Cybersecurity Predictions for 2022

Cybersecurity-predictions-for-2022
  • Explore industry expert predictions on what’s in store for cybersecurity in 2022.
  • Cyber-attacks have remained a key concern throughout the COVID-19 pandemic. With 2021 now over, what does the new year have in store for  cybersecurity?
  • We’ve collected predictions from industry experts, including HelpSystems’s Joe Vest, Gemserv’s Andy Green and more.

With many businesses continuing to work from home where possible and settling into a more hybrid style of work, cybersecurity has been a key concern across a range of industries.

Here, we’ve collected opinions from industry experts on what they predict 2022 has in store for cybersecurity.

 

Our Panel of Experts:

  • Jason Stirland – CTO at DeltaNet International
  • James Weaver – Director Product Marketing at Cradlepoint
  • Joe Vest – Tech Director at Cobalt Strike by HelpSystems
  • Tom Huntington – Executive Vice President of Technical Solutions at HelpSystems
  • Brian Pick – Managing Director of Managed File Transfer at HelpSystems
  • Andy Green – CISO at Gemserv
  • Hannah Hart – Technology Writer at ProPrivacy
  • Francis Cianfrocca – CEO of InsightCyber
  • Richard Lane – CEO of EBC Group
  • Adam Bradshaw – Commercial Director at ServerChoice
  • Steven Malone – VP of Product Management at Egress
  • Tony Pepper – CEO at Egress
  • Leif-Nissen Lundbæk – Co-Founder and CEO at Xayn
  • Michael Sentonas – Chief Technology Officer at CrowdStrike
  • Eyal Elyashiv (CEO) & Dr. Aviv Yehezkel (CTO) – CEO, CTO and Co-Founder of Cynamics
  • Tisson Mathew – CEO of SkyPoint Cloud
  • Nick Graham – CTO of Hicomply
  • Chandra Kalle – Vice President of Engineering at LeanTaaS
  • Steve Harvey – CEO at BitSight
  • Lisa Sotto – Head of The Global Privacy and Cybersecurity Practice at Hunton Andrews Kurth LLP
  • Travis Hoyt – CTO at NetSPI
  • Florindo Gallicchio – Managing Director and Head of Strategic Solutions at NetSPI
  • Charles Horton – Chief Operations Officer at NetSPI
  • Nabil Hannan – Managing Director at NetSPI
  • Bernard Montel – EMEA Technical Director and Cybersecurity Strategist
  • Lukas Kingadner – CEO of Anyline
  • Adam Belsher – CEO of Magnet Forensics
  • Stefan Auerbach – CEO at Utimaco
  • Bronwyn Boyle – Chief Information Security Officer at Mambu
  • Ms. Fariha Rizwan – Group Head of IT at Z2C Limited
  • Maciej Markiewicz – Cyber Security Lead at Netguru

 

For any questions, comments or features, please contact us directly.

 

techround

 

Jason Stirland, CTO at DeltaNet International

 

Jason-Stirland

 

Phishing Attacks to Surge: “Phishing is not going away anytime soon, and attackers will keep finding ways around new policies or procedures that are put in place.”

“As a result, cybercriminals will continue to capitalise on the effects of the pandemic and have learnt this method is effective and pays well. With phishing attacks becoming increasingly sophisticated, there be a rise in email chain hijacking or conversation hijacking. This type of phishing involves cybercriminals replying to existing email chains, where they embed malicious links or attachments within them, and these emails are sent via the organisation’s actual servers, which makes them harder to spot.”

“One of the best ways to combat any phishing attack is by regularly educating, updating and testing employees. If employees who are at the front line of an organisation’s interface can spot a phishing attack, this takes away a great deal of power from the attacker.”

Reinforce remote/hybrid working security procedures: “Remote working has become normalised. Now, cybercriminals will be looking to exploit organisations that may have rushed their implementations of systems to support remote working initially when the pandemic began. These exploits might include policies such as not implementing multi-factor authentication, using weak protocols for file sharing and poor encryption. Organisations must ensure that data that was once only accessible via internal measures but has now been made remote; is encrypted both at rest and in transit, preferably by a reliable, secure VPN provider.”

“On the flip side, attackers will be further looking to exploit those organisations that implemented two-factor authentication (2FA). 2FA is fast becoming the new norm for end-users, with tech giants such as Facebook and Google using it as default in some of their solutions. Attackers will be increasingly using this to perform ‘man in the middle’ attacks, which use phishing methods to trick users into going to fraudulent websites, gain their 2FA authentication information and then bypass the user’s 2FA. While organisations should ensure they are implementing 2FA, they must not forget to educate their users on spotting a phishing email or message when they receive one.” 

 

James Weaver, Director Product Marketing at Cradlepoint

 

James-Weaver-Cradlepoint

 

“Securing network devices on the network edge is becoming more critical for businesses of all types, from coffee shops to first responders and remote workers. Wi-Fi has become the norm and guests and employees alike expect it wherever they go. However, spread across multiple locations, this expanded network can be incredibly difficult for IT teams to manage and secure.”

“This is where 5G will help. Along with native security advancements that come with 5G, higher performance and lower latency with provide the head room to run more advanced security diagnostics. Cloud-based security services becomes a practical reality from larger sites to small but numerous IoT connections. For IoT, this allows for a smaller form factor, and less processing requirements on the device. By deploying these new 5G technologies, businesses will be more flexible and dynamic, whilst still allowing cybersecurity teams to secure these large, distributed networks.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Joe Vest, Tech Director at Cobalt Strike by HelpSystems

 

Joe-Vest

 

“The prevalent cybersecurity testing model that I call, ‘find the bad, fix the bad,’ will continue to dominate in 2022, and many organisations will remain steps behind the threat. If we could patch our way out of this problem, we would’ve solved security many years ago. Unfortunately, much of the advice and testing models keeps us steps behind the threat. There’s a great deal of time, money and energy spent designing and operation a security operations program. By only concentrating on fixing flaws, we just measure our ability to prevent – and 100% prevention is unrealistic. The motto, ‘prevent first, detect always,’ must be adopted as a core preset for secure security operations programs. Remember, the goal of security is not to stop a hack. The goal is to prevent, detect and respond to a threat actor before they successfully achieve their goal. It’s time we pushed back on the threat and moved beyond fixing the flaws.”

 

Tom Huntington, Executive Vice President of Technical Solutions at HelpSystems

 

Tom-Huntington

 

“There’s a shortage of IT staff in the cybersecurity industry. We know that CISOs and other cybersecurity professionals are really trying to staff up their team to help combat all the bad hackers around the globe. I’m thinking that as we roll through 2022 that one of the better practices would be to apply automation – things like robotic process automation, workload automation, enterprise scheduling – those kinds of practices should be used as we look at mundane, repetitive cybersecurity processes that we’re doing, and we may be able to augment the shortage in staff with a good set of automation products alongside of cybersecurity.”

“2022 is the year that C suite recognise that they are getting further and further behind on their security projects. They’ll start to turn to RPA (Robotic Process Automation) and enterprise automation to help their teams become more productive in the battle against the cybercriminals. If they cannot hire talent, automation allows them to augment this deficiency. This effort takes SOAR (security orchestration automation and response) to a new level.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Brian Pick, Managing Director of Managed File Transfer at HelpSystems

 

Brian-Pick

 

“Organisations will continue to look closely at how to minimise any type of data breach. This includes a close examination of how they are exchanging data/files with third parties. For example, we’re seeing a lot of inquiries that relate to organisations taking a closer look at any processes that require someone to manually secure a file before it’s exchanged. This could include having a programmer write a script to transfer a file securely or someone using a PC application to encrypt the file first before sending it. Security personnel are looking for a consistent, reliable and auditable process for securely exchanging files that help prevent data.”

 

Andy Green, CISO at Gemserv

 

Andy-Green-Gemserv

 

ZTA and SASE models will gain significant traction to support hybrid working: “2021 was expected to be the year when we all returned to normal working practices and business as usual, but as we saw just last week, the Prime Minister’s Plan B mandates that we continue to work from home where possible. Therefore the disruption to traditional working practices continues and the trend towards greater decentralisation is set to continue into 2022.”

“What does this mean for security? Two of the key security models that will meet the new hybrid working paradigm and consequently will see significant traction in 2022 are Zero-Trust Architectures (ZTA) and Secure Access Service Edge (SASE).”

“Zero-Trust Architectures are designed to focus security on per-request access decisions and is particularly well suited to architectures that have significant cloud services. SASE takes this further and incorporates next-generation networking capabilities including SD-WAN. We predict that many organisations will realise the benefits of moving security controls and countermeasures out of legacy data centres and into the cloud and this will lead to consolidation of these technologies into cloud-native security portfolios comprising of Secure Web Gateways (SWG), Firewall as a Service (FWaaS), Identity as a Service (IDaaS) and Cloud Assess Security Broker (CASB), for example.”

Agility will be key to countering zero-day exploits and ransomware attacks: “Next year will see cyber attacks continue to evolve. Supply Chain attacks will continue to be a key attack path of choice for malicious groups. Hybrid working has also increased the potential attack surface as new applications are being used for conducting business such as cloud apps and collaboration platforms. This combined with the proliferation of hacking tools may lead to an increase in the number of exploits (including zero-day exploits) used to compromise systems. 2021 saw almost double the number of zero-day exploits compared to 2020, and the highest number ever on record.”

“Another trend that is almost certain to continue is the evolution and prevalence of ransomware attacks. 2021 saw exponential growth in ransomware and this is set to continue well into 2022. Multi-staged attack chains will become more prevalent in the delivery of ransomware, for example phishing attacks, leading to malware loaders, to secondary loaders and information stealers and onto ransomware. (i.e. Phishing – Emotet – Trickbot – Ryuk). In the face of this increased number of infections and ransoms, we can expect to see cyber insurance premiums continue to surge – we saw increases of over 50% last year as insurers seek to keep pace with the claims.”

“Overall, the key maxim in security for 2022 will be agility. Ensuring agile security strategies are in place that allow for your organisation to adapt and respond to the uncertain year ahead will be paramount.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Hannah Hart, Technology Writer at ProPrivacy 

 

Hannah-Hart-ProPrivacy

 

“2021 was a bumper year for cybercrime, with around 30,000 websites hacked each day, according to TechJury. These digital attacks targeted everyday users as well as giants, like Microsoft, SolarWinds, and Colonial Pipeline – and 2022 will no doubt have its own share of security threats.”

“The continued prevalence of ransomware will be one of 2022’s most worrying trends. With the globe spending a lot more time on the internet, thanks to the pandemic, crooks behind ransomware attacks will continue to leverage phishing campaigns to take advantage of this increased digital audience. As the name suggests, ransomware attacks seal away a user’s files and threaten to destroy or publish the information unless they pay up – usually via cryptocurrency or a similar traceless method. Ransomware attacks are incredibly lucrative, and will continue to blight our digital landscape – especially as cybercriminals become better at negotiating with victims.”

“Similarly, we can expect to see the number of supply-chain ransomware attacks grow. These campaigns can affect hundreds, if not thousands, of end companies in one fell swoop, and cybercriminals are not above taking advantage of ongoing supply shortages to maximise their own profits.”

“Unfortunately, the extortion is unlikely to stop there. Ransomware-as-a-service, or RaaS, is a serious money maker for cybercriminals across the globe. Again, the crooks behind these attacks are unlikely to be deterred by government involvement to defend more critical infrastructures and organisations. Instead, cybercriminals will switch their attention to these smaller businesses, which can provide similarly lucrative payouts.”

“A more hopeful trend to be on the lookout for during 2022 is a switch to zero trust security strategies. This cybersecurity model emphasises a strong adherence to acquiring verification before granting access, both within and without an organisation’s system – making it much harder for cybercriminals to target and take advantage of any vulnerabilities.”

 

Francis Cianfrocca, CEO of InsightCyber

 

Francis-Cianfrocca

 

Where will 2022 cyberattacks strike? “In 2022, ransomware and other devastating cyberattacks are going to focus more and more on Operational Technologies (OT), such as pipelines and infrastructure, for one simple reason: they are fundamentally vulnerable in ways that software and traditional IT systems are not. Businesses are scrambling to find new approaches to cyber-physical security because the status quo is based primarily on known problems and past attacks, and that keeps security teams perpetually one step behind.”

What will business leaders be doing to prepare? “Our advice to any business leader with significant investments in OT and IOT is to explore new approaches that complement existing defences. Look less to the past and focus more on the present. Continuous, real-time monitoring of all physical assets is a powerful way to get one step ahead—using AI to spot the tiny anomalies in device behaviour that can signal that an attack is either imminent or underway.”

What will happen when Log4j impacts our infrastructure? “The potential devastation that can result from the Log4j vulnerability is deeply concerning. While the flaw enables hackers to gain access to servers and applications, it also potentially enables them to take over OT and IoT devices thanks to corporate IT and cloud app ‘jump over.’ To mitigate this type of risk, enterprises need to go beyond traditional cyber security and prioritise new approaches to risk management. Continuous monitoring, powered by AI, is a good starting point. Additionally, companies should employ methodologies such as Zero Trust or reference models that enable an extremely granular, real-time understanding of activities in their environments to minimise the risk of cross contamination between IT and OT.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Richard Lane, CEO of EBC Group

 

Richard-Lane-EBC-CEO

 

“In 2022, ransomware attacks are likely to increase at a significant rate and affect a wider range of organisations.”

“Ransomware gangs have become more sophisticated and are using a wide range of methods to attack, including Remote Desktop Protocol (RDP) Email Phishing, and Distributed Denial-of-Service (DDoS).”

“The growth of Ransomware as a Service (RaaS) in 2021 has enabled criminal gangs to recruit affiliates to use their pre-developed ransomware tools to execute attacks. With RaaS hackers no longer requiring a high level of technical skill, it empowers even inexperienced hackers to launch sophisticated attacks.”

“Ransomware hackers are also becoming more aggressive in both their demands and negotiations, leaving organisations without protection at their mercy. Once they have successfully initiated an attack, hackers are increasingly also extorting the organisations other business partners whose data it holds, in order to disrupt the supply chain.”

“The move over the past 2 years to remote and hybrid working has left many organisations more vulnerable to cyber security attacks than ever before. Having an adequate level of end-user protection such as multi-factor authentication and access controls is vital.”

“Worryingly, we are still finding that many organisations are complacent regarding the cyber security threats they are likely to face in 2022, believing that it’s unlikely to happen to them. However, we are seeing an increasing number of attacks on organisations of all types. Every business regardless of size and industry needs to be strengthening its security measures and understand that implementing an adequate level of cyber security protection as well as having Backup and Disaster Recovery provision is critical.”

 

Adam Bradshaw, Commercial Director at ServerChoice

 

Adam-Bradshaw

 

“The continued frequency of cybersecurity incidents into 2022 is only going to serve to accelerate this trend. Cybersecurity measures are going to be taken as seriously as it deserves to be in the new year, rather than being treated as a monotonous annual training exercise. Alongside this greater awareness, businesses will be looking to boost their infrastructure’s resilience to these bad actors, primarily through storing their mission critical applications in more IT environments onsite or at small scale datacentres.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Steven Malone, VP of Product Management at Egress

 

Steve-Malone-Egress

 

“Cyber training programmes will hit their limit in 2022. Cyberattacks have already outpaced the defence that security awareness training (SAT) can deliver. Despite continued investment in SAT, people continue to pose the biggest cybersecurity risk – and security teams are realising that training isn’t enough to solve the problem. Instead, there will be a focus on de-risking behaviour in place using technology, to provide a safety net for employees as they carry out their work.”

“In 2022 we’ll see a disappointing but inevitable continuation of attack vectors that have been plaguing businesses for years. Ransomware, phishing and social engineering attacks will all continue to increase. Major ransomware attacks will continue to dominate the headlines, with criminal gangs trying out new and increasingly inventive ways to turn the screws on their victims. Popular tactics include making threatening calls to company employees, and leaking or selling the organisation’s sensitive data online. In response to this, we’ll see a renewed focus on preventing ransomware – and because over 90% of malware is delivered via email, organisations will ramp up their anti-phishing defences.”

 

Tony Pepper, CEO at Egress

 

Tony-Pepper-Egress-CEO

 

“After the major supply chain hacks of 2021, the supply chain will become least trusted channel and this will drive adoption of zero-trust methodologies. However, buyers should beware vendors that claim to singlehandedly solve zero trust – instead, organisations will need to layer combinations of technologies to truly achieve it.”

“In 2022 we’ll see a rise in multi-vector attacks. We’ve already seen hackers combining phishing, smishing and vishing, and the next step will be include collaboration platforms. Hybrid work has created huge demand for collaboration tools, and they can be a treasure trove of company data that is often unsecured. Hackers will always follow current trends, and they know to take advantage of changes in the way that organisations store their data, so I expect that we’ll see a rise in attacks targeting these platforms.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Leif-Nissen Lundbæk, Co-Founder and CEO at Xayn

 

Leif-Nissen-Lundbæk-Xayn

 

Growing awareness surrounding cybersecurity: “The most significant factor for change in 2022 started well prior to New Year’s Day: the public’s growing awareness of cybersecurity and digital privacy issues. These topics have leapt from the tech expert realm into the public sphere. More people are paying attention to the technology behind the services they use, which is likely motivated by the large number of privacy-related tech scandals covered extensively in the media in recent years. It’s led to an increase in not just awareness but in actual downloads of secure alternatives to popular apps. This will continue in 2022.”

Companies will need to adapt to changing user behaviour: “The growing public awareness of security and privacy issues also means that companies will have to adapt. Users are growing more critical of companies that ‘privacy-wash’ their invasive services with marketing campaigns while sticking to old practices. Data-driven industries will have to react to this trend by investing in technologies that work with more transparency. Technologies with built-in, device-level privacy such as decentralised/edge AI or masked federated learning and analytics offer convenient solutions and could establish new industry standards this year.”

The post-pandemic world: “We’re all eager to leave the pandemic behind. Whenever that happens, some of the changes it brought to our professional lives will remain, such as remote and hybrid work structures. On the one hand, this means that cybercrime will potentially continue to prosper. On the other hand, working from home has made more people outside of the tech sphere familiar with IT jargon and tools to protect their privacy: one-time passwords, two-factor authentication, Bring Your Own Key to the cloud, and so on. People will transfer these new skills such as 2FA into their private lives, accounts, and devices for better all-around protection.”

 

Michael Sentonas, Chief Technology Officer at CrowdStrike

 

Mike-Sentonas

 

Ransomware double extortion gives rise to “extortion economy”: “This past year, we saw the rise of the double extortion ransomware model, in which threat actors will demand one ransom for the return of the data and an additional ransom on top to prevent the data from being leaked or sold. However, in 2022, we expect to see the extortion/exfiltration side of ransomware achieve even higher levels of sophistication, possibly with a shift away from encryption to a sole focus on extortion.”

“We’re seeing an entire underground economy being built around the business of data exfiltration and extortion. Data-shaming websites are popping up like street-corner storefronts, providing a hub for ransomware groups to post and auction stolen data that’s being held ransom. These ransomware groups are revamping their entire infrastructure of tactics, techniques and procedures (TTPs) to hone in on more effectively exfiltrating and selling stolen data. Even if the threat actors can’t get their ransomware to execute past the encryption stage, they’ll pivot and find other ways to gain access to the data to sell for a profit anyway.”

“In today’s world, if you get hit by ransomware, you can expect to get hit by double extortion. And, ransomware actors will continue to innovate and evolve to find new ways to monetise their victims.”

 

 

Eyal Elyashiv (CEO) & Dr. Aviv Yehezkel (CTO), CEO, CTO and Co-Founder of Cynamics

 

Eyal-Elyashiv-&-Aviv-Yehezkel

 

“Threats to the network continue to grow more sophisticated: Businesses and governments are in a vulnerable state. With cyberattacks proliferating every industry and at greater speed, scale and sophistication, organisations need to make bold moves to succeed in this fight. Cybercriminals are opportunistic and during the pandemic, they were able to capitalise on the fact that critical infrastructure had to move operations online nearly overnight. Organisations need to utilise protection capabilities to bridge that gap created in the rapid transition to the cloud during COVID-19.”

“Attackers, terrorist groups and political activists are going to be using advanced technological capabilities to progress their agendas and carry out more sophisticated and widespread attacks than when business and the global economy were in survival mode. In the coming year, we’ll see more of this taking place. Cybercrime is an iterative process; just as our solutions and technologies get smarter, so do the very criminals who seek to take down corporations and governments for ransom.”

“Bad actors will take greater advantage of AI: Just like organisations are using AI to cut through the noise and provide predictive rules – curating intelligence beyond what the human brain is capable of – cybercriminals are also taking advantage of this technology. AI can be found on both sides of the coin; AI is arming opportunistic bad actors with the intelligence needed to study and target organisations through things like random memory attacks, identification of specific vulnerabilities, exposing weaknesses, and launching custom attacks that go undetected due to no actual misconfiguration. Organisations need to fight machines with machines to overcome, outsmart, and dead end these attackers.”

“The need for total visibility will be top of mind for network security operators: In the never-ending game against cybercriminals, network security operators must continuously monitor the landscape. But they’re burdened with using a myriad of tools that require integrations, knowledgeable personnel to manage and update systems. This is cumbersome, time-consuming, expensive, and if not closely monitored, could expose backdoors. Network operators must keep pace with advanced technologies and interconnectedness, but this leads to an increase in the attack surface, network complexity, and progresses the thread landscape due to potential vulnerabilities and exposed backdoors. It’s impossible for businesses and governments to get ahead of the curve when they’re deploying reactive cybersecurity — which is riddled with holes, exhaustive, costly, and not a long-term solution to an ever-ending problem.”

 

Tisson Mathew, CEO of SkyPoint Cloud

 

Tisson-Mathew

 

Privacy as a Human Right: “The internet itself is becoming more private. We see systems with less personal information stored, less of a focus on social security numbers, and the removal of a consistent ID. Data systems are evolving to have a higher degree of privacy to better serve their customers. We have already seen this with Apple who developed the technology to send a unique email address for every email sent out from their system. We will continue to see new developments in 2022 for data privacy as customers continue to demand increased privacy for all of their personal data.”

Breaking Down Data Silos: “Bringing siloed data together and analysing it helps experts identify areas of need without infringing on customer privacy. We will see a larger demand for this in 2022 as health analysts, specifically, continue to examine population-level needs, especially during the Covid-19 pandemic. This could not be done with typical, siloed legacy storage – in 2022 companies will migrate to data platforms to better understand their data while protecting their users’ privacy.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Nick Graham, CTO of Hicomply

 

Nick-Graham

 

Compliance: “SMEs often limit their market by putting off cyber security compliance – many lack the knowledge, skills and resources to undertake the compliance needed to sell into government or enterprise customers. These customers, such as businesses in highly regulated industries like finance, now require proof of data security certification, so the opportunity for those SMEs that have these certifications is huge. Using an infosec compliance platform makes compliance achievable, with limited resources and budgets.”

Staff training: “Cybersecurity is becoming a responsibility that is less centralised to one person or department. In fact, in a survey of senior leaders within SMEs run by YouGov, 70% of respondents agreed that ‘everyone in their organisation understands that they are, to a certain extent, individually responsible for cyber security’. Making sure all staff are aware of their responsibilities, and that they are aware of and can deal with threats such as phishing and other human engineering threats, will be a top priority.”

Process formalisation: “Due to the nature of SMEs, processes can be ever-evolving and sometimes irregular. Formalising critical business processes will help businesses gain cybersecurity compliance, and also improve efficiency and trust in the company.”

Business continuity planning: “Covid has taught us that disasters can strike without warning – those businesses that planned for fire and flood type issues will have fared well over the last two years. Business continuity planning is less likely to currently be in place for SMEs, but will certainly be a priority for leaders to focus on over the coming year.”

Supplier compliance: “A chain is only as strong as its weakest link, so ensuring suppliers carry the compliance needed by customers is critical for SMEs. Any suppliers that impact service availability or handle data on a company’s behalf need to be compliant with the same security standards as the business itself, such as ISO27001 and SOC 2. This will undoubtedly be a focus going into 2022.”

 

Chandra Kalle, Vice President of Engineering at LeanTaaS

 

Chandra-Kalle

 

Advanced social engineering attacks: “We are seeing more and more cases of criminals doing a lot of research and targeting specific individuals in companies with carefully crafted socially engineering tricks to obtain unauthorised access to systems and stealing data. With worth from home becoming more prevalent, this will continue to increase in scale and sophistication.”

Supply chain and devops tooling attacks: “This year we’ve seen a new trend where attackers are placing malware in the software supply chain and amplifying their attacks. Cloud deployments are complex, still nascent in their evolution, and lack comprehensive decsecops tooling. So this trend is likely to continue and poses a huge risk.”

Cloud configuration exploits: “In line with the second point above, setting up and configuring cloud infrastructure is complex and filled with vulnerabilities that can lead to inadvertent exposures such as a leaky S3 bucket exposed publicly. In the past few years, this has been a major source of breaches and this is likely to be the case next year as well.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Steve Harvey, CEO at BitSight

 

Steve-Harvey

 

“After a wash of catastrophic ransomware attacks in 2021, business leaders will need to rise to mounting pressure from investors and partners to not only prioritise cybersecurity, but to put a dollar figure to the risk the organisation faces. It’s an existential imperative that will be felt at the board level; in 2022, financial diligence means quantifying and accounting for cyber risk. If this year’s countless headlines about high-profile hacks serve one positive purpose, it’s that businesses can no longer ignore that a cyber incident can materially impact revenue and financial performance as well as irreparably damage a brand.”

 

Lisa Sotto, Head of The Global Privacy and Cybersecurity Practice at Hunton Andrews Kurth LLP

 

Lisa-Sotto

 

“Ransomware attacks will continue unabated in 2022. Cyber criminals will continue to operate with impunity in countries that do not seek to restrict their activities, allowing them to function unimpeded. In the U.S., the Biden Administration will impose new and enhanced security requirements on various industries. In 2021, the Administration focused on pipeline operators; in 2022, we will see other industry sectors, such as surface transportation, hit with security directives that will require serious efforts to enhance existing safeguards.”

“Every company, regardless of industry sector, will need to be laser-focused on strengthening their security measures. Boards of directors and c-suites alike have come to understand that the basic protections, such as multi-factor authentication, patching and access controls, are critical – and that cyber crime could pose an existential risk. In 2022, boards will be honing their cyber oversight skills and putting management through their paces to help ensure that strong cybersecurity measures are in place. With no end in sight to the scourge of ransomware and other cybercrime, 2022 is bound to bring even more sophisticated – and devastating—attacks on U.S. businesses that are unprepared.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Travis Hoyt, CTO at NetSPI

 

Travis-Hoyt-CTO

 

Attack surface management: “As organisations continue to become more reliant on SaaS technologies to enable digital transformation efforts, the security perimeter has expanded. Organisations now face a new source of cybersecurity risk as cybercriminals look to exploit misconfigurations or vulnerabilities in these SaaS technologies to wage costly attacks. In 2022, we can expect that organisations will become more focused on SaaS posture management and ensuring that their SaaS footprint is not left open as a vector for cyberattacks. This trend will be further accelerated by the insistence of insurance providers that organisations have a detailed understanding of their SaaS deployments and configurations, or face higher premiums or even a refusal of insurance altogether.”

Next generation architectures open new doors for security teams: “Interest in distributed ledger technology, or blockchain, are beginning to evolve beyond the cryptocurrency space. In 2022, we’ll begin to see the conversation shift from bitcoin to discuss the power blockchain can have within the security industry. Companies have already started using this next generation architecture, to better communicate in a secure environment within their organisations and among peers and partners. And I expect we’ll continue to see this strategy unfold as the industry grows.”

CFOs will make or break ransomware mitigation: “For too long, companies have taken a reactionary approach to ransomware attacks – opting to pay, or not pay, after the damage has already been caused. I expect to see CFOs prioritising conversations surrounding ransomware and cyber insurance within 2022 planning and budgetary meetings to develop a playbook that overalls all potential ransomware situations and a corresponding strategy to mitigate both damage and corporate spend. If they don’t lead with proactivity and continue to take a laggard approach to ransomware and cyber insurance, they are leaving their companies at risk for both a serious attack and lost corporate funds.”

 

Florindo Gallicchio, Managing Director and Head of Strategic Solutions at NetSPI

 

Florindo-Gallicchio

 

Cybersecurity budgets will rebound significantly from lower spend levels during the pandemic: “As we look to 2022, cybersecurity budgets will rebound significantly after a stark decrease in spending spurred by the pandemic. Ironically, while COVID-19 drove budget cuts initially, it also accelerated digital transformation efforts across industries – including automation and work-from-home infrastructure, which have both opened companies up to new security risks, leading to higher cybersecurity budget allocation in the new year. Decisions are being made in Fortune 500+ companies with CFOs on the ground, as these risk-focused enterprises understand the need for larger budgets, as well as thorough budgeted risk and compliance strategies. Smaller corporations that do not currently operate under this mindset should follow the lead of larger industry leaders to stay ahead of potential threats that emerge throughout the year.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Charles Horton, Chief Operations Officer at NetSPI

 

Charles-Horton

 

Company culture could solve the cybersecurity hiring crisis: “It’s no secret that cybersecurity, like many industries, is facing a hiring crisis. The Great Resignation we’re seeing across the country has underscored a growing trend spurred by the COVID-19 pandemic: employees will leave their company if it cannot effectively meet their needs or fit into their lifestyle. From a retention perspective, I expect to see department heads fostering a culture that’s built on principles like performance, accountability, caring, communication, and collaboration. Once this team-based viewpoint is established, employees will take greater pride in their work, producing positive results for their teams, the company and themselves – ultimately driving positive retention rates across the organisation.”

 

Nabil Hannan, Managing Director at NetSPI

 

Nabil-Hannan

 

2022 is the year for API security: “In 2022, we will see organisations turn their attention to API security risks, deploying security solutions and conducting internal audits aimed at understanding and reducing the level of risk their current API configurations and deployments create. Over the past few years, APIs have become the cornerstone of modern software development. Organisations often leverage hundreds, and even thousands, of APIs, and ensuring they are properly configured and secured is a significant and growing challenge. Compounding this issue, cyberattackers have increasingly turned to APIs as their preferred attack vector when seeking to breach an organisation, looking for vulnerable connection points within API deployments where they can gain access to an application or network. For these reasons, securing APIs will be a top priority throughout 2022.”

The Skills Shortage Will Continue Until Hiring Practices Change: “In 2022 the cybersecurity skills gap will persist, but organisations that take a realistic approach to cybersecurity hiring and make a commitment to building cybersecurity talent from the ground up will find the most success in addressing it. The focus in closing the skills gap often relies on educating a new generation of cybersecurity professionals through universities and trade programs, and generally encouraging more interest in young professionals joining the field. In reality, though, these programs will only have limited success. The real culprit behind the skills gap is that organisations often maintain unrealistic hiring practices, with cybersecurity degrees and certification holders often finding untenable job requirements such as 3+ years of experience for an entry level job.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Bernard Montel, EMEA Technical Director and Cybersecurity Strategist

 

Bernard-Montel

 

Critical infrastructure attacks will get physical: “2021 saw a dramatic uptick in threat actors not just looking to steal information but actually cause physical disruption to our daily lives. Telecoms, financial institutions, retailers and energy providers are just some of the sectors that faced an onslaught of malicious activity with services impacted. Threat actors don’t just target operational technology (OT), relied upon by critical infrastructure, but will look to compromise IT systems that then allows them to move laterally and impact other areas of the business. In fact, Solarwinds is the poster child example of attacks that hit IT infrastructure and then laterally migrate to OT infrastructure, thus impacting both.”

“While critical infrastructure was previously the focus of nation state attacks, or even hacktivism, that has now evolved. Instead we’re witnessing an increase in cyber criminality and the monetisation of attacks against OT. In the majority of cases, the attack mechanics aren’t super sophisticated, never-before-seen techniques. It’s the basics that are still tripping organisations up. In 2022, adversary groups will continue to adopt a strategy for launching low cost, high impact (LoCoHimp) attacks – particularly ransomware which has proved effective in crippling operations. To thwart their efforts, it’s imperative organisations take precautions to adequately ensure that their third-party vendors are secure and implement audited industry best practices. Security teams need to utilise security solutions that provide appropriate visibility, security and control across the converged infrastructure.”

 

Lukas Kingadner, CEO of Anyline

 

Lukas-Kinigadner-Anyline-CEO

 

“2022 is that year that ‘two-factor’ will become far too little for any company serious about cybersecurity. Two-factor (2FA) authentication methods like one-time passwords, confirmation emails and SMS messages are still widely used by banks and other high-security institutions, simply because they are quick and easy for customers to use. But they’re also laughably easy to defeat.”

“The number of high profile data breaches caused by 2FA grows every year, as hackers can now easily bypass them through phishing, reverse proxy techniques and SIM swapping. For any business or institution offering an on-app registration and customer verification, the minimum standard of security should include multiple forms of identity authentication.”

“This can be achieved by combining OCR-powered ID scanning with biometrics, such as face authentication and liveness detection technology. However, companies should ensure that new digital identity solutions incorporate 3D rather than 2D face matching, as the latter lacks depth detection and can also be defeated using photos or videos.”

For any questions, comments or features, please contact us directly.

 

techround

 

Adam Belsher, CEO of Magnet Forensics

 

Adam-Belsher-Magnet-Forensics-CEO

 

“In 2021, we saw more enterprises transition to the cloud to support remote and hybrid work models. Unfortunately, cybercriminals quickly turned their sights to the cloud and successfully exposed its vulnerabilities. Between October 2020 and October 2021, 40 per cent of organisations experienced a cloud-based data breach. Data breaches involving compromised cloud assets are now more common than those involving on-premises assets.”

“With cloud adoption expected to continue to increase, I expect cybercriminals will continue to actively scan for weaknesses and expose them in 2022 and that another spike in data breaches associated to the cloud is all-but inevitable. Many of the vulnerabilities being exposed are easily avoidable. That’s why it’s important that organisations demonstrate increased cyber resilience in the year ahead.”

“Organisations whose risk mitigation strategies rely on cyber-insurance will be forced to improve their posture or they will be in jeopardy of having their provider significantly increase their premiums or even face non-renewal of their policies. As part of building cyber-resilience, insurers will mandate their customers have digital forensic and incident response capabilities to proactively identify potential threat vectors and to mitigate losses when breaches happen.”

“U.K. employers should also be concerned with data breaches that will arise as a result of “The Great Resignation.” U.S. businesses were hit by a record number of resignations in 2021 that coincided with a surge of data exposure events. Resignations place employers under threat of insider activity because research shows that if an employee is going to exfiltrate data, they’re most likely to do so in the 90 days before they resign. U.K. businesses are currently reporting rising numbers of employee resignations and the ripple effects will be felt in 2022 when they discover their data has walked out the door.”

 

Stefan Auerbach, CEO at Utimaco

 

Stefan-Auerbach-Utimaco-CEO

 

“We have seen at the end of 2021 that post-quantum cryptography has gone from a theoretical computer science problem to a matter of urgency. Within the space of a week the US Department of Homeland Security announced that quantum-safe encryption was a priority and a Chinese laboratory demonstrated a quantum computer that is tens of millions of times more powerful than the fastest conventional supercomputer. This, and the developments that are going to follow, will hopefully spur more organisations to look into what post-quantum security means for them and develop plans around it.”

“We will see more discussion around this topic from within the security industry, and this will hopefully spread to our customer base and to companies around the world. Over the next year we and our peers will be looking to push the conversation around post-quantum cryptography forward, showing how it’s something that needs to be addressed this year, not when quantum computers become a commercial reality. We will hopefully also show how this isn’t an insurmountable problem, but that updating cryptography is a task that existing cybersecurity companies can address.”

 

For any questions, comments or features, please contact us directly.

 

techround

 

Bronwyn Boyle, Chief Information Security Officer at Mambu

 

Bronwyn-Boyle

 

A more diverse talent pool: “The ‘Great Resignation’ and ‘War for Talent’ are particularly relevant in the cybersecurity industry. We’re facing a huge skills gap, with some statistics suggesting a shortage of up to 3.5 million cybersecurity professionals worldwide. In 2022, we’re likely to see a shift toward greater automation of tasks to reduce the burden on already stretched teams, who are increasingly being asked to do more with less.”

“On the positive side, the skills shortage is encouraging innovative approaches to recruitment and training of cyber professionals, especially in the development of technical expertise. Innovative learning platforms are helping accelerate the acquisition of new and transferable security skills while changing attitudes to professional certifications are helping lower barriers to entry. The shrinking talent pool is having a positive effect, by encouraging the industry to be more welcoming of those from non-technical or non-traditional backgrounds.”

Small and mid-size enterprise (SME) focus: “Cybersecurity innovation has traditionally been pitched at large, blue-chip companies, with smaller organisations often overlooked. In fact, mid- and lower-tier markets are often where innovative cyber solutions are most needed, as smaller companies provide a foothold for larger cyber attacks. SMEs often don’t have the money to invest in big-buck solutions and it’s often difficult for them to get a view of what security products are the best fit for their business. Vendors should prioritise this fertile market in the year ahead and provide customer education alongside affordable services.”

Higher risk of cybercrime: “The Covid pandemic has radically changed how we do business, with increased reliance on digital services, working from home and changing consumer behaviour all contributing factors. Unfortunately, this has driven a corresponding spike in fraud and cyber-crime, with UK residents and businesses facing financial losses of £2.5bn over the last year alone. This fraud epidemic poses a grave threat, both at a social and individual level. We need to do more to fight cybercrime at an industry level and protect vulnerable consumers and communities. We also need to do more to educate people on how to embrace new digital services while staying safe. We often hear that people are the weakest link when it comes to cybersecurity, but they’re actually our first line of defence: educating on the right behaviours and mindset can help stop fraudsters and cybercriminals in their tracks.”

 

Ms. Fariha Rizwan, Group Head of IT at Z2C Limited

 

Fariha-Rizwan-Z2C-Limited

 

“In recent years, information security has evolved from being an after-thought to now being an imperative for businesses. With the transition to the cloud, the increasing possibility of compromise on security is also a phenomenon, businesses of all sizes are now highly cognisant of. In 2022, what we’re going to see is organisations investing heavily in securing their infrastructure against security breaches and possible cyber-attacks. On an organisation level, awareness of all employees on cyber security 101 and everyone being mindful of their actions causing a potential security breach will continue to grow. Information democratisation on cyber security is indeed a need for securing businesses against potential risks.”

“Establishing SOC and keeping it updated on recent ways of working is of absolute importance. There is a possibility of businesses acquiring security as an outsourced service for cost and risk management rather than hosting all resources in-house. Risk profiling and its management is an area gaining significance where a structured process integrating development and governance is in place to manage operations or any breach that might occur. The framework acts as the guide to manage such scenarios.”

“Overall, in the cyber security space ransomware attacks are likely to rise even though prevention and major crackdowns against them on the global law enforcement level continue to disfunction these attackers. However, data security and potential hostage prevention at the state level need to be ensured as espionage and data leaks continue to be a major watch-out for 2022.”

“NFTs continue to be a susceptible piece as theft and potential resale continues to haunt them. The trend is likely to continue into 2022 where the only solution, for now, is platforms intervention to curtail resale. This area will see a development where security uplift in such trading will be needed to ensure safe transactions. Crypto trading will also see regulations this year as many platforms continue to be compromised and money siphoning continues. Overall, the cyber security area continues to be a significant differentiating factor and a comprehensive security strategy is essential to operate undeterred on all levels of operations.”

 

Maciej Markiewicz, Cyber Security Lead at Netguru

 

Maciej-Markiewicz-Netguru

 

“As in previous years, trends in cybersecurity are defined by the threats that security experts will struggle with. Preparing responses to the threats is, in my opinion, a key factor influencing the direction of cybersecurity. An additional catalytic aspect for security incidents cannot be overlooked: the COVID-19 pandemic redefined the working model of many organisations. Here are my 3 key trends for 2022:”

“Further escalation of breaches, data leaks, and ransomware attacks. The value of processed data, the number of services, and their complexity is constantly growing. Due to the pace of this growth (additionally accelerated by the pandemic), adequate protection is often neglected. Overlapping financial and geopolitical factors mean that the number and scale of incidents will continue to grow – I believe this trend will continue in the coming years. This means that in 2022 the importance of cybersecurity experts in digital acceleration will increase significantly.”

“Zero-trust architecture. The transition of entire industries to remote work as a result of the pandemic has forced changes in how companies operate; these changes were sometimes made in a hurry, which often had fatal consequences. To address these issues, an appropriate security architecture is needed: an architecture designed for dynamic and fragmented work environments. The zero-trust concept seems to fill this gap perfectly;”

“Privacy and regulations. The number of security incidents and other privacy violations by big companies is attracting the attention of governments. This will undoubtedly force further attempts to regulate the Internet. The next step towards regulation will define the approach to cybersecurity in this and the following years.”

“I think that 2022 will continue the trend of increasing interest in cybersecurity. The security incidents from recent years have shown that it is impossible to make another digital revolution without adequate protection of information, which is now an essential resource.”

 

For any questions, comments or features, please contact us directly.

 

techround