Industry executives and experts share their predictions for 2022. Read them in this 14th annual VMblog.com series exclusive.
Top Cybersecurity Predictions for 2022
By Lyndon Brown,
Chief Strategy Officer at Pondurance
What's next for the cyber
industry? Predictions are predictably unreliable, but one thing is certain:
cyberattacks will continue to challenge organizations in 2022 and
potentially disrupt our everyday lives. Indeed, the United Nations
has reported that cybercrime is up 600% due to the COVID-19 pandemic-and
now nearly every business is being forced to adapt and evolve. Here are
some top emerging trends we are seeing that could shape the cyber industry in
the coming year.
Going back to the risk
management drawing board
Any successful cybersecurity
program is predicated on a thorough risk management approach. The strategic
element as of late seems to have been relegated to a fragmented set of tactics
and solutions, as companies find themselves in a more reactive than proactive
mode when protecting assets. In order to efficiently allocate their security
budgets, consolidate existing technologies and harmonize control procedures
across a vastly extended network, we will see more companies revisit their risk
management program. For instance, legacy mitigation has largely relied on a
third-party, risk transfer approach, which means organizations will have to
more directly consider downstream impacts that may have intolerable business
impacts on their operation. We're already seeing an increase in the rigor
toward vendor management programs to confirm the level of due care, and
increase the level of accountability.
The hybrid workplace will
be the next frontier for cyber
Organizations will have to
learn to mitigate the risk of cyberattacks while juggling the constantly
changing demands of both on-site and remote workers. In the wake of the COVID
crisis, some companies went from zero to full digital transformation overnight.
Other companies are still on that path.
Regardless, now that some
employees are returning to the office and others remain at home, companies will
need to ensure that workers remain productive and secure in this new hybrid
environment. Hybrid work will require a complete overhaul of how we think about
security, including the ability to provide employees with easy and secure
remote access to business-critical applications no matter where they are.
Governments will put the
squeeze on cyber syndicates
Governments around the world
will really clamp down on cybercrime. Cybercrime is a global problem, and world
leaders want to establish norms when dealing with this type of crime. Expect to
see more cybercrime legislation around the globe to put the squeeze on
cybercrime syndicates and make it harder for them to evade police action.
This could include new laws
that make it easier for police to gain search warrants, as well as more
anti-corruption legislation to disrupt the use of cryptocurrency in cybercrime.
Though cybercrime syndicates are still emerging, we predict at least one major
cyber ring will be shut down this coming year.
In no small part, the current
administration is likely to use the power of embargoes and other economic tools
to better drive cross border law enforcement.
The Cybersecurity Maturity
Model Certification will extend beyond the DOD
The Department of Defense
(DOD) recently set up a process to ensure that all defense contractors meet
certain requirements for handling controlled unclassified information. That
process is known as the Cybersecurity Maturity Model Certification (CMMC). It
is designed to ensure that defense contractors meet a basic level of
cybersecurity hygiene for protecting sensitive information.
It's fair to predict that not only will DOD suppliers need to meet the cyber
hygiene requirements, but that the same kind of compliance will soon be
required across all government agencies and their suppliers. Why? Because a
government agency breach could have a major impact on the lives of average
citizens. The Department of Homeland Security, for example, is already
exploring options for creating a cybersecurity standard for contractors.
Cloud customers will need
MDR for greater protection
The cloud can be just as
insecure as any on-premises data center, especially given misconfigurations and
the typical cyber hygiene problems that plague most companies. When moving to
the cloud, organizations need to appreciate the fact that they have a shared
responsibility to protect their corporate data along with their cloud service
providers.
As a result, there will be a
greater need for managed detection and response (MDR) to better integrate with
the cloud. Next-gen MDR offers an effective solution for cloud computing
security by providing broad threat defense, such as filling detection gaps and
automating responses to evolving threats.
MDR can be an extension of
your security team or act as your security team. The security operations center
that you gain from an MDR is on 24/7 and can act on alerts to ensure that your
environments, both cloud and on-premises, are protected from bad actors.
Humans will matter more
than ever
When it comes to
cybersecurity, you can't rely strictly on automation. But a lot of companies
do. They believe that humans can be removed from the cyber equation and
replaced with AI and automation technology. While there's no doubt that
automation is getting better, it is unlikely to reach a level of maturity to
truly remove humans in anyone's lifetime that is reading this.
Of course, automation is
necessary for managing certain processes and correlating disparate events. But
to find and mitigate nefarious attacks, human involvement is just as critical
as the latest and greatest security tools. Cybercriminals are humans and you
need human defenders to combat human attackers.
Companies should never forget
about the importance of the human element in detecting and deterring threat
actors. In the coming year, human intervention can be the difference between swift
containment and grave consequences.
Natural disasters will
bring increased cyber risks
Natural disasters like
hurricanes, wildfires, earthquakes and floods are increasing in size and
frequency. And when natural disasters strike, communities and organizations are
the most vulnerable. Cybercriminals understand this-and they will make it a
priority to take advantage of environmental events to create more havoc by
targeting physical infrastructure like electric grids, fuel pipelines and water
systems with ransomware attacks.
Businesses, state and local
governments must respond to this growing threat by better preparing their
defenses and regularly running disaster drills and simulations to counter these
threats. The more they practice, the better their response will be.
At Pondurance, we joined
forces with the Indiana National Guard who conducted a drill at Muscatatuck
Urban Training Center in Indiana, to test preparedness and bolster defenses.
This drill involved a simulated earthquake followed by a cyberattack, with bad
actors swooping in amid the chaos and attacking the water system to try to shut
it down as the National Guard deployed its defense tools to protect networks,
people and property. We also participated in a workshop for water and
wastewater utilities in a red team / blue team cyber simulation event in
another effort to bolster defenses by sharing knowledge.
Cyber insurance will be
harder to get
Cyber liability insurance is
a type of insurance designed to cover losses and penalties associated with a
data breach or other cyberattack. But this kind of insurance will become harder
to get. Why? Because for the first time, ransomware has hit a level where the
payouts by insurance companies are now exceeding the premiums being paid. That
means large insurance providers could limit the amount of business they book
and be very selective when it comes to underwriting new cyber policies.
Some cyber insurance
providers are even excluding ransomware coverage when they renew customers.
Businesses will have to up their investments in cyber tools, processes and
staffing to prove to insurance providers they are a worthwhile risk.
Nation-state attackers will
expand their disinformation campaigns
Nation-state attackers will
target the U.S. economy and financial institutions with disinformation, much
like they have targeted our political institutions. These nation states could
spread misinformation about the viability of our banking system, thus stoking
panic among consumers and causing a run on our banks. These campaigns will be
small in nature, but they could add up to make people lose confidence in our
financial systems.
High schools and trade
schools will start to train the cyber workforce
The search for cyber talent
will continue to be front and center. The cybersecurity industry is currently
short about 3 million qualified workers, according to the latest (ISC)2
Cybersecurity Workforce Study, and this shortfall is tipping the balance in
favor of the bad guys. To help level the playing field, we will
start to see more educational programs geared toward cyber, including the rise
of trade schools with specialized degrees, as well as more high school programs
that are focused on cyber skills.
Companies will realize that
they can hire talent directly from high schools and trade schools, and that
cyber workers of the future don't necessarily need a four- year college degree
to enter the field.
This should help with the
shortage of skilled workers needed but will take some time!
Conclusion
Cybercrime is not going away.
If anything, the problem is getting worse, threatening to cripple organizations
large and small. At the same time, security technology is evolving at a
dizzying pace, such that newly acquired solutions are becoming legacy
technology shortly after they're implemented. With both cyberthreats and cyber
technology moving so fast, organizations should increasingly seek out the right
partners to help manage and mitigate their risks - better protecting their
business.
##
ABOUT THE AUTHOR
Lyndon Brown, Chief Strategy Officer at Pondurance
Lyndon Brown is an
experienced technology executive focused on building high-growth enterprise
SAAS companies. At Pondurance, he is responsible for product, marketing,
corporate development, and driving cross-functional performance. He joined
Pondurance from FireEye Mandiant, where he served as Vice President of Business
Development, focused on strategic growth initiatives.
Lyndon has held senior leadership roles in multiple fast-growing cyber security
companies - Endgame (acquired by Elastic) and Verodin (acquired by FireEye).
Lyndon currently serves on the Board of the University of Maryland's Department
of Electrical and Computer Engineering (ECE) and multiple startup advisory
boards. He makes direct angel investments and acts as a trusted advisor to
venture and private equity teams.