THREAT

HORIZON
2023
Security at a tipping point

2023 will see organisations struggling to cope with a monumental shift

that leaves business and security leaders exposed. The global pandemic
will have a lasting effect, accelerating trends that fundamentally change
the business landscape. The information security industry will find itself
at a tipping point, on the verge of being overwhelmed by forces beyond
its control.

Organisations will face a growing threat from adversarial actors

perpetrating AI-powered mass attacks, whilst too much faith in AI defences
will leave them exposed. An oversaturation of conflicting and overlapping
security policies, processes and technologies will create complacency and
confusion across the business.

As the concept of identity undergoes a rebirth and evolves into new digital
forms, malicious actors will begin to gather, manipulate and exploit a
swathe of intimate and sensitive data.

‘Business as unusual’ will become the order of the day, prompting a greater
need for organisations to pursue an innovative and forward-thinking
agenda to address a torrent of change.

Organisations will soon be confronted with a choice: continue along their

current trajectory and risk security going beyond the tipping point into
a state where recovery is no longer possible; or stop, reassess the global
landscape and change course.

Threat Horizon 2023 presents nine potential threats driven by global events
and major developments. The report and its accompanying Threat Radar
provides ISF Members with a methodology to stimulate discussion and debate,
analyse and communicate the business impact of future threats, and formulate
a forward-looking cyber resilience strategy.
 Identity is
weaponised
Machines seize Security fails in a
control brave new world

2023 Invasive technology

disrupts the everyday

THREAT

2022
Neglected

HORIZON infrastructure
cripples operations

2021 – 2023

A crisis of trust
undermines
2021 digital business

Digital competitors Digital connectivity exposes

rip up the rulebook hidden dangers

Digital cold war

engulfs business

Threat Horizon 2021 Threat Horizon 2022 Threat Horizon 2023

The digital illusion shatters Digital and physical worlds collide Security at a tipping point

1.1 5G technologies broaden 1.1 Augmented attacks 1.1 Artificial intelligence industrialises
attack surfaces distort reality high-impact attacks
1.2 Manipulated machine 1.2 Behavioural analytics trigger 1.2 Automated defences
learning sows confusion a consumer backlash backfire
1.3 Parasitic malware feasts on critical 1.3 Robo-helpers help 1.3 Layered security causes
infrastructure themselves to data complacency and confusion
2.1 State-backed espionage 2.1 Edge computing pushes 2.1 Digital doppelgängers
targets next gen tech security to the brink undermine identity
2.2 Sabotaged cloud services 2.2 Extreme weather wreaks havoc 2.2 Biological data drives a
freeze operations on infrastructure rash of breaches
2.3 Drones become both 2.3 The Internet of Forgotten 2.3 Gamed algorithms cause
predator and prey Things bites back commercial confusion
3.1 Digital vigilantes weaponise 3.1 Deepfakes tell 3.1 Smart grids succumb to an
vulnerability disclosure true lies attack surge
3.2 Big tech break up fractures 3.2 The digital generation become the 3.2 Isolationism creates a
business models scammer’s dream security disconnect
3.3 Rushed digital transformations 3.3 Activists expose 3.3 Security struggles to adjust to
destroy trust digital ethics abuse the never normal
The themes and threats included in Threat Horizon 2023 are summarised below, along with recommendations
arising from the full report.

Theme 1: Machines seize control Recommendations

1.1 Artificial intelligence industrialises high-impact attacks Implement processes

and controls that identify
The widespread adoption of automation and the malicious use of AI will lead
AI‑powered attacks and allow
to the industrialisation of tailored, high-volume, high-impact cyber attacks,
for the deployment of defensive
leaving organisations overwhelmed and unable to operate effectively.
counter measures.

1.2 Automated defences backfire Assess the level of security

automation used within the
Organisations will discover the pitfalls of relying too heavily on automated
organisation and build in human
defences to protect information. Ineffective implementation of security
mechanisms as redundancy in the
controls and a lack of human oversight will prove costly when these
event of system failures.
systems fail.

1.3 Layered security causes complacency and confusion Streamline security policies,
processes and technologies.
As the ever-expanding array of policies, processes and technologies that
make up an organisation’s security eco-system begin to clash and contradict
each other, organisations will be faced with a degrading level of security.

Theme 2: Identity is weaponised Recommendations

2.1 Digital doppelgängers undermine identity Deploy technical solutions to

assist in the identification of
Adversarial actors will use a host of advanced techniques and technologies
digital doppelgängers, alongside
to create digital doppelgängers, harvesting increasing levels of highly
developing employees’ awareness
personal and intimate information that shatters the reputations of
and understanding of this threat.
individuals and brands.

2.2 Biological data drives a rash of breaches Develop strong controls and
robust data classification
Attackers will relentlessly target organisations that gather high volumes of
practices to secure the growing
biological data, as they begin to recognise its high value and utility. Trust in
volume of sensitive biological
the security of this highly sensitive information will be jeopardised.
data handled and stored by the
organisation.

2.3 Gamed algorithms cause commercial confusion Conduct forensic exercises on

algorithm-driven processes
As organisations increasingly use commercial algorithms to power their
to identify signs of potential
interaction with customers, attackers will manipulate these algorithms to
exploitation and abuse.
undermine the digital experience and destroy any commercial advantages.

Theme 3: Security fails in a brave new world Recommendations

3.1 Smart grids succumb to an attack surge Conduct detailed risk assessments
of the organisation’s dependency
Smart grids will come under attack as adversarial actors take advantage of
on smart grids taking account of
vulnerable and poorly secured components. These attacks will hold power to
crisis management and business
ransom resulting in blackouts that disrupt operations.
continuity arrangements.

3.2 Isolationism creates a security disconnect Assess the impact of regional

differences in legal restrictions
Global operations will be hit by a raft of social, legal and political changes.
on the organisation’s wider
Organisations will be confronted by an increasingly costly and high-risk
security strategy.
operating environment, with fragmented and siloed security operations.

3.3 Security struggles to adjust to the never normal Create and implement agile
security strategies that allow the
Organisations will find themselves in the new world of the ‘never normal’ as
organisation to quickly adapt
established technologies, policies and processes are no longer fit for purpose
and respond to a continually
A constantly shifting security landscape will give rise to new challenges.
changing operation.
WHERE NEXT?
We recommend that ISF Members:
– review the threats in Threat Horizon 2023, identifying those that are of high priority
– use ISF Live to become familiar with the techniques ISF Members have used to implement Threat
Horizon
– consider how the contents of Threat Horizon can be adapted to work best within your organisational
culture, for example: enable threat analysis and formulation of potential impacts and responses;
brainstorm risk treatments, and develop a forward-looking cyber resilience strategy
– use the ISF Threat Radar with business leaders to help prioritise threats and actions, particularly when
time and budgets are limited
– work with other organisations to collaborate on threat intelligence and strategies
– give careful consideration to the ISF resources in this report including:

Demystifying Artificial Deploying Open Source Software:

Intelligence Challenges and rewards

Extinction Level Attacks: Securing the IoT:

A survival guide Taming the connected world

Delivering an Effective Cyber Legal and Regulatory Implicatons for

Security Exercise Information Security: Interactive guide

ISF Consultancy offers customised Threat Horizon services for your organisation, helping to: make a
detailed assessment of business objectives, opportunities and constraints; analyse threats and manage
information risk, and improve engagement across the business.

Contact
For further information contact:
Steve Durbin
Chief Executive
US Tel: +1 (347) 767 6772
UK Tel: +44 (0)20 3289 5884
UK Mobile: +44 (0)7785 953800
steve.durbin@securityforum.org
securityforum.org

About the ISF

The ISF is a leading authority on information security and risk management. A not‑for‑profit organisation, we provide
independent opinion and guidance on all aspects of information security. We deliver practical solutions to overcome the
wide‑ranging information security and risk management challenges that impact business.

Disclaimer
This document has been published to provide general information only. It is not intended to provide advice of any kind. Neither the
Information Security Forum nor the Information Security Forum Limited accept any responsibility for the consequences of any use
you make of the information contained in this document.

Information Security Forum | @SecurityForum

©2021 Information Security Forum Limited | Classification: Public, no restrictions | Prepared: January 2021