Almost daily, new technologies are disrupting and (mostly) improving our lives, our businesses, our industries and in the larger landscape, the conveniences and efficiencies we once thought to be the stuff of futurists. If one asks the average person how they thought the future would look, we’re often met with the unimaginative response of, “Where’s my flying car?” You can now answer, not with speculation but with facts: the prototypes are already being tested.
With this comes the inevitability of threats to all cybersecurity. I often find myself having to reiterate to clients that with every new technology comes a seemingly limitless amount of threat actors immediately working on the discoveries of breaking it open. It’s much easier to think of threat actors, not as individual hackers, or really even as individuals at all, but as an inevitable force. Threat actors are like the weather: regardless of your desires, they will continue, and that is completely outside of anyone’s control.
In response to this, we have to be as proactive as we possibly can. Here are the trends we will see heading into 2022.
User Awareness and Simulation
In 2022, it will be no shock to anyone that cybercrime will increase. Cybercrime has increased every year since its inception. Its growth will never diminish, leaving both individuals and organizations feeling anxious. Beyond significant financial detriment, breaches cause levels of anxiety that psychologists say “even rival those of traditional terrorism.”
As such, we have to be vigilant. 2022 needs to have a significant uptick in the amount of simulations companies run within their framework. Hacking and phishing simulation efforts will need to be redoubled and looked at not as a weekly nuisance with emails asking you to open a link or a file, but as a major part of company culture in full. It doesn’t have to be drilled into employees. In fact, it shouldn’t. It needs to be an encouraging effort that employees see as forward-thinking toward the health of the company. If employees want this security as much as the board of directors and the threat prevention teams, it leads to a better overall culture, a better security posture and cybersecurity practices will not be seen as busywork.
Protection Coupled With Detection
A degree of protection is almost a given. We run anti-virus software that comes pre-installed on almost every computer purchased today, and smart businesses run even more innovative and encompassing software. Because this software is so ubiquitous, it’s almost instantly the first target of cybercriminals. It’s the sine qua non, the essential element to get past.
This is why detection has to be our sine qua non in 2022. I cannot stress enough these detection efforts need to be redoubled. It’s paramount that we are vigilant. Malicious and nefarious behaviors need to be identified at greater speeds. Criminal processes being launched through backend channels need to be examined relentlessly. The inevitability of cybercrime necessitates the never-ending evolution of detection methodology, and your IT professionals need to be keenly aware of all of it.
Visibility
In the post-pandemic contemporary landscape, we have so many people working remotely. This is a fantastic advance for people to better divide their personal and professional lives. It also creates a significant number of challenges in the cybersecurity sphere. As EY points out, “Almost 70% of all breaches still originate at endpoints, despite the increased IT spending on endpoint security solutions.”
2022 will see the emergence and growth of two specific responses in our already acronym-heavy vocabulary: endpoint detection and response (EDR) and extended detection and response (XDR). The increasingly antiquated paradigm of detection acts reactively: it matches against what we already know — attack patterns, signatures and previously recorded threat trends.
In contrast, EDR is built for prediction. Because so many of the threats we encounter haven’t ever even been seen by anyone other than the threat actor who created them, EDR combines already acquired threat knowledge with advanced data file analysis and puts it through the filter of machine learning. By collecting and disseminating endpoint behavior, EDR will become a cornerstone of any serious security architecture this year.
XDR is fundamentally an evolution of EDR. In a sense, it’s the big picture EDR. It utilizes the principles of EDR but across all channels: endpoints, networks, clouds, servers, hubs, etc. In short, anything and everything. As Forbes stated, it “provides a unified, single pane of glass view across multiple tools and attack vectors.”
Authentication
This year will see a skyrocket in multifactor authentication because even a modest company would be reckless not to implement it. Human behavior and habits reveal the inherent insecurity of how usernames and passwords are used. It’s built into us genetically. We create things we can remember. This is actionable knowledge that threat actors are keenly aware of, and getting a target’s credentials is tantamount to breaking open the pinata.
Simply assigning or compelling someone to create a complex password with letters, numerals, and characters is no longer a tenable security solution in any way, shape or form. Threat actors employ everything from tried-and-true brute force attacks to extremely sophisticated automated password cracking programs. The importance of multifactor authentication can never be overstated, and its necessity can never be overlooked. Moreover, it plays into the larger picture of detection in this increasingly remote working world: after multifactor authentication occurs, security experts need to be pinged on where it occurs. If your user lives in Pennsylvania, why on Earth is he logging in from Timbuktu.
Cybersecurity Insurance
Cybersecurity insurance premiums will grow significantly in 2022. The never-ending rise in breaches and ransomware occurrences simply dictates that. As a relatively young industry, its own metrics will become more advanced, and its premiums will reflect accurate assessments of the levels of risk inside a company. Already implemented, though not widely publicized yet, there will be an increase in the use of what’s known as an individual cyber score — fundamentally a credit score, but instead of financial reliability, the metric examines the individual’s cyber credibility. We’ll likely begin to see questions like “would you hire someone who’s had their identity stolen?” or “would you take a bump in your cybersecurity premiums to hire an individual whose security was previously compromised in their private life?” It’s somewhat cynical, but 2022 likely has as much excitement as it does cynicism, and when it comes to the bottom line, I’d predict an upward swing in both.