Professional Documents
Culture Documents
HORIZON
2023
Security at a tipping point
As the concept of identity undergoes a rebirth and evolves into new digital
forms, malicious actors will begin to gather, manipulate and exploit a
swathe of intimate and sensitive data.
‘Business as unusual’ will become the order of the day, prompting a greater
need for organisations to pursue an innovative and forward-thinking
agenda to address a torrent of change.
Threat Horizon 2023 presents nine potential threats driven by global events
and major developments. The report and its accompanying Threat Radar
provides ISF Members with a methodology to stimulate discussion and debate,
analyse and communicate the business impact of future threats, and formulate
a forward-looking cyber resilience strategy.
Identity is
weaponised
Machines seize Security fails in a
control brave new world
THREAT
2022
Neglected
HORIZON infrastructure
cripples operations
2021 – 2023
A crisis of trust
undermines
2021 digital business
1.1 5G technologies broaden 1.1 Augmented attacks 1.1 Artificial intelligence industrialises
attack surfaces distort reality high-impact attacks
1.2 Manipulated machine 1.2 Behavioural analytics trigger 1.2 Automated defences
learning sows confusion a consumer backlash backfire
1.3 Parasitic malware feasts on critical 1.3 Robo-helpers help 1.3 Layered security causes
infrastructure themselves to data complacency and confusion
2.1 State-backed espionage 2.1 Edge computing pushes 2.1 Digital doppelgängers
targets next gen tech security to the brink undermine identity
2.2 Sabotaged cloud services 2.2 Extreme weather wreaks havoc 2.2 Biological data drives a
freeze operations on infrastructure rash of breaches
2.3 Drones become both 2.3 The Internet of Forgotten 2.3 Gamed algorithms cause
predator and prey Things bites back commercial confusion
3.1 Digital vigilantes weaponise 3.1 Deepfakes tell 3.1 Smart grids succumb to an
vulnerability disclosure true lies attack surge
3.2 Big tech break up fractures 3.2 The digital generation become the 3.2 Isolationism creates a
business models scammer’s dream security disconnect
3.3 Rushed digital transformations 3.3 Activists expose 3.3 Security struggles to adjust to
destroy trust digital ethics abuse the never normal
The themes and threats included in Threat Horizon 2023 are summarised below, along with recommendations
arising from the full report.
1.3 Layered security causes complacency and confusion Streamline security policies,
processes and technologies.
As the ever-expanding array of policies, processes and technologies that
make up an organisation’s security eco-system begin to clash and contradict
each other, organisations will be faced with a degrading level of security.
2.2 Biological data drives a rash of breaches Develop strong controls and
robust data classification
Attackers will relentlessly target organisations that gather high volumes of
practices to secure the growing
biological data, as they begin to recognise its high value and utility. Trust in
volume of sensitive biological
the security of this highly sensitive information will be jeopardised.
data handled and stored by the
organisation.
3.1 Smart grids succumb to an attack surge Conduct detailed risk assessments
of the organisation’s dependency
Smart grids will come under attack as adversarial actors take advantage of
on smart grids taking account of
vulnerable and poorly secured components. These attacks will hold power to
crisis management and business
ransom resulting in blackouts that disrupt operations.
continuity arrangements.
3.3 Security struggles to adjust to the never normal Create and implement agile
security strategies that allow the
Organisations will find themselves in the new world of the ‘never normal’ as
organisation to quickly adapt
established technologies, policies and processes are no longer fit for purpose
and respond to a continually
A constantly shifting security landscape will give rise to new challenges.
changing operation.
WHERE NEXT?
We recommend that ISF Members:
– review the threats in Threat Horizon 2023, identifying those that are of high priority
– use ISF Live to become familiar with the techniques ISF Members have used to implement Threat
Horizon
– consider how the contents of Threat Horizon can be adapted to work best within your organisational
culture, for example: enable threat analysis and formulation of potential impacts and responses;
brainstorm risk treatments, and develop a forward-looking cyber resilience strategy
– use the ISF Threat Radar with business leaders to help prioritise threats and actions, particularly when
time and budgets are limited
– work with other organisations to collaborate on threat intelligence and strategies
– give careful consideration to the ISF resources in this report including:
ISF Consultancy offers customised Threat Horizon services for your organisation, helping to: make a
detailed assessment of business objectives, opportunities and constraints; analyse threats and manage
information risk, and improve engagement across the business.
Contact
For further information contact:
Steve Durbin
Chief Executive
US Tel: +1 (347) 767 6772
UK Tel: +44 (0)20 3289 5884
UK Mobile: +44 (0)7785 953800
steve.durbin@securityforum.org
securityforum.org
Disclaimer
This document has been published to provide general information only. It is not intended to provide advice of any kind. Neither the
Information Security Forum nor the Information Security Forum Limited accept any responsibility for the consequences of any use
you make of the information contained in this document.
©2021 Information Security Forum Limited | Classification: Public, no restrictions | Prepared: January 2021