We will start seeing specific APIs (application program interfaces) attacked in order to compromise the supply chain, as threat actors innovate and leverage new tools to exploit vulnerabilities. This will lead to larger scale data breaches.
The human element in cyberattacks, such as falling victim to social engineering or insider threats, will be amplified as workers migrate to hybrid work environments.
As The Great Resignation continues, the growing cybersecurity skills gap will impact security roles and drive the need for more effective automation. Unfortunately, many organizations will lack the resources to drive that automation.
Threats in the cloud will surge and become more costly as organizations migrate.
Regulatory requirements and cybersecurity best practices will undergo substantial refinements. Standardized breach notification requirements will prove necessary and challenges facing the cyber insurance industry will lead many organizations to self-insure, a stopgap measure at best.
– Lucia Milică, Global Resident CISO at Proofpoint
As hybrid work emerges and more certainty returns day-to-day, security leaders will be able to plot a robust strategy to plug gaps and make the bad guys work much harder.
IoT systems, global supply chains, cloud environments, and DevOps functions will be in the crosshairs. More sophisticated commodity malware strains will be aimed at SMBs.
However, Trend Micro predicts that many organizations will be ready for the challenge as they build out and implement a strategy to proactively mitigate these emerging risks via:
- Stringent server hardening and application control policies to tackle ransomware
- Risk-based patching and a high-alert focus on spotting security gaps
- Enhanced baseline protection among cloud-centric SMBs
- Network monitoring for greater visibility into IoT environments
- Zero Trust principles to secure international supply chains
- Cloud security focused on DevOps risk and industry best practices
- Extended detection and response (XDR) to identify attacks across entire networks
– Trend Micro
Looking back at our predictions from last year, we saw that the data privacy debate was indeed a critical focus. As authorities ramped up COVID-19 contact tracing and information sharing efforts in a race to reopen their borders, the ability of governments to secure and protect citizen data effectively also came under scrutiny in several countries across the region. We also forecast that the shift to mass remote work would drive businesses and their respective IT teams to speed up IT adoption – with security getting pushed to the edge and simplified. In a recent survey, we found that organizations in the Asia-Pacific region (APAC) identified maintaining comprehensive security as the top remote access challenge when expanding work-from-home capabilities, leading 80% of them to seek broad, end-to-end solutions to improve their remote security posture.
With the pandemic-induced shift in digital behavior and adoption clearly here to stay, the question remains: Are organizations well equipped to deal with the security threats that we will face in 2022? Here are our predictions for the cybersecurity trends that will shape the digital landscape for the year ahead.
Prediction 1: The meteoric rise of bitcoin will create a well-funded adversary
Prediction 2: As physical and digital lines blur, who or what we trust will impact our security even more
Prediction 3: The API economy will usher in a new era of digital fraud and exploits
Prediction 4: Attackers will set their eyes on countries’ critical digital infrastructure
Prediction 5: A borderless workforce will need a borderless solution
– Palo Alto Networks
At the start of 2022, many businesses will be breached. As organizations worldwide slow down for the holidays and find themselves in work environment transitions, distractions will create opportunities for cybercriminals to infiltrate networks without raising suspicions. As a result, well into 2022, IBM sees breach disclosures and cyberattacks, with initial compromise tracking back to early in the year.
One business’s ransomware attack will become another business’s extortion. Ransomware attacks will become more relentless in their quest to scale up revenue and do so fast. In 2022 there may likely be more and more triple extortion ransomware, whereby a ransomware attack experienced by one business becomes an extortion threat for its business partner. Ransomware attackers won’t stop extorting the victim organization for ransom; they will extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption.
Supply chain attacks will become a top boardroom concern. In 2021 the world felt the brunt of supply chain bottlenecks due to COVID-19 restrictions. Recognizing this, cybercriminals will seek to capitalize on people’s heavy reliance on supply chains — both on a consumer and enterprise level. Supply chains have many blind spots or cracks that attackers can take advantage of. Ransomware attacks will be a threat not only to companies as individual entities but to their supply chains as a whole, making these types of attacks a top concern for the Board.
Blockchain will become a cybercrime hideout. With enterprises and consumers increasingly relying on blockchain for their supply chain management and digital transactions, attackers too turn to its legitimate use to stay under the radar for longer. In 2022, blockchain will become a more common “tool” used by cybercriminals to obfuscate their malicious traffic, avoid detection and extend attackers’ stealth. This will make it increasingly harder for defenders to discern malicious activity on the network.
Zero tolerance for trust will redefine the state of security. More and more businesses realize that they must establish zero tolerance for trust in their security strategy to build customer trust. In 2022 government and private industry will scrutinize their trusted relationships more, and re-evaluate the “who, what, why” regarding access to their data. Not only will there be more “auditing’ of user access, but application access to data as well.
Another top priority for CIOs is protecting the data assets of the company. Information security is not a new issue but we’ve seen in the last two years of lockdowns, a rise in the number of ransomware attacks, which presents a new challenge for CISOs (Chief Information Security Officers). No longer is it enough to ensure you have a comprehensive security infrastructure, you also need to ensure that you keep immutable copies of your data and have the means to rapidly restore that data in the event of a ransomware attack.
We’re also seeing pressure now not just from Boards of Directors but also governments to ensure that organisations don’t give in to ransomware demands. As a result, we see a “Trust Infrastructure” start to emerge to address identity issues in the digital space potentially through the use of immutable technology such as blockchains and security certificates.
– Matthew Oostveen, Chief Technology Officer & VP, Asia Pacific & Japan, Pure Storage
In July 2021, as the world was still reckoning with the devastating SolarWinds breach, the REvil ransomware gang exploited a Zero Day in Kaseya VSA to launch a supply-chain attack on its customers. Neither of these attacks occurred in a vacuum, meaning security teams must pay closer attention to the threat of island hopping. In 2022, we can expect that cybercrime cartels will continue to seek ways to hijack the digital transformation of organizations to deploy malicious code, infiltrate networks, and gain persistence in systems all over the world.
Defenders and organizations will need to monitor networks and services vigilantly for suspicious activities and potential intrusions. Implementing practices associated with Zero Trust philosophy like microsegmentation, threat hunting, and advanced telemetry capabilities can help ensure organizations are not the gateway to or victim of a severely damaging attack.
– Tom Kellermann, Head of Cybersecurity Strategy, VMware Security
Against the backdrop of increasing data breaches over the years, privacy has become a major concern for consumers and governments across the globe. But a myth continues to lurk among business leaders: personalized digital products and privacy can’t co-exist. They’re wrong, and in 2022, more businesses will see privacy-centric personalization as a competitive differentiator. This will be the year privacy goes from talk to action.
– Julio Bermudez, Vice President, APAC and Latin America at Amplitude
Qatar has made significant investments in cybersecurity ahead of the FIFA 2022 World Cup. Much of the travel and ticketing for the event have been digitized and are vulnerable to attack from cybercriminals. We predict that in addition to large-scale outages or organizational attacks, cybercriminals will also be targeting the large number of high-value visitors to the tournament. Organizers will be prepared to manage the large attack surface surrounding the tournament, but what about individuals?
Phishing and social engineering will be used to steal personal and financial information that criminals can monetize. We predict that promotional emails or fake websites related to World Cup from the travel and hospitality industries will be used to capture personal data and compromise individuals. Cybercriminals will recognize the work that Qatar has done to be prepared for the tournament and may focus on exploiting human nature rather than digital infrastructure.
– Joanne Wong, VP of International Markets, LogRhythm
Today’s ransomware attacks have become more sophisticated human-operated activities. Actively controlled by human threat actors, this form of ransomware has been able to bypass traditional cybersecurity defences, requiring massive logs and data for post-attack analysis.
With human threat actors able to control malicious software – finding vulnerabilities, overcoming defences, and maximising the impact of their attacks – we expect that attackers will continue to target the bottom line and seek monetary returns.
This evolution has led to more organisations deliberating new approaches to cybersecurity, such as adopting deception tactics by distributing traps and decoys across a system’s infrastructure to imitate genuine assets while creating a paradigm to hide critical data. We expect deception technology to continue gaining popularity in the new year. At the same time, more organisations will also build on identity security programs and existing cybersecurity defences to guard against increasingly sophisticated cyber threats.
– Jeremy Ho, Vice President at Attivo Networks