can protect your organization.

Protect Your Organization in 2023—and Beyond

Here at Abnormal, we sharpen and hone your defenses against the entire spectrum of email-borne attacks, helping you build a security posture that deploys the power of AI to mitigate new and emerging threats. You may not be able to change the threat landscape or economic trends, but you can automate the protection of your email and get back to focusing on the work at hand rather than battling uninvited hordes.

See for yourself how Abnormal blocks email attacks before they can reach employee inboxes. Request a demo today.

Cybersecurity Predictions for 2023: Thoughts from Abnormal's CISO

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B Complex Case of Account Compromise Blog
Discover how Abnormal helped one organization detect the sophisticated tactics an attacker used to compromise an employee's email account.
Read More
B Cross Platform Account Takeover
Discover the dangers of cross-platform account takeover, the challenges of detecting this attack, and how to implement proactive protection against ATO.
Read More
B 5 17 24 Legal
Learn how cybercriminals use superficial disclaimers to deceive others while facilitating illegal activity on cybercrime forums.
Read More
B Cybersecurity Influencers Blog 2024
Stay up to date on the latest cybersecurity trends, industry news, and best practices by following these 15 innovative and influential thought leaders on social media.
Read More
B 5 13 24 Docusign
Cybercriminals are abusing Docusign by selling customizable phishing templates on cybercrime forums, allowing attackers to steal credentials for phishing and business email compromise (BEC) scams.
Read More
Abnormal employees honored as CRN 2024 Women of the Channel for their influential leadership in the tech industry.
Read More