Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

The ambidextrous CISO: Explore the top Cybersecurity Technology Trends in 2023

In ancient times, ambidexterity was considered a curse and could get someone on the wrong end of a witch hunt. Today, however, it is praised and viewed as a competitive advantage in everything from racket sports to organizational governance and innovation. Being ambidextrous is undoubtedly the best armor for chief information security officers (CISOs) in 2023, helping them improve their security hygiene and prepare for future challenges.

CISOs are faced with a myriad of pressing cybersecurity concerns, from adequately protecting their organizations from the most prominent cyberthreats to continuously improving their security posture — all while adapting their security controls to the ever-changing digital environments in their organizations. In parallel, they must also prepare for upcoming digital changes and emerging transformational technology trends that will drastically change how they consume cybersecurity solutions.

Ambidextrous CISOs can balance these two fundamental challenges by improving their existing cybersecurity efficiency while preparing for the unknown. They will be able to optimally balance investment in incremental cybersecurity improvement and prepare for disruptive technology innovations.

Perhaps the most pressing question is: Which cybersecurity investments should you prioritize in 2023? What emerging technology trends will affect your cybersecurity strategies?

First, I would like to emphasize that cybersecurity technology investment should never be solely based on trendspotting, but should rather be decided after a thorough risk analysis that considers your organization’s core business as well as the cyberthreats that it faces.

With that in mind, Atos’s cybersecurity tech radar has identified the top technology trends in cybersecurity for 2023 to help you tackle the ambidextrous challenge of cybersecurity and assess the maturity of your security controls across the five building blocks of the NIST Cybersecurity Framework.

We assessed more than 150 cyber tech trends and integrated our analysis of the digital emerging trends, the changing threat landscape, the regulatory framework and the agility conundrum.

2023’s most promising incremental cybersecurity technologies

API security

Protect the new network

APIs are prevalent in every organization’s digital environment, doing all the heavy lifting in the background of modern applications. However, since they can be a single point of failure, CISOs must implement a proper API security program that adopts secure API development, builds a continuous API discovery process, enforces API policies and monitors API threats.

DevSecOps

Security by design

DevOps is clearly revolutionizing IT, but without embedded security it can introduce security gaps and risks. Adopting a set of DevSecOps tools, practices and policies will help organizations integrate security throughout the application development lifecycle, protecting applications from abuse. The upcoming European Cyber Resilience Act will accelerate the adoption of DevSecOps for organizations that want to sell their technologies in the European market.

Identity fabric

Verify and challenge

It only takes one misconfigured or compromised access account to steal sensitive data. The latest statistics show that 80% of cyberattacks leverage compromised privilege accounts, whereas 60% cyberattacks leverage lateral movement techniques. Organizations must implement proper access rights management solutions that span heterogenous networks and cover the building blocks of the new identify fabric. Continuous compliance checks will be essential to ensure that access policies are properly enforced over time.

Managed detection and response (MDR)

Threat anticipation with external visibility

MDR platforms provide multi-vector threat visibility by analyzing security data from multiple sources. Advanced MDR platforms integrate external attack surface management technologies to enhance threat anticipation with detailed external visibility. An effective MDR service, can truly enhance mean time to detect (MTTD) and mean time to respond (MTTR), while combining red team services to better assess the impact of external threats.

2023’s top emerging trends in cybersecurity to prepare for the future

How? By understanding their impact and implementing the first measures in the road of tech adoption

Cybersecurity mesh architecture (CSMA)

Distributed yet integrated

A more integrated and interoperable technical environment is needed to make cybersecurity mesh architecture a reality. Organizations will need to adopt architectural changes today to be ready for CSMA. They also need to choose cybersecurity partners and service providers who have embraced CSMA architecture, especially for security analytics and intelligence, automation, policy posture management and identity fabric.

Post-quantum era

Discover and Assess

In 2022, we took a giant leap towards quantum-resistant cryptography when NIST selected the first quantum-resistant cryptography algorithms and the NSA set a 2035 deadline for the adoption of post-quantum encryption across national security systems. CISOs can take the first steps in 2023 by identifying and discovering crypto libraries within their organizations to gain visibility and initiate a thorough impact assessment.

Privacy enhancing computation (PEC) tools

Protect data in use

PEC tools protect the privacy and confidentiality of sensitive data throughout its lifecycle, especially when it is in use. They include multiple innovative techniques that secure the data at the software, data or physical layer. Organizations with high security maturity have already started testing PEC tools to secure their highly sensitive data. Going forward, they must assess PEC solutions for their latest business use cases and initiate testing with security service providers that include both startups and hyperscalers.

Conclusion

Adopting Ambidexterity in cybersecurity will undoubtedly require new mindset in defining cybersecurity budgets and will push the boundaries of TCOS and ROI, forcing organizations to embrace faster lifecycles of cybersecurity innovation. Only then, can we bring agility, efficiency, and innovation to organizations’ cybersecurity strategy programs.

Share this article

About the author

Zeina Zakhour

Vice President Global CTO – Digital security, Atos
Member of the the Atos Scientific Community

Zeina has twenty years of experience in the Cybersecurity field covering the end-to-end spectrum of cybersecurity from security advisory, to security integration, Managed security services/Managed Detection and Response, to securing digital innovations (Cloud, IoT, Edge, AI etc…) as well as risk management, compliance and privacy.

She holds a Bachelor of Engineering in C.C.E from Notre Dame University Lebanon, a M. Sc. From Telecom SudParis and an Executive MBA focused on Innovation & Entrepreneurship from HEC School of Management.

Zeina is a member of the Atos Scientific community and a Fellow in cybersecurity. She is also a Certified Information Systems Security Professional (CISSP) and a certified ISO 27005 Risk Manager. She was the recipient of Atos Innovation trophy in 2013, was named in 2019 among the “100 fascinating Females Fighting cybercrime”, was listed in the CTO/CIO/CDO French top 10 influencers and was recognized as 2020 Cyber security leader by the Cyber Security Observatory.