Cofense Logo - Email Security Solutions

Cyber Threats and Industry Shifts: Our Experts Predict 2023 

Share Now


In a time of economic uncertainty and geo-political instability, organizations must adopt a forward-thinking approach to cybersecurity to stay a step ahead and avoid costly breaches. According to IBM, the average cost of a breach in 2022 is $4.35 million. Email continues to be the primary attack vector and investment in email and endpoint security must remain a top priority.

Cofense’s intelligent email security solutions, powered by crowdsourced intelligence and machine learning, offer a unique perspective on current and emerging threats. Our research teams analyze millions of emails flagged by our global network of 35+ million human reporters. The data received shines a spotlight on the ever-evolving threat landscape and the specific threats targeting our customers’ environments. It is this insight that shapes the security solutions that keep our customers safe.

Looking ahead to 2023, here are our top threat and industry predictions to help inform your security decisions:

Rohyt Belani, Chief Executive Officer and Co-Founder

1. Cybersecurity will not be immune to the recession.
In 2023, we will see fewer resources and tighter security budgets in corporate settings thanks to economic uncertainty, resulting in subpar security posture across organizations. Because of this, threat actors will capitalize on this asymmetry and evolve faster, creating the perfect storm for an amplified number of breaches across all vectors in 2023, especially email attacks.

2. Email security and endpoint security will be at the top of the CISO’s wish list.
The CISO’s role is all about prioritization, especially as they face economic pressures and uncertainty. When looking at the threat landscape, more than 90% of an organization’s threats come in via email and end at a system’s endpoint. As CISOs plan for 2023, email and endpoint security will be on the top-3 list of priority security solutions they invest in and are areas that they are not willing to compromise on.

3. Cyber insurance providers will look at an organization’s bloodwork to underwrite policies.
Today, cyber insurance policies are developed very naively – looking at the organization’s number of employees and revenue alone to build premiums, but this does not provide an accurate view of a company’s security posture. As vendors and cyber insurance providers work together in 2023 to converge on the best way to underwrite a cyber insurance policy, they will begin to look at a “company’s bloodwork.” This will include meaningful metrics that are demonstrative of the maturity and resilience of the organization’s cybersecurity posture, much like what is done for an individual’s life insurance policy.

Tonia Dudley, Vice President, Chief Information Security Officer

4. The reliance on crowd-sourced threat intelligence will increase significantly.
As threat actors continue to share what works on their side in terms of attack vectors and tactics, security leaders and cybersecurity organizations will increase their communication with each other in 2023 on what is working best to defend against threat actors. This crowd-sourced threat intelligence will allow organizations to learn how to better defend themselves.

5. BEC will see a continued rise, especially employee impersonation fraud.
Attacks have made a clear list of what tactics work over the years and always defer back to what is successful for quick and easy money. Leveraging this strategy, attackers will place increased efforts on business email compromise (BEC) attacks like employee impersonation fraud. Many organizations lack security protocols for reviewing items, like invoices, that seemingly look like they are coming from a vendor. Not only are these tactics quick wins, but they are also often almost untraceable.

Josh Bartolomie, Vice President, Global Threat Services

6. There will be a mass consolidation across email security, leading to an increase in attacks.
There is a common 5-year pattern when it comes to the consolidation of tools that we see across the security market. This pattern is due to economic fluctuation, business shifts and simply because people’s memories are short when it comes to past major breaches. As economic uncertainty continues in 2023, the pattern will rise again. Organizations will decide that their email security tools are enough and forgo additional vendors, leading to an increase in attacks that do not get blocked.

7. Ransomware will see a new boom as tensions between Russia and Ukraine continue.
As the conflict between Russia and Ukraine continues, we will see Russian threat actors double down on ransomware efforts as physical, on-the-ground tactics see little return. To make an even greater impact, threat actors will target countries that support Ukraine to “punish” their allegiance to the country, targeting critical infrastructure like healthcare and energy.

Ronnie Tokazowski, Principal Threat Advisor

8. Romance scams and consumer fraud will run rampant in 2023 to secure big phish.
Threat actors will lean in on romance scams, where cyber criminals adopt a fake online identity to gain a victim’s affection and trust, and large-scale consumer fraud in order to reap massive profits in the new year. And while there won’t be a massive change in BEC attack tactics, which have run rampant in 2022, we’ll specifically see an increase in pig butchering scams, a form of romance scam that convinces victims to invest in cryptocurrency platforms.

For additional explanation of these predictions watch our on-demand webinar where Cofense CISO, Tonia Dudley, and VP of Global Threat Services, Josh Bartolomie, give their expert insights, and more. The full report is available here for downloading.

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks.

The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.


We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.

This site is registered on as a development site.