In 2021, the defences of the world’s largest organisations proved to be inadequate. As companies scrambled to continue growing against the backdrop of a global pandemic, cybersecurity often became a secondary concern. Rapid digitalisation, expanded the attack surfaces and forced a re-think of cybersecurity postures.
Ransomware attacks continued unabated focusing to a greater extent on targets where outages are not an option such as critical infrastructure and hospitals.
Supply chain attacks, on a scale never seen before, created chaos for many in 2021 leading to greater focus on supply chain vulnerabilities.
The concept of zero-trust became widely embraced as companies increasingly ‘assumed breach’ and deployed controls which minimise attack damage. ‘Never trust, always verify’ became a mantra for security professionals.
In the second half of the year, more companies figured out how a Secure Access Service Edge (SASE) approach can help them to manage risk as they relentlessly shift workloads into the cloud.
Here are five key cybersecurity trends for 2022.
1. Greater Accountability for Customers and Employees
Phishing continues to be the most successful means of establishing a beachhead for a cyberattack. Unintentional downloads of malicious content from illegitimate websites and links shared in emails — by both customers and employees — are enabling threat actors to launch increasingly damaging attacks.
For example, malware on smartphones is giving attackers access to credentials and OTPs. This is enabling fraudulent activity, the consequences of which banks usually underwrite. Regulators will increasingly work with financial services organisations to establish frameworks which place greater responsibility and liability on banking customers. Similarly, employers are increasingly placing expectations on their employees and holding them more accountable for enabling breaches.
Training and awareness programs are being stepped up to ensure that employees can recognize attacks and understand their role in managing incidents. Expect to see consequence management frameworks becoming commonplace.
2. CISOs Report Directly into Top Management, Bypassing CIOs
Too often, the interests of the CIO and the CISO conflict. Every digital transformation project driven by a CIO creates an expanded attack surface. CISOs are then expected to put out the metaphorical fires, which are often initiated by CIO decisions.
Digital transformation projects are increasingly being hijacked by threat actors. CISOs need to be empowered to ensure that security best practices are followed throughout the organisation. For this to happen, they need the support of leadership and to operate outside the IT department which is typically the (unintentional) creator of cybersecurity vulnerabilities. In 2022, expect CISOs to be given much more authority and influence in corporate decision-making. Expect to see a much higher proportion of CISOs operating outside of IT departments — with many reporting directly to CEOs.
3. Rush to the Cloud Exposes Need for Focus on Configuration Management
The rapid deployment of workloads in the cloud is often a major burden for security teams. Growing ‘operational sprawl’ adds to security complexity, and often leads to misconfigured clouds.
For example, IaaS solutions typically require extensive configuration to make sure that they work properly. Often, the need to configure IaaS solutions in line with a company’s desired security posture is overlooked, potentially leaving data, public facing. Incorrect configuration can result in storage offerings such as AWS S3 being exposed. Access to this data can easily be indiscriminately granted to anyone who tries to access it, which can have a devastating impact.
Repairing misconfigurations is an essential part of data leakage prevention and is critical to ensuring that cybersecurity posture is effectively managed. Expect to see greater focus on cloud configuration management in 2022.
4. DevSecOps Drives Shift to Policy-As-Code
As companies start to embrace DevSecOps, developers will act as policy enforcers by building policy into code.
Security by design will become more common as security programs align with DevOps to provide the automation required to secure complex technology environments. Developers will start to see baking security into code, not as an inconvenience, but as a critical part of creating new applications rapidly.
Not all policies can be implemented as code. In 2022, expect to see access, governance and configuration policies being implemented as code.
5. The Secure Access Service Edge (SASE) Approach Accelerates Migration from Legacy Perimeter-Based Approach to Cybersecurity
The traditional network infrastructure model of centralised corporate datacenters secured by on-premises network perimeters, doesn’t work today. Data that once resided in datacenters is found in the cloud, on SaaS applications, and on endpoints.
Often, security controls are not designed for the dynamic, distributed, and virtual nature of cloud environments, and widely dispersed remote working.
Companies require the ability to deliver an integrated set of network and security services in a consistent way — enabling digital transformation, cloud migration, edge computing and remote working.
These requirements can be addressed by a SASE approach to cybersecurity. Expect to see a wider adoption of SASE approaches in 2022.
The avalanche of attacks in 2021 looks set to continue in 2022. Cybersecurity approaches will need to transform to address more frequent and dangerous threats.
Let us know your thoughts.