The cybersecurity landscape evolves rapidly. New categories of threats arise, and threat actors learn new ways of launching and hiding their attacks.
That's why it's important to stay up to date with evolving data center security risks and trends. To provide guidance, this article unpacks the major novel security trends that could impact data centers in 2023.
1. Overstretched cybersecurity personnel
Analysts agree: Cybersecurity teams are overstretched and increasingly prone to burnout. They also tend to be understaffed.
These facts do not create specific cybersecurity risks, but they make managing data center security challenges that much harder. They may also play a role in pushing more organizations to migrate more workloads to the cloud, where there is typically a smaller attack surface for organizations to manage (since cloud providers secure the underlying cloud infrastructure).
The cybersecurity staffing shortage might also lead to increased reliance on outsourced security services, as Forbes notes.
2. Ransomware grows less prevalent – but there's a caveat
On a positive note, ransomware attacks are finally declining n frequency, at least if you measure them in terms of total attacks per year. Total breaches triggered by ransomware decreased by 41% last year, according to IBM.
That said, it remains an open question whether ransomware incidents are becoming less frequent because businesses have gotten better at defending against them, or because threat actors are now launching more sophisticated, purposeful attacks that have higher chances of success – and that are harder to defend against.
Either way, the lesson for data center admins is that continuing to invest in multi-pronged ransomware defenses – which run the gamut from strong endpoint security for servers, to network-based ransomware monitoring solutions, to anti-phishing education for users and beyond – remains critical, and that a decrease in total ransomware attack attempts shouldn't be interpreted as a sign that defenses are fundamentally stronger. The case could just be that the bad guys are now working slower but smarter, requiring data center security teams must do the same.
3. Attackers elude traditional data center security protections
Along similar lines, the general consensus among analysts is that threat actors are becoming more adept at evading traditional security protections.
For example, John Dwyer, Head of Research at IBM Security X-Force, predicts, "We expect to see cyber criminals set their sights more specifically on MFA and EDR technologies." He's referring to multi-factor authentication (MFA) and endpoint detection and response (EDR) tools, two traditional pillars of the cybersecurity arsenal.
If predictions like this are correct, data center security admins will need to work harder, and be more proactive, to defend their estate. Checking off boxes of basic security best practices, like enforcing MFA, won't be enough in a world where advanced attackers are increasingly able to anticipate and work around standard security controls.
4. Growing data center compliance challenges
Compliance mandates aren't a security risk per se, but they're proximate because compliance frameworks often impose specific cybersecurity rules that organizations must follow.
As IDC notes, compliance regulations continue to grow in complexity. New compliance frameworks, like CPRA, have come online in recent years, and existing frameworks, like PCI DSS, are in the process of being overhauled.
For businesses that manage data centers, this means that it's critical in this new year both to stay on top of changing compliance rules, as well as to deploy the expertise necessary to interpret those rules and translate them into security controls that can be implemented inside the data center.
The specific controls will vary depending on which compliance mandates a business needs to comply with, but they can range from having certain physical access controls in place, to ensuring that infrastructure is properly backed up, to implementing network-level security controls and beyond.
5. Physical data center security risks
Last but not least, as we reported last year, attacks that target operational technology inside data centers have grown increasingly problematic. When the bad guys can't break into servers or applications through digital means, they may compromise HVAC systems, power supplies and other critical resources in order to disrupt data center operations.
As a result, in 2023 and beyond, organizations will need to invest strategically in systems that help protect operational technology and guarantee physical security, like security cameras and access control readers.
None of the security trends described above are totally new. But they do reflect shifts in cybersecurity attack techniques and strategies. The trend is toward more complex and sophisticated attacks, and fewer cybersecurity personnel to defend against them. Changing compliance rules add another layer of complexity to modern data center security, as does the prevalence of attacks that target operational technology.
