6 Experts Share the #1 Cybersecurity Threat that Businesses Face in 2023

Written By Victor Cheung

Cyber threats are constantly evolving, and the cyber crimes have skyrocketed as the workforce becomes more remote. The degree of impact of a cyber attack should not be underestimated. The impact can range from minor disruptions to major financial losses enough to bring a business to its knees.

To give you a better idea of the potential cybersecurity threats that businesses face in 2023, we asked 5 industry experts for their insights to help us better navigate through the growing cyber threats that businesses face.

TABLE OF CONTENTS

  1. The Continued Use of Passwords is the #1 Cybersecurity Threat

  2. Social Engineering Remains Biggest Threat

  3. Crime "as-a-Service" Platforms will be the Biggest Threat

  4. The Weakest Vector that Attackers Continue to Target is the Human User

  5. Ransomware will Remain as the Biggest Threat

  6. Lack of Data Security Remains the Biggest Risk

How Mamori.io can Cybersecure Your Business

The Continued Use of Passwords is the #1 Cybersecurity Threat

Frank W. Abagnale

Frank Abagnale is one of the world’s most respected authorities on forgery, embezzlement, secure documents, cybercrime, and scams. For 45 years he has worked with, advised, and consulted with hundreds of financial institutions, corporations, and government agencies around the world.

“The number one cybersecurity threat businesses face in 2023 is the continued use of… passwords.  You do not have to live with passwords anymore, as practically every browser supports now a passwordless technology.  Switching to passwordless logins, such as Passkeys, will help make the system phishing-resistant as well as smoother to operate for end users.” -Frank W. Abagnale

Social Engineering Remains Biggest Threat

Roger Grimes - Data-Driven Defense Evangelist

Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.

"The number one threat next year is the same number one threat that has been the consistent number one threat since the beginning of computers: social engineering. Social engineering and phishing are involved in 70% to 90% of all successful cyberattacks and will continue to be so into the foreseeable future. No other root cause comes close. Unfortunately, almost every organization spends less than 5% of their IT/IT security resources to fight it. It is that huge misalignment between the risk and the mitigations that allows hackers and malware to be so continued successful. Every organization would do themselves a great benefit to develop their best defense-in-depth mitigations, including policies, technical defenses, and education, to put down social engineering. No other single defensive action would do more to reduce cybersecurity risk. Organizations that understand this fact and work best to fight social engineering will do the best against hackers and malware; and vice-versa." -Roger Grimes

Crime "as-a-Service" Platforms will be the Biggest Threat

Adam Levin

Adam K. Levin is a consumer affairs advocate and serial entrepreneur with more than 40 years of experience. He is a nationally recognized expert on cybersecurity, privacy, identity theft, fraud, and personal finance. At age 27, Levin became the youngest Director in the history of the New Jersey Division of Consumer Affairs — one of the most powerful consumer protection agencies in the U.S. He is a graduate of Stanford University and the University of Michigan School of Law.

“The number one security threat in 2023 will be all of the crime “as-a-service” platforms. Criminals are using increasingly sophisticated software created by threat actors and sold on a subscription basis to scam consumers and businesses alike.

“As a service” software allows anyone, regardless how tech savvy, to conduct phishing, ransomware, distributed denial of service and other cyber-attacks. Phishing and ransomware are the most common “as a service” crimeware.

In 2023, criminal software enterprises will continue to threaten enterprises of any size. The cybercrime syndicates behind these services are likely to grow in 2023 since they can make more money enabling entry-level cyber criminals to commit crimes than they can directly targeting victims, and with less risk.

The increased threat posed by “as-a-service” attacks to businesses can be mitigated with regular cyber security training, penetration testing, the use of multifactor authentication and implementation of zero-trust architecture.” -Adam Levin

 

The Weakest Vecor that Attackers Continue to Target is the Human User

Ian Moyse

Ian Moyse, has over 30 years of experience in the IT Sector, with nine of these specialising in security, 12 in cloud and over 23 years of channel experience and is a fellow of the Institute of Sales Management (ISM) and member of the Association of Professional Sales (APS).

"Despite the plethora of attack vectors and rebutting technologies, the weakest vector that the attackers continue to target is the human user. Business users comprise of a wide mix of roles and levels of experience and IT literacy and few are security experts. The attackers are far more sophisticated than the average user and are certainly motivated financially to be so.  Technology and security tools have a need to protect the average user from themselves, from being accessible to the attacker and from being able to fall for the attackers attempts to covertly fool them. Educating users repeatedly to the threats goes one step, but we need to go 5 steps further to ensure that users do not fall prey, especially in a now often 'work from home' more relaxed working mindset.” -Ian Moyse

Ransomware will Remain as the Biggest Threat

Rafay Baloch

Rafay Baloch, is a Pakistan ethical hacker and security researcher known for his discovery of vulnerabilities on the Android operating system. He has been featured and known by both national and international media and publications like Forbes, BBC, The Wall Street Journal, and The Express Tribune.

Ransomware will remain the most prevalent global cyber threat for businesses throughout 2023. Threat vectors exploited by these operators would mainly be Spear Phishing or targeting unpatched systems through 1-day exploits. Ransomware operators will continue to target the Financial, logistics and health sector along with other less regulated sectors. In addition to it, Ransomware operators will increasingly go after individual victims of a breach, as seen in the case of breach of Vastaamo, a Finnish private psychotherapy service that was hacked in 2020.

Lack of Data Security Remains the Biggest Risk

Omar Masri

Omar Masri is a software entrepreneur, founder and CEO of Mamori.io, which helps businesses overcome the cost and complexities of cybersecurity – preventing attacks, meeting compliance and cyber insurance requirements. He is also a director of a data migration and security services company and is co-incubating a non-emergent transport services startup.

“The biggest cybersecurity threat that businesses face in 2023 is the business risk of losing data, which includes data loss and data theft. Not only do they disrupt operations and damage the brand, both of which result in loss of revenue, businesses could face a hefty fine imposed by their government if they failed to keep their data safe. For instance, a business suffering from a ransomware attack might have to pay both the ransom and government fines if the stolen sensitive data was exposed. The fines could be the last straw that completely crushes the business.

Worse, there's currently a market that buys and sells illegally obtained data, similar to a pawn shop for stolen goods. More and more employees or insiders are stealing their company data and selling them (which is especially true in the medical industry).

These are the reasons why companies who don't invest in data security will get hammered in 2023. Their data are equivalent to golden nuggets lying on the ground waiting to be picked up by cybercriminals. Mamori.io helps cyber-secure businesses so they are no longer the soft target.” -Omar Masri

How Mamori.io Cybersecures Your Business

Mamori.io has a free, all-in-one cybersecurity solution that protects your network, database, and applications. If you have a firewall and endpoint security implemented, Mamori is the ONLY solution you’ll need to achieve cyber resilience.

With our free solution, not only do you pay nothing for licenses, your overall training and implementation cost is minimal because our solution is extremely easy to implement and configure.

Additionally, we offer cybersecurity services for businesses that lacks the time and expertise to deploy cybersecurity solutions. We can help deploy our all-in-one cybersecurity solution on your infrastructure (self-hosted) or on our infrastructure (as a managed service). This is ideal for businesses who don’t have the expertise or time to deal with all the cybersecurity complexities, such as implementation, maintenance, and monitoring.  

If you’re a small business concerned with cybersecurity cost, deployment and maintenance, Mamori.io is your best option. Get started by requesting your free license here.

Victor Cheung

Victor has worked in the data protection and B2B SaaS industry for over 16 years. His passion is to help startups grow, and he was formerly involved in projects funded by Toba Capital and Frost Ventures.

Previous

PAM for Cybersecurity: Strengths, Flaws, and a Better Approach
Next

Cost Breakdown to Fully Cyber Secure Your Business