All eyes are on the cybersecurity market in 2023 amid analyst predictions that cybersecurity growth will accelerate this year and in years to come. Gartner, for one, sees the growth of global information security and risk management spending rising from 7.2 to 11.3 per cent in the 12 months ahead.
But what emerging cybersecurity vendors, technologies, and threat trends are those at the coalface betting on?
We caught up with senior leaders at six top UK MSSPs and cybersecurity consultancies to find out.
Rob Pooley, solutions director, Saepio
Which cybersecurity start-up or emerging vendor are you tipping for take-off in 2023, and why?
There are a number of domains in cyber that look set for growth in 2023, such as API security, breach & attack simulation, automated security validation and password-less; but the tech here sits in the ‘advanced controls' bucket and is most relevant to organisations with a mature security posture.
The ‘essential controls' are much more widely applicable and help to continually improve foundational security. Automox is our tip for take-off in 2023 and sits in the vulnerability discovery and Remediation space - an essential control. Their cloud platform helps reduce the operational time associated with fixing vulnerabilities and empowers organisations to meet basic cyber hygiene targets like those set by CE+ (14 days to address critical and high vulnerabilities).
More broadly, what cyber technology, service or approach are you expecting more of your customers to adopt in 2023?
We expect to see further uptake of SASE solutions helping organisations mature their zero-trust principles. The cyber skills shortage and the current global economic conditions are motivating customers to reduce the cost and complexity of their security ecosystems. At the same time, common goals are to increase cyber resilience and improve employee experience accessing business systems. For these reasons we expect platforms like Netskope to shine given their key role in building a zero trust architecture. Their technology integrations with other essential security controls allow point products to share telemetry and work together to grant conditional access to data and applications, but only when user, identity, device and location are all verified as trustworthy.
How do you expect the threat landscape to evolve in 2023?
There will be a continued shift from malware to identity-based attacks, where attackers often bypass the traditional cyber kill-chain and directly leverage compromised credentials to launch more sophisticated and catastrophic attacks. Similarly, we expect to see a continued rise in supply-chain attacks, using trusted relationships to infiltrate bigger, better protected, large ticket targets.