By Mike Fleck, Senior Director of Sales Engineering, Cyren

The volume of cyberattacks and their impacts have intensified, making the last few months an especially highly fraught time for cybersecurity. There has been growing tension across the UK and the United States due to the rise in nation-state-backed threats amid international disputes, as well as a general increase in activity from criminal gangs. Security teams are additionally under much pressure due to the onset of an economic downturn and the growing skills shortage.

It is crucial to recognise the current position of security teams to analyse the most significant trends in threats for the upcoming year. In turn, it will help predict if the industry is up to the task of handling what is in store for them in the forthcoming year.

How can security teams tackle the pitfalls of the skill gap?

The 2022 Cybersecurity Workforce Study by (ISC)2 highlighted a gap of 3.4 million workers in the global cybersecurity workforce. Despite the workforce increase by 26.2 percent this year compared to 2021, the shortfall of workers is still quite evident.

The security industry has been tackling the issue of prolonged skills shortage for a while now, but the report indicates that this gap will only widen in the following year. The crisis could surely worsen as firms freeze hiring in preparation for the economic downturn and some reduce their workforce.

To move ahead of this crisis, security leaders will need to focus on improving efficiency of security operations. Solutions which provide earlier detection and help to automate investigation and response, or otherwise reduce costs and efforts of threat investigation, will become increasingly important. This can significantly reduce the burden on security teams, enabling them to work efficiently and strategically.

This is one of the most promising uses for AI and machine learning-powered tools. While an absolute resolution might not be seen in the upcoming year, I believe that a lot of progress and maturity will be seen.

How will a reduced workforce affect security teams?

The reduced workforce also has a negative impact on the existing employees. Of those employees, the greatest impact is felt by the Security Operations Center (SOC) teams. With overburdened SOC teams and alert fatigue, security jobs have become more stressful. Most organisations are still using legacy security solutions, which often generate alerts and require complex administration that can only be performed by humans.

This has resulted in the security team being overwhelmed with the high volume of alerts and error-prone administrative tasks. Analysts receive a considerable number of high-volume, low-quality alerts, creating time-consuming processes and significantly reducing job satisfaction. This increases the likelihood of overworked professionals leaving the field. This responsibility will likely become more burdensome in 2023 with the ongoing skills shortage.

How should the government’s approach towards cyber security differ in the future?

With threat actors constantly updating their approach to reach perimeters, evade standard antivirus agents and exploit vulnerabilities, the need for new legislation focusing on good cyber hygiene is evident.

Over the last few months, there has been a focus on pushing for better cyber hygiene and breach disclosure by governments all over the world. The EU GDPR started a global trend that had a ripple effect on governments across the globe. The state-level movements on new regulations like the California Consumer Privacy Act (CCPA), and in specific industries, such as updates to HIPAA security rule guidelines, have been extremely notable.

Like most nations, the US government has also been focused on implementing a national baseline of best practices for cybersecurity. CISA recently announced the Cross-Sector Performance Goals along with President Joe Biden’s Zero Trust mandate for governmental operations. This shows that there has been a lot of focus on improving cyber hygiene on a national scale, which we should expect to see evolve into enforcement in the coming years.

Having a better baseline is paramount as we face a lot of international tensions and a vast number of cyber threats from nation-state actors. The political divisions within most large Western economies don’t create a conducive ground for new comprehensive cybersecurity legislation to be approved in 2023. Nevertheless, it can be anticipated that the government will be taking a more direct approach to cybersecurity in the upcoming year, especially when it comes to critical industries like healthcare and energy.

As international tensions continue to run high, securing critical infrastructure will be a significant priority in the years to come. Another urgent priority will be software and business supply chain security, as adversaries target digital connections to bypass security.

In both cases, stronger email and malware security standards will be necessary as phishing emails remain a primary vector for launching attacks like ransomware. To defend an organisation against threats in the new year, a layered approach to email security is a must.