Info-Tech’s Security Priorities 2023 report will help security leaders secure a hybrid workforce, respond to regulatory changes, and adopt next-gen cybersecurity technologies.
SYDNEY, Feb. 22, 2023 /PRNewswire/ — Although ransomware campaigns declined quarter over quarter in 2022, primarily due to the collapse of more experienced cybercriminal groups, IT leaders still consider them to be the most worrying cyber threats. To help security leaders explore important 2023 security trends and customise the associated priorities for their organisations, global IT research and advisory firm Info-Tech Research Group has published its annual industry resource, the Security Priorities 2023 report.
‘With the threat of cyberattacks looming, security leaders must shift their focus to response plans and mitigations rather than broad risk assessments,’ says David Banger, Senior Managing Director, APAC. ‘A majority of organisations will face some type of cyber incident in the coming year. Those who have taken steps to prepare for a range of scenarios and demonstrate effective incident response management will set a new standard for the rest to follow.’
Info-Tech’s annual security priorities are based on primary data obtained from interviews with security and IT leaders, as well as from the firm’s 2023 Tech Trends report and upcoming State of Hybrid Work in IT: A Trend Report, set to be released in March 2023. The new security priorities report focuses on data that details the likely changes in processes and IT infrastructure due to hybrid work, concerns and perceptions about readiness to meet current and future legislation, and the impact of a potential recession on security budgets.
‘Aside from ransomware and the hybrid work model, in 2022, we saw an evolving threat landscape, regulatory changes, and the potential for a recession by the end of 2023’, explains Ida Siahaan, research director and lead analyst for the report. ‘Furthermore, organisations are still facing the ongoing issues of insufficient cybersecurity resources and organisation modernisation, all of which impact how we prioritise cybersecurity over the coming year.’
The firm advises that security and IT leaders keep the following five priorities top of mind as they work towards modernising their organisations, securing hybrid work environments, and mitigating risks and cyber threats:
- Maintain Secure Hybrid Work. The pandemic changed how people work and where they choose to work, with most still preferring a hybrid work model. The initial investment to set up remote work options was extensive and requires continuous investment to maintain the secure remote work infrastructure that facilitates a hybrid work model. According to Info-Tech’s research, security leaders must build a strong cybersecurity workforce by strategically acquiring, retaining, and upskilling talent to maintain secure systems and increase confidence in the security practice.
- Secure Organisation Modernisation. Despite all the cybersecurity risks, organisations continue modernisation plans due to the overall long-term benefits. These plans can include digital transformation to the cloud, operational technology (OT), and the internet of things (IoT). Security leaders must address the risk of converging environments by combining IT and OT security to protect the entire organisation.
- Responding to Regulatory Changes. Government-enacted regulatory changes are occurring at an ever-increasing rate. Rather than treating them as a compliance burden, organisations should use these changes as an opportunity to improve security practices. Security leaders need to identify relevant compliance obligations, implement policies and exception processes, and then track and report to ensure their remediations are effective.
- Adopt Next-Generation Cybersecurity Technologies. The cat-and-mouse game between threat actors and defenders is continuing. The looming question of “can defenders do better?” has been answered with the rapid development of technology. However, next-generation cybersecurity technologies alone are not a silver bullet and require a combination of skilled talent, useful data, and best practices to gain a competitive advantage. Governments and cybercriminals recognise the importance of emerging technologies, such as zero trust architecture and AI-based cybersecurity, and so should security and IT leaders.
- Secure Services and Applications. Software is usually produced as part of a supply chain instead of in silos. As demonstrated by recent incidents such as Log4j and SolarWinds, a vulnerability in any part of the supply chain can become a threat vector. To respond to this challenge, DevSecOps was developed as a culture and philosophy that unifies development, security, and operations. DevSecOps offers many benefits, such as the rapid development of secure software and the assurance that tests are reliably performed and passed before the software is formally released and delivered. Security and technology leaders must adopt this philosophy and the latest software development best practices to ensure that each link of the software supply chain is secured.
The Security Priorities 2023 report also includes recommended actions in addition to templates for security and technology leaders that can be used to explain each of the priorities to their stakeholders.
Download and read the full Security Priorities 2023 report to learn more about each priority for the year ahead.
Info-Tech Research Group is one of the world’s leading information technology research and advisory firms, proudly serving over 30,000 IT professionals. The company produces unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. For 25 years, Info-Tech has partnered closely with IT teams to provide them with everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organisations.
Media professionals can register for unrestricted access to research across IT, HR, and software and over 200 IT and Industry analysts through the ITRG Media Insiders Program. To gain access, contact email@example.com.
Media Contact: Sufyan Al-Hassan, PR Manager, Info-Tech Research Group, firstname.lastname@example.org
SOURCE Info-Tech Research Group