Security operations centers (SOCs) in the government and mass media sectors are likely to face more reoccurring targeted attacks by state-sponsored threat actors in 2023, according to antivirus software company Kaspersky.
This prediction comes after Kaspersky noted the average number of security incidents increased by 36% in 2022. Kaspersky also reported the average number of incidents in the mass media sector nearly doubled in 2022.
Ultimately, there is a "new wave of politically motivated attacks" affecting government and mass media organizations, said Sergey Soldatov, head of SOC at Kaspersky. These attacks may extend beyond organizations in the government and mass media sector. To guard against such attacks, Soldatov recommends that organizations use managed detection and response (MDR) services for "comprehensive threat detection and remediation."
Other Security Predictions for SOCs in 2023
Kaspersky made several other predictions regarding security issues that could impact SOCs in 2023, including:
1. Cybercriminals May Increasingly Target Telecommunications Providers.
In 2021, there was "a prevalence of high-severity incidents" against telecommunications providers throughout the year, Kaspersky indicated. The average share of high-severity incidents against these providers declined in 2022. Regardless, telecommunications companies remain attractive targets for cybercriminals.
2. Cybercriminals Will Use Ransomware to Encrypt and Destroy Business Data.
In the past, many cybercriminals would encrypt data and hold it for ransom. Now, cybercriminals are more likely than ever before to encrypt and destroy data, which makes it exceedingly important for organizations to properly secure it.
3. Cybercriminals Will Try to Infiltrate Organizations Through Public-Facing Applications.
Public-facing applications can have vulnerabilities that organizations have not addressed. Meanwhile, cybercriminals can exploit these vulnerabilities in the hopes of accessing organizations and their data and systems.
4. Threat Intelligence Will Become More Valuable.
The increasing volume and severity of cyber threats is leading more organizations to invest in technologies that they can use to plan for and combat cyberattacks. At the same time, it is increasing the value of threat intelligence, which helps organizations make fast, informed decisions to secure their operations.
What Can MSSPs Do?
MSSPs can provide organizations with MDR, endpoint protection and other security services to keep pace with evolving cyber threats. In doing so, they can help organizations guard against a wide range of threats and optimize their security posture.