and more real-time responses. Account lockouts, password resets and network contained systems will
            likely be some of the methods used to reduce the impact of a data breach.

            Should responders continue to waste time, we will see a shift from default configurations to more auto-
            responses.  Our  end  customers  will  have  to  change  with  the  times and  understand  the  value  of  the
            disruption.



               2.  Zero trust models are going to have a massive impact on security.

            We’ve seen a shift in organizations migrating to the cloud and abandoning their internally hosted data
            centers. With the shift will come an increase in the reliance on zero trust models to improve security.

            This could change how we perform penetration testing, secure our networks and may even remove the
            need  for  significant  network  security  for  some  organizations.  The  perimeter  network  edge  is  all  but
            dissolved, zero trust may help to finish it off. We will still have a need for internal segmentation in many
            industries that rely on local computer resources.



               3.  Government regulations are going to balloon.

            We  can  predict  there  will  be  changes  to  the  current  international  privacy  requirements.  These  new
            security regulations will likely come from the SEC. On top of these changes, additional executive orders
            and Congressional committee meetings will be coming down the pipeline next year.

            I expect most of these regulations to lack real teeth. The fines and penalties likely won’t be sizable enough
            to implement real change. The FTC stands out with some regulations that have significant teeth to them.



               4.  Hacktivism is increasing.

            The ongoing conflict in Ukraine has been the first war to prompt large scale cyberattacks from nonmilitary
            citizens of other nations.

            The Ukrainian  army's  offensive  cyber-operations are  now attacking  Russian  infrastructure as both a
            hobby and a political statement. We can foresee these types of offensive operations across borders to
            become more conventional in the coming year.



               5.  Governments will be more direct on attribution.

            This past year we saw multiple public reports of US espionage efforts in China. This does not come as a
            shock given our government’s recent trend of outing its own cybersecurity enemies by name.







            Cyber Defense eMagazine – December 2022 Edition                                                                                                                                                                                                         130
            Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.