Cyberthreat is a serious concern and requires businesses to be constantly vigilant, DigiCert, Inc., a leading global provider of digital trust, released its annual forecast of cybersecurity trends emerging in the Asia Pacific region for 2023 to give bosses a heads up on what’s in store.
The survey found that almost half of consumers in APAC (42%) have stopped doing business with a company after losing trust in that company’s digital security,” said Hojjati, VP of Research and Development at DigiCert. “The more CISOs and other IT staff understand the security implications of evolving technologies and threats, the better prepared they are to make the right investments for their business to ensure digital trust.”
Prediction #1: Quantum Computing Will Force Crypto-Agility —Cracking a 2048-bit encryption would take an unfathomable amount of time with current technology. But a capable quantum computer could conceivably do it in months. We predict an increased focus on the need to be crypto-agile as quantum computers pose a signifcant future threat to secure online interactions. Crytographic-agility will be a competitive advantage in the very near future.
Prediction #2: Matter Will Become a Household Standard — Matter is a smart home standard and common language for smart home devices which are secure and trusted to communicate and connect seamlessly. DigiCert predicts the Matter logo will become the symbol that consumers look for in smart home technology. The Asia Pacific Industrial Internet of Things (IoT) market is projected to reach USD 46,188.1 Million by the year 2030, with a CAGR growth rate of 8% from 2022 to 2030. With increased connectivity with the Internet-of-Things (IoT), Matter will become key to achieving secure, reliable, and seamless use of smart home devices.
Prediction #3: Code Signing Will Prompt A Race to the Cloud —OV code signing certificates are changing. They will soon be issued on physical security hardware in a similar way to how EV code signing certificates are issued. In June 2023, according to the CA/B Forum, a voluntary group of certification authorities (CAs), vendors of internet browsers, and suppliers, notes that private keys for OV code signing certificates must be stored on devices that meet FIPS 140 Level 2, Common Criteria EAL 4+ or equivalent security standards. We predict that these changes will mean customers move to cloud signing in large numbers, instead of dealing with replacing their hardware token. We also expect all code signing will be cloud-based in the future, as customers will prefer cloud over having to keep track of a hardware key.
Prediction #4: Software Supply Chain Attacks Will Make 2023 the Year of the SBOM —An SBOM is a list of every software component that comprises an application and includes every library in the application’s code, as well as services, dependencies, compositions, and extensions. Because of the information and visibility, it provides in software supply chains, we predict the SBOM will be widely adopted in 2023. While most of the requirements are taking place at the federal level now, expect the SBOM to spread to commercial markets soon to secure software. Supply chain attacks are amongst the most prevalent third-party cyberattacks today, with 45% of global businesses have experienced at least one such attack in 2021. In Asia Pacific, this figure rises to 48%, suggesting that there is vast potential for increased implementation of SBOM by APAC firms to counter these attacks.
All of this means software producers will be required to get more involved in the process of ensuring their products are secure — and visibility will be key to that.
Prediction #5: Physical SIMs Will be Replaced by eSIM and iSIM Technology —The introduction of the integrated SIM (iSIM), which does not require a separate processor, is smaller, and does not take up much room on hardware such as mobile phones. We predict the next generation of smartphones will remove traditional SIM hardware functionality and move to eSIM and iSIM as the root of trust.
Prediction #6: DNS will continue to grow in importance —Infrastructure as code will continue its growth as being a best practice for organizations of all sizes. DNS services that have high uptime, fast speeds, and fast DNS propagation will be crucial for organizations to have as a toolset. Well-defined APIs, SDKs, and integrations will be highly vital to the success of organizations’ efforts to be productive and reliable. The Asia-Pacific region faces a fast-growing digital economy, spurred by the unlocking of emerging technological capabilities such as the 5G network and cloud infrastructure. Today, 96% of Asia Pacific’s population have access to mobile broadband networks. The number of 5G connections by users across countries in the region is projected to accelerate over the next few years and hit 400 million by 2025. This has fueled conversations revolving around the increased importance of DNS adoption, to support a secure and reliable digital transformation.
Prediction #7: Criminals Will Exploit Zero Trust —Adversaries will deploy new technologies as well to increase their success rate in future attacks. Technologies such as Artificial Intelligence and Adversarial Machine Learning could potentially be deployed by a properly versed attacker to find weaknesses in an improperly deployed zero trust framework. There is a clear shift towards the adoption of Zero Trust in Asia-Pacific, where 50% of Asia-Pacific organizations have implemented zero-trust as of 2022. With the growing concern about data security due to the new normal of hybrid-work mode, it has become a priority for organizations globally to have Zero Trust. As zero trust becomes the standard security approach for IT systems, we predict adversaries will change their attack approach to be able to overcome zero trust frameworks.
Prediction #8: Ransomware threat will continue to rise in APAC – The threat of Ransomware continues to rise globally, with Asia-Pacific countries being the most vulnerable due to the region’s rapid digitalization and increasing connectivity as seen from its adoption of 5G network. Recent high-profile attacks on APAC countries, most notably Australia’s chain of cyberattacks that resulted in severe data breaches in its healthcare and telecommunications industries, highlight how hackers continue to exploit the Internet of Things (IoT). In Singapore, the Cyber Security Agency (CSA) reported that ransomware attacks rose 54% from 2020 to 2021. As we predict for ransomware attacks to become more sophisticated, it is crucial to remain vigilant and well-equipped to counter them.
