A lot is up in the air with 2023, but one thing’s for sure—cybersecurity will continue to be a high impact sector in our day to day life. Nearly every company has some need for tech, and hacks of all kinds are increasing. Here’s what we’re seeing as the three biggest trends in cybersecurity in 2023.

Zero-trust security
2023—like recent years—looks like it will be defined by an increase in digitization across the business and social worlds. Nearly every company is now, to some extent or another, a tech company, and with the continuing move toward tech integration comes a rise in cyberattacks. A zero-trust security approach to solving those problems is becoming the norm.

Zero-trust is an approach to cybersecurity that assumes nothing is safe. Nothing is left to chance or assumed to be secure, and the system is always being tested for vulnerabilities. Continuous certification and permissions are given to apps rather than a single, one and done permission.

As Dan Lohrmann, field CISO at the IT services provider Presidio said last summer, the tactic essentially repeatedly asks: “Who are you? What can you access? What are you authorized to access? What are you accessing? And then monitoring all around that.” It’s a stringent—and necessary—approach to cybersecurity hygiene in a world of increased threats. We can expect to see it continue to be a matter of course in cybersecurity efforts in 2023.

Passwordless authentication

Looking to stop hackers from accessing systems? Password security has always been a major factor in making sure your information is locked down. It’s also traditionally been one of the weaker points for internal security. That’s why we’re likely going to see an industry wide shift to passwordless authentication processes going forward. Think of multi-factor authentication, using your phone as a second layer of protection to ensure your password is protected, as a first step here.

True passwordless authentication bypasses inputting a text password at all. Instead, logging in requires using an MFA-style mobile code, USBs, biometrics, or other outside-the-box approaches.

Look at it as part of the same tactic as zero-trust: layers upon layers of protection against highly sophisticated attackers. Of course, mainstreaming the technique is important. “Websites have to adopt the standard for it to work,” Lance Spitzner, director of security awareness at the SANS Institute, said in an interview last fall. “So, there is something on the horizon, but it’s gonna take a while.”

AI-based security
Finally, the best way to get rid of chance in cybersecurity might be to simply remove the human element altogether. Why take the risk of someone making a mistake?

AI-based security aims to get rid of that level of chance and introduce consistency. In practice, this is seen by AI taking a strong role in threat detection, automated responses, and protection protocols. Using autonomous systems for these aspects of cybersecurity management makes sense and saves time.

The analytical tools provided by AI are also critical for supplementing existing security measures, as Pillsbury Law cybersecurity expert Brian Finch told CNBC last year. “Most interestingly, we see behavioral analysis tools increasingly using AI,” Finch said. “By that, I mean tools analyzing data to determine behavior of hackers to see if there is a pattern to their attacks—timing, method of attack, and how the hackers move when inside systems.”

For more information on Zero Trust, Multi-Factor Authentication or AI based cybersecurity, contact Northeast IS at 518-867-4110 or


Get your Free Incident Response Plan consultation:

Free Incident Response Plan
Cyber Security
Cyber Security
Chat with a representative