With 2022 fast approaching, it’s good practice not only to reflect on what you’ve achieved over the past year, but to look ahead and consider what the next year may bring. We’ve polled our security experts and collated our top 10 cybersecurity predictions for 2022 and recommend some ‘new year’s resolutions’ to help alleviate some of these concerning forecasts.
1. Megabreaches are to skyrocket
Increasingly we’re seeing more megabreaches with significant cloud organisations that we rely upon. The WhatsApps, the Facebooks, and the public cloud… we have tracked more than 10 specific outages on Content Delivery Networks alone this year. These outages seriously impact our lives and our organisations because we expect them to be always-on.
2. Organisations will continue to get caught out by the basics
All digital organisations possess a tangible attack surface, anyone can tell you that they stared at a 500-rule firewall policy, but the complexity in these things is rife. The biggest barrier to effective cybersecurity is not the number of malicious actors, it is failure by organisations to carry out basic hygiene practices.
3. Browser password management vulnerabilities to cause organisational destruction
People put so much faith in browser password management tools, given the potential risk for leakages. These tools can provide access to some significantly sensitive assets in our organisations, making them an immediate problem should they be compromised.
4. Coordinated in-authentic behaviour (fake news and social media control) will surge
With the new election cycles in Europe, USA, and Japan, we predict the use of fake news and social media control operations will continue to escalate, as this has become a favoured method for threat actors to ‘shame’ their victims by spreading misinformation to taint organisational reputation.
5. Software and managed services supply chain issues will be abused
Supply chain compromises will continue to advance in the new year, with threat actors making use of the connections that suppliers have into our organisations. Importing their own files into installers or updating packages to compromise software distribution servers and deliver their malicious payloads to users.
6. Cloud security posture accidents to accelerate
In a rush to the cloud during the pandemic, some organisations procured cloud tenants and accounts without consideration of authorisation management, which we predict will cause a lot of dirty networks. Consider building a martini style network to gain consistency of controls.
7. GoLang to become the new malware language
GoLang has been steadily on the rise since being identified among the top 20 languages, we predict it will become the ‘GOTO’ language for malware in 2022. GoLang enables a single codebase to be compiled for all major operating systems, which is particularly concerning as Mac, Linux and Android can all be affected.
8. The VPN is dead
The virtual private network makes no sense in today’s zero trust environment, but the move from this function will take years to come to fruition. The growth of Software-as-a-Service inevitably will make VPNs redundant, and not worth the risk.
9. Automated cyber control testing to become the new addition to alert fatigue
In today’s threat landscape, blind faith is not an option with cyber controls. Inevitably, with so many associated elements, if your cybersecurity measures work today, they may not work tomorrow. By adopting automated cyber control testing, it will force you to fix your sensors instead of turning down the alarms.
10. Recovery will become the NEW cyber security defence
It’s all well and good thinking about protecting, detecting, and responding to an incident, but what is the point if you cannot recover? Recovery is often the last to be considered, resulting in many organisations finding themselves in an incident before they know it, and being forced to figure out their rescue plan on the fly.
New year’s resolutions for your 2022 strategy
- “I will ask to see proof of the risk reduction for each technology solution I own and use this as the primary decision-making capability in my 12–18-month strategy.” – Phil Davies, Lead Security Consultant at Secrutiny
- “I will have evidentially tested and validated (not just a nod from Bob in back up) that the business can quickly recover from a ransomware attack.” – Ian Morris, CEO and Co-Founder at Secrutiny
- “I will run at least one end-to-end simulated incident with a view to identifying impact and lateral movement exposure, to understand where we need to focus response and recovery effort.” – John Winchester, Director of Product Development and Operations at Secrutiny
- “I will implement data loss prevention software with digital rights management tools, so that I can increase my situational awareness of tampering with credentials and data loss.” – Dr. Shane Shook, Chief Security Advisor at Secrutiny
For a more in-depth look into best practices that IT leaders should consider in the new year, why not check out our 2022 New Year’s Resolutions podcast.