Cybersecurity 2022: New Tools, Dynamic Attacks, and Talent Shortage
With cybersecurity evolving at a faster pace than ever, here are some predictions for what to look out for in cybersecurity in 2022.
Enterprises Break Up With the SIEM (or at least try to)
Love them or hate them, SIEMs have been a cybersecurity
fixture for more than two decades. In the face of new technologies making their lives easier, SOC teams will start asking if the SIEM deserves to still be at the center of their operations.
Hybrid Work Models Make Cybersecurity Even More Challenging
With assets roaming between the office and home, security operators have to monitor a larger and more dynamic threat surface and more tools that introduce compounding vulnerabilities. Compromise visibility will be more important than ever.
Cybersecurity Talent Wars Await
Corporations—and threat actors—will compete to secure the signature of in-demand cybersecurity skills, driving payrolls upwards and taking a further chunk out of budgets. Tools that make SOC teams more efficient with quick learning curves may be the key that helps companies cope.
Organizations Large and Small Embrace Response Automation
One way to be more efficient is to automate repetitive and time-consuming tasks. For this, integrated tools and orchestration between people and technology will become even more critical.
Cyber Insurance Becomes Unavoidable
Though governments are forcing organizations to acquire cyber insurance coverage, insurance companies will be more selective about coverage conditions. Organisations will need to demonstrate a strong cybersecurity practice or else cough up higher coverage rates or miss out on coverage altogether.
Ransomware Gangs Launch Stealth Attacks
After some very high-profile attacks in 2021, ransomware gangs like Darkside and REvil vanished and federal responses intensified. Large attacks will make use of zero days and seek to covertly infiltrate and silently obtain payment.
Small-time, Large-scale Ransomware Attacks
Conversely, more traditional ransomware methods will target smaller targets like desktops with smaller payouts, but on a larger scale. Increased availability of initial access, malware as a service, and ransomware chains will allow new players to enter the ransomware game.
The Adversary Builds New Alliances
Cybercriminals form new partnerships with those who can facilitate access to the network. Employee involvement will grow as the adversary agrees to share the profit.
Supply Chains Become Your New Weakest Link
Western supply chains have been proven to not be particularly resilient.
A compromise that grants criminals access to a host of victims and bypasses defenses will be too good an opportunity to pass up.
Visibility Becomes the Anchor of Cybersecurity Operations
As mature cybersecurity systems evolve to lower dwell times, network visibility will become the key to not only quickly detecting compromises, but also obtaining the information necessary to quickly and precisely eradicating threats.