Singapore is well recognized as a digitally-enabled nation, facilitating global finance, commerce, and transport. The same prominence that put Singapore on the world stage as a digital leader also exposes the country to cyberattacks. In fact, almost half of Singapore businesses experienced cyber incidents in 2022. It’s clear that businesses, organizations, and security teams need to continue to anticipate cyberattacks and prepare as best as they can for an increasingly diverse and complex threat landscape.
Questions about the most effective way for security and development teams to collaborate or what good communication of security incidents might look like are just as important as how to secure infrastructure across corporate and national boundaries or how internal security teams can become a market advantage for companies. Here are some of the most significant cybersecurity trends that we’ll see in the coming years.
Security will become a more diverse discipline
There’s no question that cyberattacks will continue to rise in 2023. To keep up with the speed of threats, we’ll continue to see a shift in security culture and hiring within organizations. This is especially applicable in APAC – while the region experienced the highest cybersecurity workforce growth globally in 2022, the region still faces a shortage of up to 2.16 million cybersecurity workers.
Security teams will need to work even more closely with engineering and product teams to react quickly to new threats and will need to develop more of their own solutions in addition to purchasing cybersecurity tools and services off the shelf. As threats become more varied and complex, we will see more diversity in workforce hiring within security teams – background, education, and technical capabilities. Ultimately, this will lead to a stronger security culture, closer integration with engineering, and faster innovation to combat attacks from malicious actors.
Cybersecurity transparency will be hailed as a strength
Organizations are continuously improving their detection and defense strategies against cyberattacks, but they must also evolve the way they communicate them. We’ve already seen a significant number of breach disclosures, and this year will be no different. However, we will see more organizations relying on transparency with their stakeholders to strengthen trust in their businesses.
More security leaders will focus on building an environment where the security team is an empowered, trusted partner to the business that prioritizes open, transparent communications around security incidents to build trust with both internal and external stakeholders. The knock-on impact will be that the internal bar for privacy and data protection will rise and the threshold for external sharing of security incidents will lower.
Increased cross-industry collaboration to address supply chain security
We’ve seen a greater mainstream emphasis on supply chain security, with events like SolarWinds and Log4j providing key reminders of the importance of securing critical code. This is especially relevant for a nation like Singapore – its push to become a leading Smart Nation makes it even more crucial for it to ensure a secure digital environment. It is clear that there must be a collective industry and community effort to secure the software supply chain, and 2023 will bring even greater collaboration.
The public sector will look to the private sector to help inform policy, there will be more organizations and working groups focused on shared security goals, and more direct partnerships between companies. Supply chain attacks do not recognize roles, corporate boundaries, or even national lines so it will require unprecedented collaboration to defend against them. At its core, supply chain security is about how the world builds software, so to drive true impact, these efforts will need to operate in support of the developers who design, build, and maintain the open-source projects we all depend on.
Internal security programs become a market differentiator
Security programs have traditionally focused exclusively on internal collaboration and communication, even at companies that build and sell security products. In the coming years, we will continue to see a rise in consumer and B2B awareness of the importance of good cybersecurity practices. As a result, we’ll not only see more CSOs speaking publicly about their approaches to better security, but we’ll also see security team members sharing their best practices with partners, peers, and customers.
While compliance and certification will remain foundational indicators of security, they will be combined with additional external artifacts such as blogs, research, and papers. The quality and operational excellence of internal security teams will become even more of a market differentiator for companies and increasingly factor into brand and partnership trust.
Jacob DePriest is the Vice President, Deputy Chief Security Officer at GitHub. DePriest has over 16 years of experience in the field of Cybersecurity, Engineering, and Open Source across both the public and private sectors. Previously, DePriest held a senior executive role in the National Security Agency of the United States and founded his own tech consultancy firm, Andonic Solutions, in Washington D.C.
TechNode Global INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.