Information security remains the one constant issue that seems to unite everyone in governments and businesses and impacts everyone from leaders to workers to consumers. It is the one topic that does not know recognise national borders, religions and beliefs, cultures, and ethnicity.
Barracuda Networks threw in its security predictions for the coming year.
Ransomware will still be a problem
Ransomware will still be a problem, but we're starting to see governments taking it very seriously and collaborating at the nation-state level. The more active actions from these collaborations are slowing down the ransomware attackers' ability to transfer their assets, which will impact the volume of attacks in 2022.
There will be a renewed focus on governments prioritising cybersecurity initiatives, building alliances with vendors, and sharing data with other countries. This level of collaboration will help improve security for everyone.
However, ransomware will still dominate the news because that's the most lucrative way for the bad guys to make money right now.
In the post-breach era where attackers are ahead of their targets since they have their hands on stolen data, including credentials, these attacks range from extortion on valuable data to penetrating the software supply chain.
It has gone beyond disrupting business operations and goes as far as revealing information to discredit a corporation and destroy the trust chain. Figuring out how to slow that down by encouraging collaboration between governments and developing alliances with vendors will be critical in the year ahead.
Critical infrastructure will face the greatest security challenge
Critical infrastructure will continue to face significant security challenges in 2022. This critical infrastructure includes everything from energy and financial services to education and healthcare. Attacks on critical infrastructure have the most direct impact on people's lives, so security will be a challenge as cybercriminals continue to focus on these vulnerable areas.
COVID-19 will continue to impact security
The COVID-19 pandemic has shown that cybercriminals are willing to exploit the crisis to attack critical infrastructures like healthcare and the vaccine supply chain.
It will be necessary for hospitals and healthcare organisations to understand the three steps of ransomware protection: avoiding credential leaks, securing access to their applications and infrastructure, and backing up their data. That will help companies get through the pandemic with as little impact from cyber-attacks as possible.
Editor’s Choice: FutureCISO Security Alert: Worst cyber security vulnerability
New skills needed: forensics and XDR
IT security executives need to develop the ability to understand forensics and incident response. Many IT security organisations — whether they're large companies or small companies working with a managed service provider — are still struggling with too many tools and not getting the signals to work together.
Detection and response will be the keywords to help IT security executives achieve what they need to in 2022 and beyond. Improving in this area will require an Open XDR platform or managed XDR solution through a service provider. Those tools will enable IT security executives to respond more efficiently than they are now.
Right now, most companies have more tools and more information than they know what to do with. It will be essential to capture the signals from each tool and correlate the data for actionable insights.
From prevention, detection to response, it will require forensics and security analytics skills to defend against today’s cyberattacks. And we are all aware of the shortage of cybersecurity skill sets; therefore, utilising a managed SoC (Security Operations Centre) with XDR capabilities could be the answer for small, medium enterprises.
Expect consolidation on data-driven platforms and MSSPs
Consolidation on data-driven platforms is one change to see in 2022 as the market moves to more of a service-driven kind of tooling, including XDR and managed detection and response.
Detection and response will get more complex, and it's a skill set many organisations are missing that will need to be addressed. Many companies, especially SMBs or small-to-medium-sized enterprises, will need some type of managed service to get the assistance they need to respond efficiently and effectively and survive these cyber-attacks without investing so much in building a team in-house.
So, a lot of that market is going to shift toward managed security service providers. At an enterprise level, it will mean getting to know what tools they're using, which signals they're getting from those tools and consolidating those signals to make detection and response easier.
New security roles are coming
Cybersecurity champion is a new role that we will start to see emerging in the next few years, especially at organisations where they are developing software.
Security champions will focus on what’s been dubbed “shifting left” because now it is about the developers, software development, and the software supply chain, which includes Open-Source libraries and other third-party libraries.
On the very left of the entire software development lifecycle, getting that level of security attention at the developer level is where those roles will start to add value.
The other emerging role in the next few years is a security analyst. To effectively detect and respond to threats, which means forensics and incident response, companies need security analysts who understand the correlation of these different signals and can execute on responding to these threats.