Theme briefing

The state of cybersecurity in 2023

Credit: Bert van Dijk/Getty images.

Powered by

The tech industry is experiencing significant upheaval. Big Tech has made mass layoffs to cut costs, and cybersecurity companies are not immune. However, while IT budgets face scrutiny as companies cut discretionary spending, cybersecurity will remain a priority.

State-sponsored cyberattacks are likely to increase in 2023. The Russian invasion of Ukraine, a continuing trade war between the US and China, and high-profile elections are all catalysts for state-sponsored attacks. 

Attacks on critical national infrastructure and supply chains will also increase in 2023. These are highly effective at causing large-scale disruption and long-lasting financial impact. For instance, in February 2023, US chipmaking equipment supplier MKS Instruments was affected by a ransomware attack that cost over $200m in lost and delayed sales. 

Remote working has remained popular post-pandemic, causing a distributed workforce and increasing risks. In 2023, more companies will work to adopt a zero-trust architecture and secure distributed endpoints to contain attacks and protect the entire corporate network. Companies like Google have already adopted a zero-trust architecture, while the US federal government is in the midst of a multi-year migration to zero trust. Other companies will follow this lead to support remote working.

Market size and growth forecasts

According to GlobalData forecasts, the global cybersecurity market will be worth $334bn by 2030, having grown at a compound annual growth rate (CAGR) of 10% between 2022 and 2030. Software-based cybersecurity products will be the largest market segment, contributing 44% of total revenue in 2030, with services accounting for 39%. 

Managed security services revenues will be the largest single market segment in 2030. Revenues will increase by a CAGR of 11.4% between 2022 and 2030, reaching $135bn in 2030. Managed security services refer to services that have been outsourced to an external vendor or supplier. Companies facing a cybersecurity skills gap and a growing threat will increasingly outsource security services to external experts. 

The next largest market segment will be identity and access management products. Revenues will increase at a CAGR of 11% between 2022 and 2030, reaching $35 billion by the end of the period. The rise in cloud computing and distributed workforces makes identity and access management a key preventative security measure as, according to Verizon’s 2022 Data Breach Investigations Report, 82% of all data breaches involve a human element, such as phishing or the use of stolen credentials.

Threat actors

The cybersecurity landscape is complex. Today’s always-connected world offers many opportunities for cyberattackers to disrupt countries, organisations, and individuals. The table below shows the four main types of threat actors – thieves, hacktivists, terrorists, and other malicious players.

Types of cyberattack

Cyberattacks can be split into two types: un-targeted or targeted.

Un-targeted cyberattacks 

In un-targeted attacks, attackers will target as many devices, services, or users as possible. There is little direct interest in the victim because there will always be several machines or services with vulnerabilities. Attackers typically use techniques that take advantage of the internet's openness. These include: 

▪ Phishing: This is the practice of sending fraudulent messages to large numbers of people asking for sensitive information (such as bank details) or encouraging them to visit a fake website. 

▪ Malware: Malware, short for malicious software, refers to any intrusive software developed by cybercriminals to steal data and damage or destroy computers and computer systems. Examples of common malware include viruses, worms, spyware, adware, and ransomware. 

▪ Water holing: This refers to setting up a fake website or compromising a legitimate one to exploit visiting users. 

▪ Zero-day exploits: When an attack targets a security flaw previously unknown to the software vendor or security provider. Typically, an attacker will probe a system until they discover a vulnerability. If it has never been reported, it is a zero-day flaw because developers have had zero days to fix it. Taking advantage of the security flaw is a zero-day exploit, which often compromises the target system. Zero-day vulnerabilities could exist for years before they are discovered. 

Phishing continues to be popular due to its simplicity and effectiveness. It targets the weakest link in the security chain: the user. Phishers usually masquerade as trustworthy entities. According to Verizon’s 2022 Data Breach Investigations Report, 82% of all data breaches involve a human element, such as phishing or using stolen credentials. 

Phishing is successful because users face an information overload, making them less able to spot attacks. Cybercriminals are resourceful when deceiving users by crafting content and evading detection patterns. Cybercriminals also take advantage of the information users share about themselves through social media to create tailored and more authentic messages.  

Despite all the warnings, users still possess insufficient knowledge about phishing, its use to deliver ransomware, and the best practices to deal with unknown threats. In addition, many users are simply not sufficiently sceptical when receiving requests to transfer funds, open attachments, or provide sensitive information. Even worse, some organisations do not include user training and awareness in their defence strategy. 

Malware attacks can exfiltrate data in mass amounts. One of the most concerning types of malware is ransomware, which encrypts files on a device, rendering them and the systems that rely on them unusable. Cybercriminals then demand ransom in exchange for decryption. 

Ransomware has been used in several high-profile attacks and is the most concerning type of cyberattack for business leaders. A ransomware attack can cause a significant loss of revenue and can paralyze an organisation. The 2022 Cybereason report, Ransomware: The True Cost to Business, revealed that 73% of organisations surveyed suffered at least one ransomware attack in 2022. 

The increased complexity of ransomware attacks and the addition of measures designed to turn the screw on reluctant payers, such as pre-emptive early data exfiltration, demonstrate that cybercriminals are operating from a position of strength.  

There is a link between frequently seen threat types, particularly phishing and ransomware. Phishing is the number one delivery vehicle for ransomware. Phishing emails are easy to send and yield a faster return on investment for a cybercriminal enterprise. As part of social engineering schemes, phishing lures victims into executing actions without realising the malicious intent. The less aware the targeted user is, the more fruitful the attack. Likewise, in the case of targeted attacks, phishing emails are created to look like they come from a trustworthy sender but link to or contain malicious content that executes as soon as users click it, encrypting their data and demanding a ransom.

Targeted cyberattacks 

In a targeted attack, an organisation is identified because the attacker has a specific interest in its business or has been paid to target it. Planning the attack could take months as hackers look for the best route to deliver exploits directly to an organisation’s systems (or users). A targeted attack is usually more damaging than an un-targeted one because it has been specifically tailored to attack systems, processes, or personnel. 

There are three main types of targeted cyberattacks: 

  • Spear-phishing attack: Sending messages to targeted individuals with an attachment containing malicious software or a link that downloads malicious software. 
  • Distributed denial of service (DDoS) attack: A coordinated attack in which multiple connected machines in a botnet, usually infected with malware or otherwise compromised to co-opt them into the attack, flood a network, server, or website with data, causing it to crash. 
  • Supply chain attack: An attack in which threat actors compromise enterprise networks using connected applications or services owned or used by outside partners, such as suppliers. The outside provider has already been granted the rights to use and manipulate areas of a company’s network, applications, or sensitive data, so the attacker only has to either penetrate the third party’s defences or program a loophole into a solution offered by a vendor to infiltrate the system. 

Organisations’ technical complexity breeds vulnerability. Every organisation has an array of devices, networks, platforms, and infrastructure, and this complexity creates vulnerabilities. The move to remote working due to the pandemic added widespread use of collaboration tools to a mix that already included operating systems, identity and access management, multi-factor authentication, virtual machines, containers, applications, databases, storage, and middleware. The enterprise of today is complex, and a perfect environment for hackers.

GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article. 

GlobalData’s Thematic Intelligence uses proprietary data, research, and analysis to provide a forward-looking perspective on the key themes that will shape the future of the world’s largest industries and the organisations within them.

07/01/2024 17:15:17
  • Home | Cyber risk is higher than ever
  • Contents
  • Foreword
  • The state of cybersecurity in 2023
  • The history of cybersecurity
  • Pharma
  • The impact of cybersecurity on the pharmaceutical industry
  • Case studies: cybersecurity in the pharmaceutical industry
  • Latest news: cybersecurity in pharma
  • Q&A with GlobalData thematic analyst
  • Key cybersecurity trends in Pharma
  • Cybersecurity in pharma: securing the future
  • Deal activity related to cybersecurity in the pharmaceutical industry since 2018
  • Cybersecurity hiring trends in the global pharmaceutical industry since 2020
  • Cybersecurity patent applications in the global pharma industry since 2020
  • Medical
  • Mentions of cybersecurity in pharma industry company filings since 2020
  • The impact of cybersecurity on the medical device industry
  • Case studies: cybersecurity in the medical device industry
  • Latest news: cybersecurity in medical devices
  • Q&A with GlobalData thematic analyst
  • Cybersecurity: building resilience into the medical device market
  • Cybersecurity innovation: leading companies in patient identification and access
  • Deal activity related to cybersecurity in the medical devices industry since 201
  • Cybersecurity hiring trends in the medical devices industry since 2020
  • Cybersecurity patent applications in the global medical devices industry since 2
  • Mentions of cybersecurity in medical device industry company filings since 2020
  • GlobalData Thematic Intelligence
  • Mining
  • The impact of cybersecurity on the mining industry
  • Case studies: cybersecurity in the mining industry
  • Q&A with GlobalData thematic analyst
  • Lessons learned from Rio Tinto’s massive cyber-attack
  • Leading mining companies in the cybersecurity theme
  • Deal activity related to cybersecurity in the mining industry since 2018
  • Cybersecurity hiring trends in the global mining industry since 2020
  • Cybersecurity patent applications in the global mining industry since 2020
  • Mentions of cybersecurity in mining industry company filings since 2020
  • Steuler KCH Australia
  • Steuler KCH Australia Company Insight
  • Power
  • The impact of cybersecurity on the power industry
  • Case studies: cybersecurity in the power industry
  • Zero-trust cybersecurity – decentralised risk, everyone’s consequence
  • Cybersecurity innovation: Leading companies in power distribution system modelling
  • Leading power companies in the cybersecurity theme
  • Deal activity related to cybersecurity in the power industry since 2018
  • Cybersecurity hiring trends in the power industry since 2020
  • Cybersecurity patent applications in the global power industry since 2020
  • Mentions of cybersecurity in power industry company filings since 2020
  • Oil & Gas
  • The impact of cybersecurity on the oil and gas industry
  • Case studies: cybersecurity in the oil and gas industry
  • Latest news: cybersecurity in oil and gas
  • Q&A with GlobalData thematic analyst   
  • Risks, rackets and ransoms: the dark side of cybersecurity threats
  • Cybersecurity innovation: leading companies in VPN tunnelling for the oil and ga
  • Leading oil and gas companies in the cybersecurity theme
  • Deal activity related to cybersecurity in the oil and gas industry since 2018
  • Cybersecurity hiring trends in the global oil and gas industry since 2020
  • Cybersecurity patent applications in the global oil and gas industry since 2020
  • Mentions of cybersecurity in oil and gas industry company filings since 2020
  • Defence
  • The impact of cybersecurity on the defence industry
  • Case studies: cybersecurity in the defence industry
  • Military cyber security considerations moving to the fore
  • Q&A with GlobalData thematic analyst
  • Maximising cyber capabilities: US DoD's 2023 cyber strategy takes shape
  • Leading defence companies in the cybersecurity theme
  • Deal activity related to cybersecurity in the aerospace & defence industry since 2018
  • Cybersecurity hiring trends in the aerospace & defence industry since 2020
  • Cybersecurity patent applications in the global aerospace & defence industry since 2020
  • Mentions of cybersecurity in aerospace & defence industry company filings since
  • Sponsorship opportunities
  • Packaging
  • The impact of cybersecurity on the packaging industry
  • Case studies: cybersecurity in the packaging industry
  • Latest news: cybersecurity in packaging 
  • Q&A with GlobalData thematic analyst
  • Safeguarding the packaging sector against cyber threats
  • Avery Dennison takes leading role in cybersecurity
  • Deal activity related to cybersecurity in the packaging industry since 2018
  • Cybersecurity hiring trends in the packaging industry since 2020
  • Cybersecurity patent applications in the global packaging industry since 2020
  • Mentions of cybersecurity in packaging industry company filings since 2020
  • Auto
  • The impact of cybersecurity on the auto industry
  • Case studies: cybersecurity in the auto industry
  • Latest news: cybersecurity in the auto industry
  • Problematic paywalls, dissatisfied customers and rising cyber-threats
  • Cybersecurity innovation: leading companies in vehicle anti-theft systems
  • Deal activity related to cybersecurity in the automotive industry since 2018
  • Cybersecurity hiring trends in the automotive industry since 2020
  • Cybersecurity patent applications in the global automotive industry since 2020
  • Mentions of cybersecurity in automotive industry company filings since 2020
  • Food
  • The impact of cybersecurity on the consumer goods industry
  • Case studies: cybersecurity in the consumer goods industry
  • Latest news: cybersecurity in food
  • Leading consumer goods companies in the cybersecurity theme
  • Cybersecurity hiring trends in the food industry since 2020
  • Cybersecurity patent applications in the global food industry since 2020
  • Mentions of cybersecurity in food industry company filings since 2020
  • Apparel
  • The impact of cybersecurity on the apparel industry
  • Case studies: cybersecurity in the apparel industry
  • Latest News: cybersecurity in apparel
  • Fashion sector digitisation demands greater cybersecurity
  • Cybersecurity hiring trends in the apparel industry since 2020
  • Cybersecurity patent applications in the global apparel industry since 2020
  • Mentions of cybersecurity in apparel industry company filings since 2020
  • Next issue
06/30/2023 00:00:00