Forbes have named their top cybersecurity trends of 2023. As weak credentials threaten critical industries and cybersecurity moves up to the director level, we see several recent trends continuing into the next year:
While none of these trends are new, they show the ongoing need for businesses and critical infrastructure to take stronger measures to protect their systems.
The UK’s Department for Education has been reprimanded by the data protection regulator after it gave improper access to identifying information on up to 28 million children. The department gave personal data to employment screening company Trustopia during 2018 and 2020. It was later found by the Information Commissioner’s Office to be a breach of data protection law. In ordinary circumstances, the department would have been charged £10 million in fines, but the ICO made an exception so as to avoid extra pressure on public sector cash flows.
Following the revelations of the Medibank ransomware data breach, Australia’s cyber security minister is considering a law to make it illegal to pay ransoms. Clare O’Neil praised Medibank’s decision not to pay the ransom, warning that we cannot expect hackers to delete the data. She announced a new Australian task force, including a cyber spy agency, which will use expert hackers to disrupt criminal attacks. She said: “What they will do is scour the world, hunt down the criminal syndicates and gangs that target Australia in cyberattacks, and disrupt their efforts.”
The healthcare cyber security market could hit $70.55 billion by 2030, according to Brainy Insights. Ongoing threats to the healthcare sector include malware and ransomware. Meanwhile, there has been increased investment in healthcare spending, with stakeholders keen to protect patient confidentiality. The new figures have also been pinned on increased device usage including internet of things devices and mobiles, which rose considerably during the pandemic.
Australian health insurance company Medibank has faced a ransomware attack which is threatening to leak 9.7 million customers’ information. The company admitted that more than 500,000 health claims had been accessed and threatened to be sold on the dark web. Medibank has since refused to pay the ransom to known Russian ransomware group REvil. The group’s chief executive David Koczar said that paying the ransom would make Australia a “bigger target”.
Business owners are being warned to take cybersecurity more seriously amid a huge increase in attacks. With the uptick in data breaches and ransomware, insurance premiums have increased on average by 28%. Cyber insurance is classed differently from other types of business insurance, and offers protection against these attacks. To mitigate price rises, underwriters are advising businesses to consider protocols like multi-factor authentication and encrypted password management.
