By Milad Aslaner, Senior Director, Cyber Defence Strategy, SentinelOne
From the Colonial Pipeline attack in May 2021, where an American oil pipeline company suffered a ransomware cyberattack resulting in the total shutdown of its operations, to the Kaseya cyberattack just a few months later that impacted as many as 1,500 organisations, all signs point to continued cyber breaches in 2022 and beyond, as criminals seek to exploit new, and existing, vulnerabilities.
The cyber threat landscape is evolving, and ‘assume breach’ shows signs of being a core principle for most organisations in 2022. Here’s a look at what lies ahead for corporate cyber security:
More organisations move towards Zero Trust
Organisations will be moving from legacy perimeter-based security, which focuses on keeping attackers out of the network but is vulnerable to users and devices inside that perimeter, to a ‘Zero Trust’ security model, where default trust is eliminated, and access is continually authenticated, anywhere in a network.
For one thing, given today’s hybrid workplace – with its combination of work-from-home, work-from-anywhere, mobile and office work – security controls that were designed for the corporate network are inadequate when so many workers aren’t even in the office.
As well, in the wake of the continued adoption of cloud-based computing solutions, Zero Trust architecture will be more important than ever. So many applications are now in the cloud, and the protection layers that IT previously developed were designed under the assumption that these applications would be run on premise. Since most organisations use cloud services, it’s crucial that these companies work with cloud service providers to secure them. It’s not the sole responsibility of the Cloud Service Provider, it’s a joint one.
Ransomware, cloud-based and supply-chain-based attacks: Top risks for 2022
As evidenced by several high-profile cyber attacks in 2021, ransomware and cloud-based attacks continue to be a major problem and look to be a top cyber risk for many organisations in 2022. This type of threat is not only financially damaging, but can also cause long term harm to reputation. And unfortunately, it’s almost become a question of ‘when’ enterprises will be attacked, rather than ‘if’.
Related to this issue are the vulnerabilities introduced by the supply chain. Cybercriminals seek the path of least resistance, and less-well protected companies within the supply chain of larger, heavily defended enterprises pose an almost irresistible target. As well, supply chain attacks are increasing in both scope and sophistication, with newer attacks opening access to thousands of victims in one fell swoop.
As bad actors continue to refine their techniques and efficacy, ransomware and cloud-native attacks will pose a significant threat to organisations in the coming year, from their operations and finances to their customers and public image.
Increasing SOC efficiency with automation
As the skills gap continues to widen in the Cybersecurity industry, more than ever, organisations will be competing for the available talent pool. As a result, many security operations centre (SOC) teams may be significantly understaffed.
New autonomous security solutions can help overburdened SOC teams accomplish more with fewer resources. Such solutions reduce the sheer volume of alerts by automatically remediating the majority of cyber threats, enabling recovery to be part of the automatic response in addition to purely preventative protection. Automation tools also give SOC teams back the time they need to perform higher-priority security tasks and more complex threat analysis.
As organisations are looking into modernising their security architecture, it’s expected in 2022 that companies will accelerate the adoption of autonomous cybersecurity solutions to aid them in their day-to-day operations.
Cybersecurity becomes a CEO matter
Given the high-stakes involved with cyber breaches, when it comes to cybersecurity in 2022, CEOs can’t afford NOT to be aware of what is happening and about the risk level facing their organisations.
At the same time, CISOs need to be able to communicate the costs of cyber threats and their consequences in ‘exec’ language, in order to gain budget and CEO buy-in for cybersecurity.
Whilst there is no crystal ball when it comes to predicting all the cyber threats facing companies in 2022, it is clear that the threat landscape will continue to evolve in sophistication and along new attack vectors. As ransomware attacks remain top of mind, cloud-native attacks increase and supply chain threats continue to grow, organisations can’t afford to take a wait-and-see approach to cybersecurity.
In the next year, companies that take proactive steps now to reduce their exposure to cyber-attacks stand the best chance of protecting their organisation, their reputation and their bottom line.