Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below.
We recently updated our Terms and Conditions for TechRepublic Premium. By clicking continue, you agree to these updated terms.
Invalid email/username and password combination supplied.
An email has been sent to you with instructions on how to reset your password.
You will also receive a complimentary subscription to TechRepublic’s News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.
All fields are required. Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces).
Top cybersecurity threats for 2023
Your email has been sent
Next year, cybercriminals will be as busy as ever. Are IT departments ready?
Going into 2023, cybersecurity is still topping the list of CIO concerns. This comes as no surprise. In the first half of 2022, there were 2.8 billion worldwide malware attacks and 236.1 million ransomware attacks. By year end 2022, it is expected that six billion phishing attacks will have been launched.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
Here are eight top security threats that IT is likely to see in 2023.
Malware is malicious software that is injected into networks and systems with the intention of causing disruption to computers, servers, workstations and networks. Malware can extract confidential information, deny service and gain access to systems.
IT departments use security software and firewalls to monitor and intercept malware before it gains entry to networks and systems, but malware bad actors continue to evolve ways to elude these defenses. That makes maintaining current updates to security software and firewalls essential.
Ransomware is a type of malware. It blocks access to a system or threatens to publish proprietary information. Ransomware perpetrators demand that their victim companies pay them cash ransoms to unlock systems or return information.
So far in 2022, ransomware attacks on companies are 33% higher than they were in 2021. Many companies agree to pay ransoms to get their systems back, only to be hit again by the same ransomware perpetrators.
Ransomware attacks are costly. They can damage company reputations. Many times ransomware can enter a corporate network through a channel that is open with a vendor or a supplier that has weaker security on its network.
One step companies can take is to audit the security measures that their suppliers and vendors use to ensure that the end-to-end supply chain is secure.
Almost everyone has received a suspicious email, or worse yet, an email that appears to be legitimate and from a trusted party but isn’t. This email trickery is known as phishing.
Phishing is a major threat to companies because it is easy for unsuspecting employees to open bogus emails and unleash viruses. Employee training on how to recognize phony emails, report them and never open them can really help. IT should team with HR to ensure that sound email habits are taught.
In 2020, 61% of companies were using IoT, and this percentage only continues to increase. With the expansion of IoT, security risks also grow. IoT vendors are notorious for implementing little to no security on their devices. IT can combat this threat by vetting IoT vendors upfront in the RFP process for security and by resetting IoT security defaults on devices so they conform to corporate standards.
If your organization is looking for more guidance on IoT security, the experts at TechRepublic Premium have put together an ebook for IT leaders that is filled with what to look out for and strategies to deal with threats.
Disgruntled employees can sabotage networks or make off with intellectual property and proprietary information, and employees who practice poor security habits can inadvertently share passwords and leave equipment unprotected. This is why there has been an uptick in the number of companies that use social engineering audits to check how well employee security policies and procedures are working. In 2023, social engineering audits will continue to be used so IT can check the robustness of its workforce security policies and practices.
An IBM 2022 study found that 35% of companies were using AI in their business and 42% were exploring it. Artificial intelligence is going to open up new possibilities for companies in every industry. Unfortunately, the bad actors know this, too.
Cases of data poisoning in AI systems have started to appear. In a data poisoning, a malicious actor finds a way to inject corrupted data into an AI system that will skew the results of an AI inquiry, potentially returning an AI result to company decision makers that is false.
Data poisoning is a new attack vector into corporate systems. One way to protect against it is to continuously monitor your AI results. If you suddenly see a system trending significantly away from what it has revealed in the past, it’s time to look at the integrity of the data.
Organizations are adopting new technology like biometrics. These technologies yield enormous benefits, but they also introduce new security risks since IT has limited experience with them. One step IT can take is to carefully vet each new technology and its vendors before signing a purchase agreement.
How much security is enough? If you’ve firewalled your network, installed security monitoring and interception software, secured your servers, issued multi-factor identification sign-ons to employees and implemented data encryption, but you forgot to lock physical facilities containing servers or to install the latest security updates on smartphones, are you covered?
There are many layers of security that IT must batten down and monitor. IT can tighten up security by creating a checklist for every security breach point in a workflow.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Top cybersecurity threats for 2023
Your email has been sent
Your message has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
Windows 11 gets an annual update on September 20 plus monthly extra features. In enterprises, IT can choose when to roll those out.
Edge AI offers opportunities for multiple applications. See what organizations are doing to incorporate it today and going forward.
This is a complete guide for Apple’s iPadOS. Find out more about iPadOS 16, supported devices, release dates and key features with our cheat sheet.
Discover data intelligence solutions for big data processing and automation. Read more to explore your options.
Whether you are a Microsoft Excel beginner or an advanced user, you’ll benefit from these step-by-step tutorials.
Keeping up with the latest in technological innovations requires a persistent pursuit of knowledge and understanding. The twenty-five concepts defined in this quick glossary will help you better understand hybrid cloud technology and how it can benefit your enterprise. From the glossary When cloud computing was first introduced as a potential strategy for deploying information …
Edge computing is an architecture intended to reduce latency and open up new applications. The terms around it can be fluid, but are helpful to know. From the glossary’s introduction: Edge computing is an architecture which delivers computing capabilities near the site where the data is used or near a data source. In an idealized …
This document helps make sure that you address data governance practices for an efficient, comprehensive approach to data management. This checklist from TechRepublic Premium includes: an introduction to data governance, a data governance checklist and how to manage a data governance checklist. From this checklist’s introduction: Data governance is the process by which an organization …
Recruiting a Scrum Master with the right combination of technical expertise and experience will require a comprehensive screening process. This hiring kit provides a customizable framework your business can use to find, recruit and ultimately hire the right person for the job. This hiring kit from TechRepublic Premium includes a job description, sample interview questions …