Virtualization Technology News and Information
Mimecast 2022 Predictions: Killware, Deep Fakes and RaaS... Oh My!

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Killware, Deep Fakes and RaaS... Oh My!

By Neil Clauson, regional CISO at Mimecast

As we approach the end of 2021, now is the time to think about cybersecurity priorities for the New Year. The areas where organizations choose to invest their time, resources and budget should align with their biggest areas of risk. In addition to conducting an internal risk assessment, it's important to know what's going on with the overall threat landscape and the cybersecurity world at large. Paying attention to predictions from cybersecurity professionals can help organization's think about proactive security measures that mitigate risk and improve their overall security posture.

With this in mind, to be successful in 2022, I believe security teams will need to leverage their ecosystem of controls to effectively combat current and future threats. Many teams have invested in point solutions that don't integrate with or support other tools in their infrastructure, and/or they haven't fully tested and validated their response if those solutions alert (or fail to alert) to a threat or ongoing attack. Rather than continue with this siloed approach to cybersecurity, security teams will invest in tools and services that strengthen their defensive posture, enhance overall detection capabilities, and facilitate fast and effective remediation.  This ecosystem is enhanced by effectively leveraging threat intelligence at both tactical and strategic levels. Overall, this strategy ensures that people, processes AND technology are working in concert and delivering their expected outcomes.

In addition, security teams must "train like they fight, and fight like they train" - meaning they should leverage internal tabletop exercises and/or cyber range solutions to ensure their responses (and supporting documentation) are validated and mutually understood. An incident typically is a surprise, but your response shouldn't be, and awareness and training can help ensure that you execute your incident response plan effectively when you need it most.

Only when all of these pieces are in place, can security teams provide the assurances to all levels of the organization of their cyber resiliency and readiness.

That's my take on predictions and priorities for 2022. I also chatted with my some of my Mimecast colleagues to get their thoughts:

  • Elaine Lee, staff data scientist, on deep fakes: "In light of rapidly advancing deep fake technology and increasing reliance on virtual collaboration tools due to the post-COVID-19 work arrangements, we should be concerned about malicious actors getting more sophisticated in their impersonation attempts. What was a cleverly written phishing email from a C-level email account in 2021 could become a well-crafted video or voice recording attempting to solicit the same sensitive information and resources in 2022 and beyond. After some incidents of a phishing attack of this nature, organizations will want to move toward verifying such content with a process (manual and/or automated) that results in an explicit ‘certificate of authenticity' designation. Or, they may adopt more secure authentication regimes (e.g., blockchain) and require the originator of the voice/video content to authenticate in this manner."
  • Jonathan Miles, head of strategic intelligence, on killware: "There is a growing concern among the international community and law enforcement jurisdictions regarding the potential use of malware to harm / kill humans. In a recent media reporting, it was proposed that we are on the verge of a new level of malware, dubbed killware. With the world we live in now more connected than ever through the Internet of Things (IoT), the borders between the physical, virtual and cognitive spaces are becoming increasingly intertwined and interlinked. In addition to the known vulnerabilities within critical national infrastructure, given the escalation in virtually enabled and connected medical devices, automotive vehicles, and domestic energy and safety devices within the home, as well as the potential willingness of some threat actors to exploit these devices and cause harm to others, it may become a matter of time before killware claims its first victim(s)."
  • Jeremy Ventura, senior security strategist, on Ransomware as a Service (RaaS): "RaaS will continue to expand and evolve causing detrimental effects for all organizations. The speed and scalability of the RaaS model will continue to advance, which will result in more severe attacks - resulting in the highest demands the world has ever seen."
  • Peter Bauer, CEO, on cybercriminals exploiting human nature: "After years of high-volume breaches combined with employees sharing excessively via social media, the trove of personal information and intelligence available to attackers is extraordinary and beyond disturbing. This will enable adversaries to craft even more convincing attacks. They will exploit the human layer aggressively, resulting in significant business disruptions and a corrosion of trust. Email and cloud communication systems continue to provide attackers the ideal venue to target their victims."
  • Dirk Jan Koekkoek, vice president, DMARC, on the first breach to expose 1 billion records: "We will see the first data breach with more than a billion records of PII. The Facebook papers and the creation of the Metaverse makes me feel fascinated on the one hand and a little sad on the other hand. The VR space and the technological capabilities as well as the use cases are exiting. On the other hand, we have this giant tech company with a poor data projection reputation that is supposed to guard the world's largest people databases. Now, we're combining this with potentially many other big databases to link logins and exchange data. Data breaches already exceed half a billion records. Putting this increasing level of trust in a joint venture of companies that fails to protect our data over and over will cause us to see the first data breach that exceeds 1 billion records of PII. And, that will trigger more malicious actors to monetize these likely very enriched data sets."

Which predictions apply to your business and what cybersecurity controls will you invest in to limit your enterprise risk in those areas? That is the million-dollar question leading into the New Year.



Neil Clauson 

Neil Clauson, regional CISO at Mimecast, has 25+ years of experience building and securing complex IT and security solutions. He's led Security Operations teams at Mimecast and other organizations which face a variety of threats and challenges. He has built and enhanced cybersecurity programs to support and achieve business outcomes.

Published Tuesday, November 30, 2021 7:29 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2021>