Industry executives and experts share their predictions for 2022. Read them in this 14th annual VMblog.com series exclusive.
2022 Threat Outlook - 5 Cyber Trends to Watch
By
Kevin Hanes, CEO, Cybrary
As
organizations endured the Kaseya and Colonial Pipeline attacks, the Log4j
vulnerability and more, cybersecurity leaders are likely feeling a bit
uncertain about what new threats to prepare for in 2021. Ransomware attacks and
data breaches have reached record highs and organizations are spending billions
to protect themselves, so almost everyone would benefit from a "cyber" forecast
to predict the likely challenges we'll all be facing over the next 12 months.
As
cybersecurity thought leaders reflect on the happenings of 2021 and use them to
anticipate what the cybersecurity landscape holds for 2022, there are a few
notable trends to consider. From repercussions for paying ransomware demands, a
blurred line between cyber crime and nation-state attacks, the growing cyber
skills gap, OT environments under siege, and COVID's impact on security issues
(or lack thereof), among others, there's a lot on the plate for cybersecurity teams
to both understand and prepare for in the New Year. Here are some of my topline
thoughts:
Someone finally pays the full price for
meeting ransomware demands
Even
though ransomware attacks over the past couple years have been bad, they were
only the tip of the iceberg. Given the extensive financial motivations for
ransomware gangs and their utilization of insider threats, even current
legislation and the Biden Administration's cybersecurity executive order aren't
going to prevent companies from trying to discreetly meet their demands. That
being said, as organizations weigh the risks of guaranteed pain now versus
potential repercussions later, someone is going to be made an example of by the
federal government in short order. Not knowing the law won't be an excuse and,
although jail time is unlikely, there will be organizations that are indicted
in order to make them think twice about paying these criminals in the future.
The line between cybercrime and
nation-state attacks will continue to blur
Following
a cyber attack or data breach a couple of years ago, threat intelligence
companies could often assess the breadcrumbs left behind by attackers and make
an accurate determination of who was behind it. This was largely in part
because certain threat actors often have a "playbook" that they share to
discuss how to operate. However, given the common rebranding of ransomware
gangs and criminal organizations using the same tactics, techniques, and
procedures (TTPs) as nation-states, some of these attacks are becoming
indistinguishable from each other. Additionally, a single threat actor isn't
solely responsible for some of the larger attacks, but rather a group of three
or five that all have a hand in it.
The cybersecurity workforce shortage and
skills gap won't improve
Following
the Biden Administration's cybersecurity executive order in May, there was hope
throughout the industry that the increased resources and emphasis placed on the
growing threat would lead to closing the cyber workforce and skills gap. However,
it's not going to be an immediate fix and it's also one that needs to be
assisted by private companies that invest in more hands-on training programs
that focus on building transferable technical skills rather than purely
professional development. This way they make their respective security teams
more efficient instead of having to rely on expensive security products. Also,
in terms of geographies, organizations based within countries with allocated
resources, such as the U.S. aren't going to see this issue get worse, but
places without the same prioritization and funding are going to encounter even
more difficulties on this front.
OT environments will be subject to the
cyber "perfect storm"
Centers
that control the entire manufacturing process for organizations are going to be
at even greater risk in the new year. Since implementing new technology and
infrastructure can disrupt their entire environment and supply chain, these
centers often have old security systems that are not supported by vendors anymore.
This perfect storm of bad technology and a lack of adequate patching
capabilities, combined with the fact that it's the closest thing to an
organization's cash register, makes it an ideal and easy target for threat
actors.
COVID's impact on phishing attacks and WFH
security is more bark than bite
Over the past couple years,
many have been talking about the impacts that COVID could have on phishing
campaigns and remote work. However, there's always going to be a current event
or newsworthy item that threat actors can exploit or leverage when it comes to
phishing campaigns. Additionally, even though remote work used to be a concern
at the onset of the pandemic, organizations and employees have adapted at a
rapid pace, leaving a majority of the security concerns in the dust.
As we enter 2022, we can be
certain the cybersecurity landscape will not only continue to offer new
threats, but also present opportunities to crack down on these threat actors
and improve cyber defenses. Although these five predictions are just some of
the ways the industry will evolve in 2022, they're often overshadowed by the
news of the day and deserve more attention than they're currently receiving.
##
ABOUT THE AUTHOR
Kevin Hanes is currently the chief executive officer (CEO) of Cybrary and serves on its board of directors. Cybrary is a company dedicated to building the world's leading cybersecurity professional development platform and aspiring to be THE destination for individuals and teams to develop, deepen, measure, and prove their cybersecurity skills. Before joining Cybrary in June 2021, Kevin spent 8 years as COO of Secureworks. In that role, he helped transform Secureworks into a recognized global market leader in cybersecurity, he built one of the most respected cybersecurity operations teams in the world, and he led his organization through hyper-growth and an IPO. Kevin began his career at Dell Technologies in custom software integration and moved into leadership roles with increasing responsibilities and global scope over his 15 year tenure. While working full-time at Dell, Kevin earned his Bachelor’s from St. Edward's University in Austin in 2003, graduating magna cum laude, and also earned his Master’s at The University of Texas at Austin 2006.