Digital acceptance has accelerated rapidly and thereby also expanded the threat surface. Looking ahead to 2022, CISOs can expect new and evolving cybersecurity challenges.

2022 will be a year of building greater resilience and integrating it into all aspects of business operations. This requires organizations at all levels to review how they are responding to a wider range of more sophisticated threats. To build on the 2021 effort, CISOs need to consider how to innovate their businesses without leaving themselves more vulnerable to malicious attacks.

I see five big trends that will define the market in 2022 that security professionals should be watching:

1. The rise of the “acceptance break” mentality

The digital transformation has had a high priority for companies in recent years. More recently, part of this journey has included the introduction of a hybrid approach to work. I believe this trend will continue into the coming year and beyond as more and more companies explore “work from anywhere” scenarios.

A hybrid approach to work could make employers more productive, but SOCs need to be aware of the vulnerabilities and security risks that this exposes their employers to. As early as 2021, more European organizations have increased their zero trust budgets. The introduction of zero trust will expand to even more private organizations and governments to address the growing threat landscape.

Zero Trust adopts the principle of basically not trusting anything inside or outside your network and employs an “accept-breach” mentality. As more and more companies are unified in their approach to combating cyber risk, the introduction of Zero Trust can provide more transparency in order to improve a company’s overall security posture.

2. Innovation and new risks with 5G

5G introduction in Europe is gaining momentum and loud GSMA, the region will have 276 million 5G connections by the end of 2025.

Over the next year, more companies will try to invest in 5G technology for better connectivity capabilities. The introduction of 5G will enable them to create new value from existing core network assets and put their business on the roadmap of digital transformation.

Yet, Implementation of 5G does not come without challenges and complexity. As 5G accelerates the growth of the Internet of Things, threat actors can exploit vulnerable connections and compromise smart devices to infiltrate network infrastructure.

Businesses need to ensure that they are protected from all risks associated with 5G. Otherwise, they could lose the benefits of a connected future.

3. Customization, personalization and personal handling of phishing tactics

Organizations have increased the training and awareness of their employees as phishing scams become more common. As a result, users are now more vigilant and able to spot the most common phishing scams. To overcome this, attackers develop their strategies to make their attempts appear more authentic.

In 2022, phishing attacks will be more sophisticated. Instead of relying on the usual tactics, attackers will develop their approach to use more individual and personalized attacks based on information from social media. These heightened personal attacks will be more difficult to distinguish from real communications

4. Hackers win gold at the Beijing Olympics

Hackers will use the upcoming Beijing Olympics as an opportunity to crack athletes’ personal accounts and find incriminating email exchanges that can be exploited in blackmail attempts.

Content that affects the consumption of performance-enhancing drugs and the private life of athletes is at risk of exploitation and is considered a top price by hackers. Obtaining such knowledge could lead hackers to blackmail athletes with threats of disclosing this incriminating evidence.

5. The enterprise API ecosystem shows its weaknesses

Cyber ​​criminals generally use sideways movement techniques to infiltrate an organization’s entire network after launching their attack. This year we saw ransomware-as-a-service group REvil use Kaseya’s network management and remote control software in a Ransomware attack. Not only did this affect Kaseya itself, but it also extended to its managed service provider customers and their end users.

Attacks of this magnitude are particularly damaging because of their connections to multiple corporate ecosystems. In the course of 2022, hackers will increase the number of attacks using the concept of sideways movement. You will use this concept for internal networks and apply it to an entire partner network using misconfigured corporate APIs. In this way, threat actors can gain access to a company’s expanded ecosystem.

looking ahead

Security teams aware of upcoming trends and challenges in the cybersecurity landscape will be able to not only survive but thrive in the future.

Security will become more complex in 2022 and organizations must be prepared to evolve their operations if they want to stay one step ahead of new risks. They need to adopt the key lessons learned from 2021 and incorporate new adaptability and flexibility into their security process to improve their overall risk situation.

Source link
#Threat #Landscape #Top #Future #Cybersecurity #Challenges #Net #Security

Leave a Reply