High-profile cyber attacks at Okta, Hubspot, and others in 2022 suggest bad actors are continuing to put more energy into targeting SaaS. Indeed, it is common for organizations to rely heavily on SaaS applications for business critical workflows and to have a complex web of integrations between them. What makes defending SaaS even more challenging is the distance between the application owners sitting in different business units and the (often) centralized enterprise security team.
In addition to the growing threatscape surrounding SaaS, new privacy laws are coming that will penalize companies when sensitive data stored in SaaS is not appropriately protected.
As we head into 2023, these SaaS risk and threat realities are causing teams to take a hard look at protecting SaaS apps like Microsoft 365, Salesforce, and Google Workspace. Fortunately organizations like ours are here to partner in enabling SaaS threat detection, posture hardening, and integration management.
What else are we expecting in 2023? Here are our predictions:
SaaS attacks were already on the rise, as witnessed in 2022 from high-profile breaches at Okta, Slack, and elsewhere. This in addition to SaaS instances breached at other high profile companies. We’re also seeing increasingly advanced phishing techniques and malware as well as session hijacking activities that help bad actors obtain legitimate credentials.
CISA and security teams have done a good job increasing MFA coverage. Adversaries, however, still want to get in, so they will continue to find ways to still get in. And with many instances already observed that utilized MFA fatigue and SIM swapping techniques, we expect this trend to continue into 2023.
We’ve observed attacks against HR systems to modify direct deposit information, and systems like ERP contain useful information to allow better targeting of critical information and workflows within enterprises. We expect these systems to be targeted even more to redirect funds and commit fraud and impersonation attacks.
We’ve mentioned our collaboration with CrowdStrike and how their incident response (IR) teams use Obsidian. We have great partnerships with other IR firms as well. Having speed of threat suppression can limit potential damages, and with most attacks having a SaaS application (or many) in scope, it’ll be time to deploy “EDR for SaaS” when the phone rings.
ESG research found 45% organizations say they have a problematic shortage of cybersecurity skills.” This suggests that culture and collaboration will be big this year along with opportunities to increase automation and managed security services. CISOs must focus on conflict resolution and prioritization because big changes come with some product owners gaining more power, while others may be gone.
Even though 65% of organizations are planning to increase cybersecurity spending in 2023, efficiency is really the key word for CISOs this year. We all need to make sure we are utilizing the available cyber defense value that is inherent in our people, processes, and technology.
The U.S. federal government is already issuing guidance to protect businesses from increasingly potent supply-chain attacks, which will bring more attention to these kinds of attacks.
The enormity of the amount of data the U.S. federal government protects has led them to implement best-practice frameworks to protect that data. SCuBA is a reference architecture that agencies should consider as they migrate to cloud-based technologies. They will be releasing guidelines for popular apps including recommendations for Office 365.
Not only do security leaders have to contend with hackers, they increasingly will have to adhere to a new batch of privacy regulations intended to protect consumer data. In 2023, new GDPR-style laws will go on the books in California, Virginia, Colorado, Connecticut, and Utah. We think this is just the beginning.
2023 is already off to an interesting start with economic uncertainty, high-profile breaches, and new privacy laws in effect. Will these predictions come true or are they off base? Regardless of what happens, we know this year will continue the theme of working together for a more collective, collaborative defense of our enterprises, organizations, and agencies, and we must all continue to raise the bar against a seemingly endless amount of threats and risks to our businesses. Let’s do what we can as defenders to enable our companies to execute against their missions in as safe a way as possible. #shieldsup