2022 was a challenging year for enterprise security , with consumers losing trust in organisations ' ability to keep their data safe . APIs have have come under increased assault . As data security becomes more of a priority , cybersecurity company Imperva shares its predictions for 2023 .

BOTS WILL TAKE OVER THE INTERNET

By the end of 2023 , only half of all internet traffic will come from a human . What ’ s more , two-thirds of all bad-bot traffic will be considered moderate or advanced , making these automated threats harder to detect and stop . In 2023 , APIs will become the prime target for bad bots . Seen as signposts to sensitive data , 2022 saw vulnerable APIs cost businesses $ 75bn a year . This problem is only going to worsen next year because API defences often overlook automated threats .

Bots will become a persistent threat that organisations need to look out for or else risk data leakage . The challenge is that tried-and-tested methods of defeating bots may not work . For instance , returning a CAPTCHA challenge to an API request breaks the calling application . Businesses need to use machine learning to differentiate normal API behaviour from malicious traffic and to understand what data should be transmitted through the API . Organisations will face an uphill battle mitigating automated attacks targeting their API libraries until bot management and API security are used in concert .

CLOUD SECURITY TOOLS WON ’ T BE FIT FOR PURPOSE

2023 will be the year we see organisations begin to question whether they are being too trusting of cloud security . They will increasingly realise that the cloud is not secure-by-design and that bundled security tools from cloud providers simply don ’ t cut it . Despite initially appearing to be easy to use , enterprises are finding – to their cost – that the one-size-fits-all approach of many cloud services ’ security offerings simply cannot fully protect data in the cloud . There will always be differences in circumstances that leave a gaping hole for attackers .

Without putting in proper controls to secure the cloud , vulnerabilities and misconfigurations of cloud environments will be one of the biggest risks to data . Enterprises will see a thorough security audit as one of the essential steps to adopting any cloud service and ensuring that they have the right security and tools in place to meet their exact needs , instead of blindly trusting their provider . After all , it doesn ’ t matter how much money you save migrating to the cloud if you increase the risk of a costly breach in the future .

cybermagazine . com 13