Top Cybersecurity Trends of 2023 & 2022
Our hand-picked collection of the top cybersecurity trends of 2023 & 2022. The topics in this report on today’s emerging cybersecurity trends are selected for their high growth across sites including Google, TikTok, Instagram, Reddit, Twitter, YouTube, and Amazon. Read more about how we track global trends.
Adguard DNS is a DNS service that is designed to protect users from ads and malware. The service is said to be faster and more reliable than the default DNS service provided by most ISPs. … Read more
Cyber Kill Chain
The cyber kill chain is a model that is used to describe the process of how a cyberattack is carried out. The model breaks down the attack into seven steps, from reconnaissance to exfiltration. This model can be used to help organizations improve their cybersecurity defenses. … Read more
Netskope is a cloud security company that provides businesses with the tools to secure and manage their cloud-based applications. The company was founded in 2012 and has since become a leading provider of cloud security solutions. … Read more
Smishing is a type of phishing attack that uses SMS messages to try to scam the recipient into revealing personal information. The messages may include a link to a fake website or a request for sensitive information. … Read more
A password manager is a software program that stores passwords and other login information in a secure location. The application can be used to store login information for a variety of websites and services, and can be accessed from any device with the password manager installed. … Read more
An MFA authenticator is a tool or application that enables multi-factor authentication. This authentication tool adds a layer of protection to the sign-in process and protects against cyberattacks or security breaches. … Read more
… Read more
Passwordless authentication is a type of authentication that does not require the use of a password. Instead, a unique identifier, such as a one-time code, is used to verify the user’s identity. This type of authentication is often seen as more secure than password-based authentication. … Read more
OT security is the security of industrial and operational technology (OT) systems. OT systems are those that control physical processes, such as energy production and distribution, manufacturing, and transportation. The security of these systems is critical as they are often the target of cyberattacks. … Read more
DevSecOps is a term that refers to the intersection of development, security, and operations. The term is used to describe the practice of integrating security into the software development process in order to create more secure applications. … Read more
Vishing is a type of social engineering attack that uses voice calls to scam people. The attacker will call a victim and pose as a representative from a legitimate organization, such as a bank or credit card company. The attacker will then try to extract personal information from the victim. … Read more
Threat hunting is the proactive process of searching for threats and vulnerabilities in an organization's systems. The goal of threat hunting is to find and fix problems before they can cause harm. … Read more
Trend Highlight – The Rise of Corporate VPNs
Consumer-facing VPN products have been growing for years but not just because of privacy concerns: many top consumer VPNs tout their ability to bypass geo-based content blocking on sites like Netflix. Now, corporate VPNs are getting more attention, but their growth is driven by different concerns.
IT security is challenging because the defender has to be right every time, while the attacker needs to be right - or even just get lucky - only once. Meanwhile, increasing work from home has offered new challenges: people don’t always follow strict security protocols when they’re not at the office.
The high growth of corporate VPNs like Tailscale isn't just a function of the pandemic, though. The IPO window is open more each month, with hundreds of special-purpose acquisition companies hunting for a business to take public. One thing public companies have to do is ensure access controls and auditability for their systems, especially anything that touches their finances. This has been a tailwind to VPN companies, especially newer players who can quickly get a business compliant.
Trend Highlight – Identity Theft Protection
One thing the fanciest office perks have in common is that they’re designed to keep people at the office, working hard. Whether it’s a company cafeteria, a WiFi-enabled shuttle, or on-site laundry, perks are a way for companies to buy a bit more employee time at favorable rates. When workers go remote, these perks largely stop applying, so companies have to offer employees something they can enjoy at home. Meanwhile, working from home has led to new security issues; blurring the boundary between home and office means mixing the definition of home and office computer.
IdentityIQ is one such offering. It’s an identity theft protection service that monitors people’s credit to detect unauthorized borrowing, and insures them against fraud losses. The company’s ads pitch this, not just to end users, but to their employers. In fact, their Facebook ads, targeting employers, cite the productivity losses from victims of identity theft.
Any time a large amount of money changes hands—a home purchase, for example—identity theft insurance is a natural cross-selling opportunity. IdentityIQ doubles down on this idea and runs Facebook ads targeting real estate brokers, offering them a commission for selling the insurance to their clients.
Under the hood, IdentityIQ doesn’t actually do the insuring- they really just whitelabel AIG’s insurance plans. It’s a growing model: The bigger companies are good at underwriting, but not necessarily good at marketing or branding, so there’s a sub-industry that wraps existing insurance products in a better UI.
Trend Highlight – Gamifying Penetration Testing & Ethical Hacking
Information security professionals have learned that some people just love breaking into secured systems, and they'll be better-off gamifying that than fighting it. HackTheBox is a virtual penetration-testing tournament: users are challenged to break into simulated systems as quickly as possible. When the site launched, it "required" an invite code—but savvy users were expected to hack their way around this limitation.
Sites like this increasingly became popular after Youtube started banning content showcasing how to bypass websites—security measures and new entrants into the space looked for other ways to learn.
The pace of change in software makes it hard to hire purely based on credentials. Schools can still filter for raw ability, and can give students a thorough grounding in theory, but practice evolves faster than curricula. That's especially true in security, where there's an arms-race between hackers and IT teams—security holes get patched, new exploits get discovered, and software updates constantly introduce complex new vulnerabilities. A tournament-style approach with a constant variety of new challenges is the best way to identify people with the combination of skills and adaptability necessary to thrive.
The site has a job board, with different jobs locked based on user rankings. One source of word-of-mouth advertising: security professionals suggest tournaments like HackTheBox as practice for people who have just joined the industry or are interviewing for a new role.
This approach even works in other fields: every designer has a portfolio page, stock-pickers tout their ideas on SumZero and ValueInvestorsClub, and media companies spot talent in indie newsletters and blogs. The closer a job is to a fun hobby, the more likely it is that a tournament-based job board will work.
Trend Highlight – Why Surfshark VPN Is So Popular
While online privacy may seem like the most obvious use case for VPNs, more and more people actually say they use the services to access Netflix and YouTube internationally, among other geo-fenced content libraries.
Surfshark, which launched in 2018, sets itself apart from other VPN providers with a rock-bottom price for long-term contracts and an explicit promise to unblock the Netflix libraries of 15 countries, including the U.S., U.K., and India. As the streaming wars rage on, exclusive licensing deals are likely to only become more common, driving users to pay for VPNs to avoid the frustratingly common, “this content isn’t available in your country.”
According to one study, nearly 30% of all VPN users access Netflix in any given month. And because Netflix only has about 7% market share of the global video streaming market, and is now focused heavily on growth abroad, there will continue to be a huge opportunity for VPNs like Surfshark as more consumers subscribe to Netflix and need to get around the geo-fences.
Track every trend in the CybersecurityCategory