What will Cybersecurity be like in 2022? It is that time of the year when we think about the year gone by and wonder what is in store for us in the new year. In the first of a series of predictions from global experts that CISO MAG contacted, Daniel Spicer, CSO, Ivanti, offers eight key trends. Of these, we think the most interesting one is cyber hygiene. Spicer says finding ways to automate cyber hygiene will become increasingly important, especially as environments continue to get more complicated.
1. Nation-State Threat Actors Will be Quieter in 2022
Nation-state-led cyberattacks dominated a large portion of the cyber-related news cycle at the end of 2020 and throughout most of 2021. Many espionage organizations that prefer to remain quiet and in the shadows were brought into the spotlight. While nation-state-backed threat actors won’t stop their operations, we should expect 2022 to be a quieter year. Many and techniques have been exposed in the past year, so nation-state threat actors will spend additional time updating kits and refining techniques. Changes in cybersecurity policies and requirements will require nation-state operators to adjust their toolkits further to evade new minimum requirements. Plus, most of the world does not have a major election cycle next year. However, by the end of 2022 or early in 2023, we should expect to see a continuation of larger-scale operations targeting the weakest links in the chain. And we are likely will see more attacks targeting managed service providers (who provide IT and security services to companies) instead of going after companies directly.
2. Automating Cyber Hygiene Will Become Increasingly Important as Environments Continue to Get More Complicated
Ultimately, most attacks are the result of poor cyber hygiene. Even an advanced attack, such as a supply chain or ransomware attack, often starts with basic tactics like social engineering, phishing, or exploiting vulnerabilities in unpatched software to infiltrate environments and deploy malware. Finding ways to automate cyber hygiene will become increasingly important, especially as environments become more complicated. This includes leveraging a combination of risk-based vulnerability prioritization and automated patch intelligence to identify and prioritize vulnerability weaknesses and then accelerate remediation. The White House recently released a memo encouraging organizations to use a risk-based assessment strategy to drive patch management and bolster cybersecurity against ransomware attacks. If an organization can automate all the processes that constitute cyber hygiene, the security team can deal with bigger issues.
3. Phishing Attacks Will Continue to Plague Organizations
Phishing should have been solved long ago, but as an industry, we failed. According to a recent survey by Ivanti, 74% of respondents said their organizations had fallen victim to a phishing attack in the last year. SMS phishing is the latest variant to gain traction. It works much like an email phishing scam but instead sends deceptive or malicious links through text messages. In 2022, we can expect to see more sophisticated phishing scams. For example, we may see threat actors targeting marketing firms and tools used by email marketers to achieve maximum impact. Since marketing emails come from trusted domains, end users are likely to trust them and click on links, increasing the success rate of attacks.
4. Ransomware Attackers Will Include More Data Theft
Ransomware is a universal problem that is not going away. Following the rapid shift to remote work, remote access services became easy and primary targets, with phishing often used as the attack vector. Ransomware has continued to evolve, with attackers increasingly leveraging known vulnerabilities with remote code execution and privilege escalation capabilities. In 2022, we can expect ransomware attackers to continue to mature their tactics, expand their attack arsenals, and target unpatched vulnerabilities across enterprise attack surfaces. However, as more organizations backup their data, threat actors will likely skip the deployment of ransomware and go straight to stealing the data and blackmailing organizations. In terms of industries to watch, in 2022, as the pandemic calms down, the health care industry will be targeted more aggressively. We will continue to see more attacks for critical infrastructure industries such as food supply chains and energy because they are not as secure as other industries. Hopefully, this will spur bigger budgets and increased spending on the right security controls for these industries.
5. RIP Antivirus and Vulnerability Scanners
Traditional antivirus software doesn’t work, and traditional vulnerability scanners aren’t as valuable as they used to be. Both are already on their way out, and I think both will be completely eradicated in 2022. Looking ahead, it’s about endpoint detection and response (EDR). EDR will be the next generation of antivirus software. We may also see a revival of tools in the identity and user behavior analytics space. User behavior analytics originally came out too early. I expect new technologies to come out in rebranded forms, but they will look the same under the hood. We likely will not see this at the beginning of 2022, but more likely later in the year.
6. Centralized Identity Management Will Become Increasingly Important
It is not easy to secure the home office. The biggest challenge for security teams is that it’s hard to control the work-from-home environment when you lack control over all the devices that sit on a home network. And there are more and more devices connecting to home networks, given the rise in consumer IoT devices. A second issue, which touches upon the Great Resignation, is remote offboarding. It’s not as simple as having an employee send their work laptop back to the employer. We don’t know to what extent they had access to resources in the cloud. Securing identities through Zero Trust becomes increasingly important.
7. The Great Resignation Will Hit the Security Industry Hard
Globally, the shortage of cybersecurity professionals is estimated to be 3.12 million. It is challenging to fill all roles right now, and there is a bit of a bubble on the value of security professionals. In five years from now, we can expect to see more security professionals entering the workforce with more degrees and more education. And with more degrees and education, the industry should expect some compensation bubbles. Looking ahead, company culture and mission will also be of increasing importance to future security professionals. There is been an upward trend among security professionals who are changing jobs based on the mission of a company and their contribution to society We can expect this to continue in 2022 and beyond; it will not be about compensation anymore but the company’s mission.
8. Biden’s Focus on Cyber Means There is Zero Option for Anything but Zero Trust in the Public Sector
The President’s Order on security has created a lot of pressure and work for public sector organizations – it is something that hasn’t historically been prioritized. There will be a lot of scrambling in 2022 to ensure the right strategies are in place as there are many leaders still figuring out the cloud, Zero Trust, and work from anywhere. Increasing and enhancing an agency’s cybersecurity posture will be an absolute mandate vs. a nice to have because of the increased need to focus on cybersecurity following a steady drumbeat of attacks that have directly impacted Americans and hampered logistics and services across the United States.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.