Industry executives and experts share their predictions for 2022.  Read them in this 14th annual VMblog.com series exclusive.

Why Organizations Need to Bolster Cyber Hygiene in 2022

By Daniel Spicer, CSO, Ivanti

While the COVID pandemic was a major global focus for 2021, security has also been in the spotlight for much of the year. A number of highly publicized cyber attacks dominated security news and revealed just how unprepared many companies were for the range and variety of attacks. Security will continue to occupy the spotlight in 2022, as there's too much momentum built up on the side of the bad actors.

Phishing attacks will continue to plague organizations

Phishing is an excellent example of a preventable crime. This tactic should have been eradicated long ago, but as an industry we failed. According to a recent survey, a whopping 74% of respondents said their organizations had fallen victim to a phishing attack in the last year. SMS phishing is the latest variant to gain traction. It works much like an email phishing scam, but instead sends deceptive or malicious links through text messages. In 2022, we can expect to see more sophisticated phishing scams. For example, we may see threat actors targeting marketing firms and tools used by email marketers to achieve maximum impact. Since marketing emails come from trusted domains, end users are likely to trust them and click on links, increasing the success rate of attacks.

Ransomware attackers will include more data theft

Several steps up the cyber attack ladder, ransomware is a universal problem that is also not going away. Following the rapid shift to remote work, remote access services became easy and primary targets, with phishing often used as the attack vector. Ransomware has continued to evolve, with attackers increasingly leveraging known vulnerabilities that have remote code execution and privilege escalation capabilities. In 2022, we can expect ransomware attackers to continue to mature their tactics, expand their attack arsenals, and target unpatched vulnerabilities across enterprise attack surfaces. However, as more organizations back up their data, threat actors will likely skip the deployment of ransomware and just go straight to stealing the data and blackmailing organizations. In terms of industries to watch, in 2022, as the pandemic calms down, we believe that the healthcare industry will be targeted more aggressively. For critical infrastructure industries such as food supply chain and energy, we will continue to see more attacks because they are not as secure as other industries. Hopefully, this will spur on bigger budgets and increased spending on the right security controls for these industries. 

Automating cyber hygiene will become increasingly important

None of this seems reason to celebrate the New Year, but there is some good news. Ultimately, most attacks are the result of poor cyber hygiene. Even an advanced attack, such as a supply chain or ransomware attack, often starts with basic tactics like social engineering, phishing, or exploiting vulnerabilities in unpatched software to infiltrate environments and deploy malware. Finding ways to automate cyber hygiene will become increasingly important, especially as environments continue to get more complicated. This includes leveraging a combination of risk-based vulnerability prioritization and automated patch intelligence to identify and prioritize vulnerability weaknesses and then accelerate remediation. In fact, the White House recently released a memo encouraging organizations to use a risk-based assessment strategy to drive patch management and bolster cybersecurity against ransomware attacks.

What's the takeaway? Organizations will continue to face cyber challenges in the new year, as bad actors gain confidence and improve their skill sets. Now that we have settled into a Work From Anywhere mentality, all employees should play a role in cyber safety by participating in their organization's suggested policies. Likewise, organizations need to work to stay secure and still maintain a great employee experience, no matter where those employees are working. Automating all cyber hygiene processes will keep your organization as safe as possible and keep your security team free to deal with bigger issues, should they arise.

##

ABOUT THE AUTHOR

Daniel Spicer serves as CSO of Ivanti, a global technology company that enables and secures the Everywhere Workplace. Daniel is dedicated to enhancing the organization's overall cybersecurity infrastructure by assessing future acquisitions for security strength, working with engineering teams to build stronger security into Ivanti's solutions, and ensuring Ivanti's network security is bolstered to protect its own systems and data. Daniel specializes in incident response and threat hunting. Prior to Ivanti, he led investigations and created solution response strategies at Stroz Friedberg, a recognized industry leader in the field of incident response and digital forensics. Prior to Stroz Friedberg, Spicer served as a senior security analyst at The University of Texas at Arlington. Before that, he held several security positions at the United Space Alliance, where he developed and maintained security plans for its mission-critical shuttle operations system in support of NASA.