Protection matters

2023 Cybersecurity trends: zoomed in on SMBs

5 Minutes reading

In the dynamic world of digital security, each year is filled with rapid developments and unclear expectations of what’s to come in the future. How will the rise of collaboration apps affect business security? And do social media apps represent a key part of the new workspace? Find out what to expect in the upcoming months.

Is securing hybrid work a question of the past? Not yet

More than a year after the peak of the Covid-19 pandemic, which forced most employees to work from home, most companies still support partial or full-time remote work. Even though remote or hybrid work is not a brand-new concept, many businesses still need to fully prepare for all the security-related implications of this work regime. As a result, companies should continue developing their security strategies to fit the hybrid workplace, paying extra attention to areas such as remote access policies or cloud and SaaS improvements.

 

The cyber-insurance sphere must keep up with ransomware developments

Ransomware is becoming more common – and expensive. This development affects a multitude of sectors, including the insurance sphere. As ESET Chief Security Evangelist Tony Anscombe warns, ransomware alone might cost the world $265 billion by 2031. As a result, it is unavoidable that premium cyber insurance will become more costly in the upcoming year. Apart from the changes in cost, insurance firms will also demand more detailed information about the company before providing them with insurance.  

The Internet of Things will need better protection from cybercrime

The Internet of Things area is rapidly developing as IoT solutions are getting implemented into a wide variety of businesses. This trend was also recently enhanced by rapid growth in energy costs, which motivates companies to implement new IoT-related solutions, such as energy usage apps and smart meters. Unfortunately, many businesses have yet to tackle the security requirements and risks that come along with using IoT products, thus inviting cybercriminal activity. To illustrate, a recent survey found that 82% of healthcare organisations experienced an IoT-focused cyberattack. In 2023, companies will also need to focus on threat detection and prevention, cautiously observe all anomalies related to their IoT assets, and prepare developed security incident response plans to deal with any issues quickly and effectively.

Advanced security without additional staffing

MDR (Managed Detection and Response) and XDR (Extended Detection and Response) services used to be a step only taken by those companies who firmly believed they have all other security gaps covered. In the following months, however, we can expect that the number of businesses adopting these tools will continue to rise, as they enable better threat analysis without the need for hiring additional cybersecurity experts. The development of MDR and XDR’s popularity is paralleled by the trend of automation becoming more commonly used for incident response. Overall, companies are now searching for solutions that benefit their security without putting any additional stress on the employees.

33% of companies plan to use them in the next 12 months. 32% of companies currently use them. 11% of companies would consider using them in the next 2 years.  Source: 2022 ESET SMB Digital Security Sentiment Report

Discussing work through collaboration apps? A trend that is here to stay 

Tony Anscombe further points out that professional communication is migrating to cooperative apps, such as Teams and Slack. With this change, work ethic in many businesses is also transforming from strictly professional to more relaxed and friendly. However, when the strict atmosphere of a workplace subsides, some employees may let their guard down and be less attentive to security requirements. There are risks that come along with the shift toward informality, including, for instance, unsafe file sharing. While collaboration apps may support team productivity, they are also becoming increasingly popular targets of cybercriminals, who use them as channels for their malicious attempts, including scam and phishing threats.

The app claims to reduce the need for emails by 32% and meetings by 27%. Slack reports over 12 million daily users. An average user is on the app for at least 10 hours a week. Slack is used by over 100,000 organizations worldwide.  Source: ESET’s Cybersecurity Trends 2023: Securing Our Hybrid Lives report

Finding a job on a dating app? Why not!

According to ESET Security Writer André Lameiras, the line between work and pleasure is continuously blurring. As a result, social media apps, which were primarily intended for personal profiles and communication between friends, are now gaining a professional dimension. For instance, Facebook offers a Marketplace feature, which enables both individual users and businesses to sell their goods. Since 2022, people can also change their personal Facebook profiles to a professional mode. Keeping up with the trend, Bumble, a well-known dating app, offers a Bizz mode, which facilitates professional meetings. These changes, however, represent a potential security danger. To respond to the risks and maintain their cyber-safety in the future, businesses need to use apps that encrypt their data, stop providing configuration profiles to their employees and establish functional Bring Your Own Device (BYOD) policies.

How can online games interfere with our everyday hybrid lives? And did the success of productivity apps bring about any security risks? Find out more in ESET’s Cybersecurity Trends 2023: Securing Our Hybrid Lives report.