According to a report, there’s a 125 per cent increase in cyberattacks year-over-year, and the impact was observed for almost every industry. An uptick drives the growth inactivity by the nation-state and cybercrime actors, targeted ransomware and extortion operations.
More than ever, organisations realise that weakness breeds vulnerability, so being aware of industry impact patterns, coupled with sound threat intelligence, can help to counteract persistent threats.
But unearthing and addressing these inefficiencies is an enormous challenge. We spoke to industry leaders and experts in cybersecurity on the most critical challenges facing organisations in 2022 and the possible solutions.
Dr Oren Eytan, CEO, odi-x
Challenges:
Cyberattacks will grow in both quantity and sophistication. The email vector remains the most critical entry point for hackers. The focus should be heavily leaning toward email security to provide consumers with the best protection and value.
How to tackle:
Companies must actively conduct risk assessments of their valuable assets and protect them. The key to resolving or mitigating the threats is to design your email environment technology, administration, people, and policies.
Steve Garrison, VP of Marketing, Stellar Cyber
Challenges:
Companies will need more than SIEMs and device logs to gain total visibility over their IT infrastructure. In the process of deciphering the information, analysts may not see nascent attacks underway because they have trouble correlating alerts between one log and another.
How to tackle:
Deploy a security operations platform that integrates data from SIEM, endpoint detection and response, network detection and response, user behaviour analysis and other discrete tools; correlated and analyses the data using advanced AI and ML technologies, and produces prioritised, contextual incident notices that allow analysts to take immediate action. The missing ‘glue’ unifies all log data and dynamically makes sense out of it.
Raj Samani, Fellow and Chief Scientist, McAfee Enterprise
Challenges:
The use of targeting individuals could grow through espionage groups and other threat actors looking to infiltrate organisations for their criminal gain. The nation-state will increase its offensive operations by leveraging cybercriminals. Self-reliant cybercrime groups will shift the balance of power within the RaaS eco-kingdom, and less-skilled operators will not have to bend the knee in the RaaS model power shift.
5G and IoT traffic between API services and apps will become increasingly lucrative targets. Key risks that will evolve in the future include the misconfiguration of APIs, exploitation of modern authentication mechanisms, the evolution of traditional malware attacks to use more cloud APIs, the potential misuse of APIs to launch attacks on enterprise data and the use of APIs for software-defined infrastructure.
Expanded exploitation of orchestrator, image or registry, and container risks could lead to endpoint resource hijacking through crypto-mining malware, spinning up other resources, data theft, attacker persistence and container-escape host systems.
How to tackle:
The predicted increase of nation-state actors getting into cybercrime in 2022 should compel companies to audit their visibility and learn from tactics and operations conducted by actors targeting their sector. Organisations should maintain regular, offline backups and ready an incident response plan. Recommended mitigations also include bringing security into the DevOps process through continuous posture assessment for misconfigurations, checks for integrity of images and controlling administrative privileges.
Gaining visibility into application usage and looking at consumed APIs should prioritise organisations to ultimately have a risk-based inventory of accessed APIs and a governance policy to control access to such services.
Saket Modi, CEO, Safe Security
Challenges:
Attacks against the application development pipeline and third and fourth-party partners will rise. As the attack surface continues to widen, so will vulnerabilities. Hackers will inevitably gain access to organisations’ sensitive data through their third and fourth-party relationships as well as the development and release of their applications.
How to tackle:
Cybersecurity and data science will unite to help organisations better understand and proactively protect against increasing threats. The combining forces will continue to grow out of necessity as the application creation, and enterprise data continue to explode and dramatically expand the attack surface.
Devin Redmond, CEO, Theta Lake
Challenges:
With more remote and hybrid working, liability from leaked chats, online meetings, and similar digital channels will hurt organisations across industries. This is likely to include sensitive and private data from individuals and organisations.
How to tackle:
Highly regulated organisations need to maintain compliance standards, accountability, and provability that demonstrate they can adequately archive, supervise, and discover misconduct and data exposure risks to protect customers, employees better, and their data.
If you liked reading this, you might like our other stories
Why Is API Security Crucial More Than Ever?
Beware of These Ransomware Gangs