Industry executives and experts share their predictions for 2022.  Read them in this 14th annual VMblog.com series exclusive.

The Cybersecurity Forecast for 2022: "Winter is Coming"

By Michael Davis, Chief Architect, Open Systems

If the cyber threat landscape of 2021 was gloomy, the coming year is shaping up to be even more turbulent. So, buckle up because there's a storm ahead and the captain has turned on the seat belt sign - 2022 is going to be a bumpy ride.

Here are a few predictions of what 2022 may have in store for us:

• Attackers will increasingly employ Artificial Intelligence (AI) to evade detection. AI and Machine Learning (ML) have taken the security market by storm over the past 5 years as cybersecurity companies realized the potential of the technologies. Unfortunately, cybercriminals likewise recognize their power, and are now poised to take advantage of AI themselves in 2022. It's likely that bad actors will use AI to attack the models within security software using adversarial techniques, and then put those outputs to use in malware in order to evade detection.
  

• 2022 will also see further SolarWinds-style attacks, with bad actors targeting IT resellers and technology service providers as a way to access the IT systems of their downstream customers. Though attackers may employ new approaches and technologies in 2022, it's very likely they will continue their efforts to steal login credentials through simple - but effective - tactics like password spraying and phishing, and adding malicious code to the resellers and service providers' software to create backdoors to access downstream customers' systems.
  

• The shortage of seasoned, top-tier cybersecurity professionals will continue as stress-related burnout causes many to leave the field. Though colleges are producing graduates in greater numbers, the reality is they lack the on-the-job experience to adequately replace veteran professionals, regardless of how sharp and eager as they are.
  

Despite these dire predictions, there are reasons to be optimistic about the outlook for 2022:

• Enterprises will increasingly abandon the practice of simply buying more tools, recognizing that a patchwork of point security products actually increases their vulnerability to attacks. With 40 or more tools from multiple vendors - many of which are redundant or overlapping - the security teams at most enterprises act more like systems integrators struggling to keep tools properly configured and integrated. However, using so many tools is inherently complex, and typically results in tools being misconfigured, creating coverage gaps attackers can exploit.
  

• To better protect themselves from SolarWinds-type attacks, companies will review the security precautions implemented by their critical IT resellers and technology service providers and have them take appropriate actions. These include requiring their resellers and service providers to use two-factor authentication and other basic security measures.
  

• Enterprises will also look to partner with service providers to improve their security postures. Managed Detection and Response (MDR) services in particular will be increasingly adopted as they provide 24/7 monitoring to identify breaches early combined with immediate containment efforts. MDR is also a good option for those companies that lack sufficient in-house security capabilities.
  

• To address the burnout of top cyber talent, enterprises will more diligently tackle workload and workplace issues to improve morale and job satisfaction. Many companies may also engage MDR, or other service providers that employ cybersecurity experts, to continuously monitor their environment allowing their in-house teams to turn to more strategic items aimed at reducing the potential attack surface.
  

Clearly, cybercriminals will continue to "up their game" in 2022 with new approaches and increasingly sophisticated tools, but enterprises can do the same. While there are no perfect defenses, companies - working with security partners - have many options for bolstering their security postures to prevent or limit the impact of breaches, as well as improving resilience so they can quickly recover from successful attacks.

Winter may be coming, but it doesn't have to last all year.

##

ABOUT THE AUTHOR

Michael Davis, Chief Architect, Open Systems

Author, speaker, consultant and entrepreneur, Michael is Open Systems' Chief Architect and a highly regarded expert on cybersecurity. His extensive experience includes serving as a senior leader in the Global Threats group at McAfee, launching the IT security consulting firm Savid Technologies and, more recently, Michael was the CTO of GoSecure, a specialist in endpoint security. He has advised clients include AT&T, Exelon, Sears and the U.S. Department of Defense.

In addition to regularly speaking at industry conferences including Black Hat, Interop, SuperStrategies and InfoSecWorld, Michael has written on cybersecurity topics for InformationWeek, Dark Reading and other publications, and the Hacking Exposed series of books.

As Chief Architect, Michael advises Open Systems and our clients on security best practices and works with product development to guide the future of the Microsoft Azure cloud-native platform for Open Systems' MDR service.