close
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
          Experience Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            Netskope debuts as a Leader in the Gartner® Magic Quadrant™ for Single-Vendor SASE
              Securing Generative AI for Dummies
              Securing Generative AI for Dummies
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Modern Data Loss Prevention (DLP) for Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Modern SD-WAN for SASE Dummies Book
                  Modern SD-WAN for SASE Dummies
                  Stop playing catch up with your networking architecture
                    Understanding where the risk lies
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                            Netskope GovCloud
                            Netskope achieves FedRAMP High Authorization
                            Choose Netskope GovCloud to accelerate your agency’s transformation.
                              Let's Do Great Things Together
                              Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Netskope Technical Support
                                  Netskope Technical Support
                                  Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    Netskope video
                                    Netskope Training
                                    Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.

                                      What We See for 2023—Predictions for Cloud Security & Beyond

                                      Nov 17 2022

                                      As the new year draws closer, we’ve asked our experts here at Netskope to see what they have on their radar for 2023. Similar to years past, we’ve broken these predictions out into “Long Shots,” more out-there predictions we think could potentially happen in the next year, and “Trending Topics,” predictions around topics you may have seen discussed a bit this year but digging into how we expect them to evolve. Here’s what our experts see for 2023:

                                      Long Shots

                                      Preparing for a “quantum” world

                                      Organisations will start to prepare for a quantum world in 2023. During 2022, guidelines and standards were made available for quantum-resistant algorithms, and this means organisations need to start thinking about things like post-quantum cryptography challenges. While it’s a way off, regulatory groups like NIST and ENISA are urging organisations to start their programs now to make sure they are prepared. -Neil Thacker, CISO, EMEA

                                      Omnidirectional risk analysis for supply chain visibility

                                      Inventories of publicly exposed assets or services used to define attack surface can be measured and evaluated to collect a variety of data points that can help paint a picture of risk, highlight patterns of hygiene, or even provide corollary information that a new market, product, or business geography may be introducing new risks that aren’t in plain sight. Marrying deeply contextual business data (workforce/financial/geographic/etc) to other data that is reflective of cyber & digital risks in existing operating environments and that of their business supply chain (3rd/4th/5th party risks) will provide an opportunity for innovation in risk management, with new risks emerging as a result of this analysis. -Nate Smolenski, CISO, Head of Cyber Intelligence Strategy

                                      The rise of “confidential computing”

                                      Confidential computing is a rising industry initiative around securing sensitive data and applications, running them in secure environments to prevent unauthorized access. While the technology is still in its nascency, I think we will see confidential computing gain significant impetus as organizations re-evaluate their technology and security stack, and will become a key investment focus in most security/technology budgets in either 2023 or 2024. -David Fairman, CSO APAC

                                      Credential attacks abusing OAuth will go beyond just phishing attacks.

                                      Attackers continue to see the benefits that come from abusing OAuth in attacks, whether that’s  the ability to bypass MFA, permanent access, and taking advantage of lagging security controls. But in 2023 they will move beyond just phishing and begin to include brute-force attacks, token theft, and SSO attacks. As a result, organizations should start to become more proactive and aware of the risk posed by the surprising number of third-party cloud apps in their environments that have implicit access paths to sensitive data, as a result of dynamic access granted to end-users via OAuth. We will likely see vendors start to respond with basic detection and preventative controls but continue to lag behind attacker techniques –Jenko Hwong, Principal Engineer, Netskope Threat Labs

                                      Attitudes toward the “industrial metaverse” will begin to shift

                                      Our collective attitudes towards the “industrial metaverse“ will begin to shift in 2023. Instead of being seen as something esoteric, we will see wider recognition that its key components—the digital shop floor (used interchangeably as a “digital twin“ by some) in combination with supply chain automation and optimisation through AI/ML models—are real and relevant, bringing new cybersecurity challenges with it. And with this new attitude toward the industrial metaverse comes the opportunity to drive a deep technological shift as a business change initiative. -Ilona Simpson, Chief Information Officer, EMEA

                                      Coming out of the pandemic offers the opportunity for community over tribalism on the internet

                                      The original internet abhorred tribalism; today’s internet enforces it. Institutions of flesh and steel seek to impose their strictures of physicality on humanity’s capacities to speak anywhere and to listen everywhere. Does this mean we are forever doomed to inhabit a splinternet? No, not nearly. As the pandemic recedes (in our attitudes, at least), our dual citizenship online and in real life re-emerges. It is altogether fitting and proper in that grounding where fresh speakers and earnest listeners exchange new notions that nobly advance the return of a place welcome and open to all, a place where speaking and listening enjoy equal regard. My sincere hope is that the coming year or two will evoke community over tribalism. -Steve Riley, Field CTO

                                      Economic uncertainty will lead a shift to an “as-a-service” model

                                      In 2023, I think we will see more companies performing internal rationalization of applications and processes with the idea of creating new operating models. A lot of that focus will be around evaluating buying the outcome as opposed to the traditional build model, leading more companies who have been slow to evolve to begin embracing the cloud operating model. Instead of another tech refresh, they will look for ways to move infrastructure and services into “as-a-service”, moving them further away from Capex on to an Opex consumption model. This will allow companies to conserve as much cash as possible which they will need through any potential business downturns. -Gerry Plaza, Field CTO

                                      Social media shake-ups will lead to increase in phishing and scams

                                      With rumors of TikTok being banned and the privatization and layoffs at Twitter, attackers are likely to seize on the uncertainty with phishing and scams. These will occur both on those social media platforms, (especially if those platforms reduce the attention given to moderation) and on other fledgling platforms seeking to rise in popularity that are lacking the moderation and response maturity of established social media platforms. -Ray Canzanese, Director, Netskope Threat Labs

                                      New rules around disclosing cybersecurity incidents will drive increased security presence in the boardroom

                                      New SEC rules around reporting and disclosing cybersecurity incidents will drive more organizations to hire security expertise to serve on their boards. These new rules will result in more questions around security from the board with a much greater level of precision. To meet this need, security teams will need to improve their metrics and communication techniques to effectively work with the board. -James Christiansen, VP and CSO, Cloud Strategy

                                      The rising need for quantified risk reduction plans

                                      Companies, specifically boards, will want more data-driven, quantified plans for risk reduction. The challenge will be for CISOs to demonstrate that they are getting the biggest risk buy down for every dollar they spend. Arbitrary metrics and qualitative assessments will not be enough. As a result, there will be more of a focus on empirical evidence driven by data. -David Fairman, CSO APAC

                                      Burnout and mental health will become a higher priority

                                      Historically, we have “lived” through big changes in business with disruptions from technology, economy and geopolitics; now we “blink” through change with those same disruptions and more. As a result the mental health of our already stretched workforce now is being challenged to handle the “change curve” at an accelerated rate in both the workplace and at home. Imagine a surfer in the ocean with a wave breaking on him/her every five seconds…that would keep them from ever riding a wave. The mental health of the workforce will have to become a top priority for all businesses going forward or there is considerable risk of cascading business failures. There will be a continued focus on this in 2023.  -Nate Smolenski, CISO, Head of Cyber Intelligence Strategy

                                      For more on what we’re anticipating in 2023, keep an eye out for a follow up blog with more thoughts from the Netskope Threat Labs team coming on Tuesday 11/22.

                                      author image
                                      Netskope Staff
                                      Browse recent articles by Netskope Staff. Discover the latest trends and updates within the cloud and network space.
                                      Browse recent articles by Netskope Staff. Discover the latest trends and updates within the cloud and network space.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog