Next year security professionals will have to deal with major insider risks | Techno Glob

In 2023, as organizations chart their growth path, they must face cybersecurity, risk and privacy challenges from external forces, such as evolving attacker tactics and market dynamics, as well as internal forces, enabling work anywhere and the future of the office. .

One thing is certain: 2023 will set risk management savvy apart from the rest. Forrester estimates that:

  • A C-level executive will be fired for using his firm to supervise employees. With work anywhere, some employers have turned to electronic monitoring to track employee productivity. These efforts may violate data protection laws such as GDPR. In 2022, newly enacted laws in New York and Ontario, Canada mandate actions and policies that employers must implement when deploying employee monitoring. In 2023, expect lawmakers to pay more attention to workplace surveillance, such as more employee feedback and organizing in response to union strikes and surveillance, as in a proposed accountability bill in California. A heavy-handed approach to employee monitoring and lack of consideration for employee privacy will backfire.
  • A Global 500 firm will be exposed for burning out its cyber security staff. Security forces are already understaffed. A 2022 study found that 66% of security team members experience significant stress at work and 64% say work stress affects their mental health. Large incidents expect staff to be available 24/7, stay on top of every risk and deliver results within a limited time frame, and face pressure when asking for a budget. In 2022, burnout led to hospitalizations and even deaths of technical staff in Australia and China. Overburdened security teams will not be immune. As tech whistleblowers come out with a bang, a safety worker will come forward about unsafe work conditions in 2023.
  • At least three cyber insurance providers will acquire a managed detection and response (MDR) provider. Although cyber insurance carriers will introduce stricter underwriting processes, increased premiums and reduced coverage in 2022, the blind spot still exists. Forrester expects insurers to move aggressively toward cybersecurity by acquiring more MDR providers in 2023, with Acrisure continuing a trend that began in 2022. These MDR acquisitions will give insurers: 1) high-value data about attacker activity to refine underwriting guidelines; 2) unparalleled visibility into the policyholder environment; and 3) the ability to verify authentications. Such moves will change cyber insurance market dynamics and requirements for coverage and pricing.

To gain more insight, Register to attend Forrester’s Security & Risk Forum this month.

This post was written by Principal Analyst Heidi Shay and originally appeared on here.

Source link