Virtualization Technology News and Information
Netenrich 2022 Predictions: How to Address a Burgeoning Cyber Pandemic in 2022

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

How to Address a Burgeoning Cyber Pandemic in 2022

By John Bambenek, Principal Threat Hunter, Netenrich, Inc.

The potential for disruption across the ecosystem has been growing continuously for years as data, infrastructure and applications shift to the center of business and society. Continued hybrid work approaches have resulted in IT and security teams losing visibility into what devices have access to high-value data, the applications on those devices, and the state of connected devices. These challenges all play into the multitude of challenges we face today. Our networks are not secure, and it will take more than reactive patching to get ahead of the issue. Meanwhile, those networks that are secure often face outages caused by blind spots, rushed transitions to the cloud, or simple human error.

We will continue to see disruption across the digital ecosystem-and even in our physical infrastructures-until we find a more sustainable path forward. Until that point, it is a worthwhile exercise to assess the key challenges we will face in 2022 so that we can mitigate issues before they full-blown disruptions.

A fluid ecosystem of bad actors will continue to thrive in 2022

Recent years have seen cyberattacks large and small conducted by state and non-state actors alike. Both sets of actors are part of a larger, more nebulous ecosystem of brokers that provides information, access, and financial channels for those willing to pay.

Rising geopolitical tensions, increased access to cryptocurrencies and dark money, and a general instability due to the pandemic will contribute to a continued rise in cyber threats in 2022 for nearly every industry. Top-down efforts, such as sanctions by the U.S. Treasury Department, may lead to arrests but will ultimately push these groups further underground and out of reach.

Cyber insurance is broken but still worth it in 2022

The ongoing digitization of nearly every industry coupled with more sophisticated and widespread cyberattacks have led to a dramatic increase in financial losses for enterprises. Cyber insurance is meant to be a safety net in these instances, but the sheer amount of cybercrime activity has caused premiums to rise at an unsustainable rate.

Companies, particularly small and medium-sized businesses, will be doing cost/benefit analyses for cyber insurance in the coming year and questioning whether there is an alternative to this broken system. Given the current threat landscape, however, companies would be unwise to abandon these insurance policies in the near term. Instead, it is critical for the cyber insurance industry to work with companies to develop policies that will get its economics under control and premiums down to a manageable level.

Fixing the DevOps and security drama/trauma

Sacrificing security to move DevOps faster is an ongoing problem. Fundamentally, the problem occurs when organizations execute agile and DevOps. In an effort to remove all friction to moving code quickly, security considerations are often removed from the process. This makes security inherently reactive instead of embedded into engineering, and that's assuming security even knows what to protect in the first place. Meanwhile, incidents and loss of stolen proprietary data pose huge risks to the business.

Security needs to be truly embedded in DevOps and given authority by leadership to have a seat at the table, even if that means slowing a release to production. It isn't just security in the development process (like secrets management) but also in the engineering of each project. There are many ways to engineer a software solution. A good security architecture can provide lightweight ways to add controls and resilience that wouldn't impact the development timeline if they are included early enough.

2022 will be an inflection point in an emerging cyber pandemic

Looking ahead to 2022, it is critical we recognize that our digital economy has become fragile and faces an inflection point of how we adapt to a potential, if not already forming, cyber pandemic. IT leaders have been having the same conversations for decades. Current efforts by companies to secure their infrastructures will always be insufficient because they were not architected with security as a priority. Attempts to finally get ahead of bad actors through updates and patches will continue to fail, as these efforts are too decentralized and inefficient to make a proper dent. Going into 2022, many companies would prefer to pay a ransom than commit to update their stack with a security-first mindset. This reality is the primary contributor to the other predictions for 2022: a robust ecosystem of bad actors, a broken cyber insurance industry, and the ongoing push and pull between DevOps and security.

Meanwhile, the adoption of third-party tools that could help has been outpaced by increasingly well-funded and professionalized bad actors. Regardless, the answer to these problems will be unfulfilled with third-party services if the internal priorities, teams and operations are not aligned with the goal at hand. Enterprises would be wise to consider their shortcomings in these domains to ensure a strong security posture as they move into the new year.



John Bambenek 

John Bambenek is Principal Threat Hunter at Netenrich, President of Bambenek Labs, and an incident handler at the SANS Internet Storm Center. He has been researching security threats and criminal organizations for over 20 years and coordinating with US and foreign law enforcement entities to help bring criminal actors to justice. John specializes in data mining threat intelligence data and performing online surveillance of criminal infrastructure to provide near-time and real-time intelligence products to product customers and to aid in criminal investigations.

John is a published author of several articles, book chapters and one book. He has contributed to IT security courses and certification exams covering such subjects as penetration testing, reverse engineering malware, forensics, and network security. He has also participated in many incident investigations spanning the globe, speaks at conferences around the world, and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.

Published Wednesday, January 05, 2022 7:32 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>