How do we determine what truly matters and what is just interesting to consider? That’s the challenge we decided to evaluate when we chose to categorize common predictive trends as “Always On,” “On the Horizon,” or “Overhyped.”



We expect ransomware to remain widely used, as it’s primarily delivered via one of the most effective means of cybercrime – phishing emails – and generates solid revenue for cybercriminals.
Ransomware
Ransomware
We expect ransomware to remain widely used, as it’s primarily delivered via one of the most effective means of cybercrime – phishing emails – and generates solid revenue for cybercriminals.
Key Takeaways
- Monitor evolving tactics like double extortion, which empowers criminals to extract money from victims more effectively and with higher returns.
- Ransomware isn’t going anywhere, so plan and document how your organization will respond before a threat inevitably strikes.
Impersonations
Impersonations are continuous and growing. The Federal Trade Commission (FTC) reported “social media was far more profitable to scammers in 2021 than any other method of reaching people,” related to some form of impersonation.
Key Takeaways
- Brand impersonation can damage a company through misdirected criticism, like when victims of fake job scams blame the impersonated company.
- Impersonations can also significantly impact a brand financially despite the low upfront costs, making it an attractive method to cybercriminals.
Impersonations
Deep & dark web
Deep & dark web
Much of cybercrime is planned and monetized within the dark web – with damages averaging $6T annually and increasing, the dark web is a critical and omnipresent external threat.
Key Takeaways
- Just three prominent cybercrime marketplaces contain 5+ million digital identities for sale and 26.6 million sets of login credentials.
- The deep web comprises more than 90% of the internet, while the dark web is ~.01% of the deep web.

This is the most interesting set of considerations because the threats are here but not fully formed. They are likely to grow in ways that require they be taken seriously now and in the year ahead.
Social media volatility
Social media is an expanding battlefield, as the average internet user spends 147 minutes per day on social media sites; this will only increase as our world grows more digital.
Key Takeaways
- Influence operations, sentiment manipulation, securities fraud, and a plethora of scams will target unsuspecting social media users.
- With 128 social media platforms to consider, the social media landscape is too vast and complicated to monitor manually.
Social media volatility
Mis/Dis/Malinformation
Mis/Dis/Malinformation
Mis/Dis/Malinformation is a growth industry worth watching more closely, as it’s proven to be a significant threat to governments, having influenced popular opinion to impact foreign alliances and elections.
Key Takeaways
- With as many as 70 nation-states conducting misinformation operations, global events in 2023 are likely targets of misinformation campaigns.
- Companies including Eli Lilly, Lockheed Martin, and Starbucks were recently impacted by misinformation resulting in revenue losses.

These are topics everyone talks about even though most have no idea why (or if) we should be expending energy on them.
Nation-state threats
While nation-states represent some of the most motivated and sophisticated capabilities among threat actors, they likely aren’t your top threat as they primarily focus on targets in governments, IT, and education.
Key Takeaways
- Many state-sponsored actors rely on relatively low-tech means, such as spear phishing emails, to deliver sophisticated malware.
- Capabilities once reserved for state actors are available on the dark web for purchase, making their means less unique.
Nation-state threats
Metaverse & Web 3.0
Metaverse & Web 3.0
Metaverse and Web 3.0 are gaining interest beyond their current impact, as the majority of platforms are still geared towards teens with little relevance to corporate cybersecurity.
Key Takeaways
- Only 25% of people will spend one hour daily in the metaverse by 2026, which makes security a lower priority.
- Web 3.0 only had an estimated 50,000 users as of 2021, and estimates about future growth vary widely.
Crypto & NFT
Cryptomining was a big concern for large enterprises four years ago, but the cryptocurrency market crash reduced the payoff for setting up cryptomining operations in compromised systems.
Key Takeaways
- Monitoring corporate consumption more closely is a simple, cost-effective countermeasure to cryptomining.
- While compromises and cryptocurrency theft can impact anyone, large attacks are reserved for financial institutions and crypto exchanges.
Crypto & NFT
External attacks are the
Leading cause of breaches.
Only unified external cybersecurity can protect
you beyond the perimeter.
Social engineering
Social engineering is an evergreen opportunity for cybercriminals, as it takes advantage of one of the most complicated and most consistent security weakness in any organization: people.
Key Takeaways
Social engineering