The rapid proliferation of new attack surfaces means more opportunities for threat actors than ever before, and this will only continue as new technologies are introduced, according to Vulcan Cyber’s Cyber Risk in 2022: A 360° View report.

The report, developed by the Vulcan Cyber in-house research team, Voyager18, highlights the biggest developments and underlying narratives to cyber risk in 2022 and suggests ways to improve and maintain security posture as we enter 2023. According to the report, organizations need to be aware of the following seven trends in 2023:

1. More attacks in the cloud

Security in the cloud remains immature, with default cloud services often providing inadequate essential security functions. Threat actors are keenly aware of this, and security teams must keep up with their organizations’ appetite for cloud adoption.

2. Mobile security attack surface

With around two-thirds of the world’s population using smart devices as of 2021, it is no surprise that mobile is fast emerging as a major target for threat actors. Attackers leverage easy opportunities in e-commerce, banking and online booking applications. With mobile devices not going anywhere soon, this attack surface will only continue to grow.

3. Threat actors turn to iot

Expect to see more sophisticated and targeted attacks on Internet of Things (IoT) devices and a greater range of malicious actors targeting this technology in their attacks.

4. Healthcare sector at risk

The healthcare sector is increasingly vulnerable with more patient data being stored online and in the cloud, and the residual impact of the COVID-19 pandemic on healthcare services.

5. AI in security efforts

A welcome development for 2023 will be the increased implementation of advanced machine learning and other artificial intelligence (AI) techniques in identifying and responding to threats.

6. Users as an attack surface

An organization’s user base will remain a primary target, with threat actors leveraging phishing, social engineering, and other techniques to try to compromise the organization’s employees and their customers.

7. Diversified cyber risk requires a better solution

With the avenues of attack growing in number, IT security teams cannot rely on outdated methods to stay secure.

The report explores a number of ways organizations can meet the increased demands of the cyber risk landscape, including:

  • Making employees part of the company’s security defense
  • Keep patches up to date
  • Restrict unnecessary access
  • Implement multi-factor authentication
  • Follow industry best practices

For more information, visit