Logpoint 2023 predictions: The year of the business-driven CISO
December 2022 by Logpoint
Logpoint has released its predictions for 2023, foreseeing that CISOs will face daunting challenges amidst global economic uncertainty and comprehensive new cybersecurity legislation focusing more on businesses’ cybersecurity practices. According to Logpoint CTO Christian Have, cybersecurity now has the attention of the C-suite, but CISOs need to up their game.
2023 is the year CISOs will be empowered – and forced – to address cybersecurity from a business perspective. “Adversaries don’t care about risk assessments, nor does the stock market, says Christian Have. “CISOs must ensure that the organization can protect against real threats and prove it to the C-suite, demanding more cybersecurity than ever due to the NIS2 directive and grim economic outlooks.”
Christian Have predicts 5 major developments in Cybersecurity in the coming year:
1. The CISO caught between a rock and a hard place
The new EU NIS2 directive demands that many organizations strengthen security significantly, while a looming recession will make the C-suite eager to save costs where possible. “The CISOs capable of measuring cyber risk and how effective the cybersecurity setup is in a meaningful way for the C-suite and the technical staff will win,” says Christian Have.
2. End-to-end technology leads the CISO out of the dark
Cybersecurity teams manage a growing portfolio of security technologies, but it’s difficult to measure the efficacy and provide confidence in coverage. “Converging breach and attack simulation with detection, endpoint protection, and attack surface management can lead the CISO out of the dark in 2023, uncovering broken processes and shadow IT,” says Christian Have.
3. Security teams embrace automation
In 2023, Logpoint expects that security teams will start taking advantage of automation - especially in the mid-market and the ability to assess automation components by meta-analysis. “The meta-analysis will help drive the CISOs agenda with the C-suite to make the right decisions,” says Christian Have. “It’ll make it easier for CISOs to report to the C-suite about general cybersecurity performance."
4. Cybersecurity technology will protect business-critical systems
Logpoint sees CISOs empowered to address the security limitations of business-critical systems such as SAP, Oracle, and Salesforce in 2023. "Applying cybersecurity technologies to business-critical systems will enable the CISO to ensure that invaluable information, such as intellectual property and data about customers, suppliers, and employees, will stay protected and that the organization complies with regulations."
5. The XDR bubble will burst
In 2022, Extended Detection and Response (XDR) reached the "peak of inflated expectations" on Gartner’s Hype Cycle for Security Operations. In 2023, Logpoint expects CISOs to become increasingly skeptical of XDR, moving XDR towards the "trough of disillusionment”. “CISOs will learn that XDR doesn’t solve all their cybersecurity problems and cannot stand alone. Even though mid-tier enterprises might still consider XDR to cover specific use cases, they’ll soon recognize the need for a broader foundation,” says Christian Have.