Virtualization Technology News and Information
Lumu 2022 Predictions: Operators to Struggle with New Tools, Dynamic Attacks, and Talent Shortage

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Operators to Struggle with New Tools, Dynamic Attacks, and Talent Shortage

The cybersecurity landscape will continue to evolve, responding to disruption driven by new technologies, threat actor ingenuity, and societal shifts. With these changes occurring at a faster pace than ever, here are some predictions for what to look out for in 2022 from Lumu Technologies, a provider of Continuous Compromise Assessment solutions.

1. Enterprises Break Up With the SIEM (or at least try to) 
Love them or hate them, SIEMs have been a cybersecurity fixture for more than two decades. In the face of new technologies making their lives easier, SOC teams will start asking if the SIEM deserves to still be at the center of their operations and will look for ways to break through the alert and portal fatigue and isolate confirmed instances of being compromised.

2. Hybrid Work Models Will Elevate Importance of Network Analysis & Visibility
With assets roaming between the office and home, security operators will be forced to continue monitoring a larger and more dynamic threat surface. Network Analysis and Visibility (NAV) will play a significant role in organizations' security positions as they look to unify and orchestrate their threat response models.

3. SOCs Turn to Automation to Address the IT Talent Shortage  
Corporations-and threat actors-will compete to secure in-demand cybersecurity skills, driving payrolls upwards and taking a further chunk out of depleted IT budgets. Automation and AI tools that make SOC teams more efficient with quick learning curves will be the key that helps short-staffed teams address the IT talent gap.

4. Cyber Insurance Becomes Unavoidable
Though governments are forcing organizations to acquire cyber insurance coverage, insurance companies will be more selective about coverage conditions. Organisations will need to demonstrate a fortified cybersecurity practice or else cough up higher coverage rates or miss out on coverage altogether.

5. Ransomware Gangs Launch Stealth Attacks
After some very high-profile attacks in 2021, ransomware gangs like Darkside and REvil went back underground as federal response intensified. Expect to see these groups forge new alliances and adopt new models that lower their collective risk profile. The coordinated attacks will also seek to rapidly exploit new zero day vulnerabilities such as the recent log4j application vulnerability.

6. Small-time, Large-scale Ransomware Campaigns
Conversely, more traditional ransomware methods will target smaller targets like desktops with smaller payouts, but on a larger scale. Increased availability of initial access, malware as a service, and ransomware chains will lower the barrier to entry for cybercriminals, allowing new players to enter the ransomware game.

7. Threat Actors Will Further Exploit Supply Chain Vulnerabilities
As the REvil Kaseya ransomware attack demonstrated, a vulnerability that grants criminals access to a large swath of victims will continue to attract the attention of opportunistic threat actors. Managed service providers, especially those that cater to small businesses figure to be in the crosshairs of threat actors.

8. Attacker Dwell Time Becomes a Core Security Metric
As mature cybersecurity systems evolve to lower dwell times, network visibility will become the key to not only quickly detecting compromises, but also obtaining the necessary intelligence to rapidly identify network intruders, limit their ability to escalate privileges, and reduce the amount of time undetected inside the network.


Published Tuesday, January 04, 2022 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>