There is no doubt that this year has been a year of disruption, change and opportunity within the cybersecurity industry. With 2022 on the horizon, find out what the experts have to say about the top trends impacting the industry now and what to look out for in the future…
Carlos Morales, VP Solutions, Neustar Security Solutions:
“Cybercrime has become a lucrative and mature market. We have witnessed the proliferation of extortion tactics and the huge disruption they can cause to both public and private interests. Meanwhile, criminal groups have openly collaborated with peers – aligning their strategies, picking targets, and agreeing on safe-havens. This sophistication, combined with a booming market, means that what were once individual criminal ‘groups’ and malicious actors are now fully-fledged criminal enterprises, providing as-a-service offerings and malware licenses to established customer bases and target markets.
“As a result, we will see stronger strains of existing well-known malware and refined attack strategies emerge, while targets become ever more ambitious. What’s (or rather, who’s) next? Public infrastructure and large, private businesses that provide vital services (like cloud providers or data centres) will likely remain at the top of the target list – with the risk of the potential knock-on effects making paying-up an enticing offer. Organisations really need to implement an ‘always on’ approach to network security to ensure fast and automated responses to attacks and they need to partner with security providers that continually evolve their defence capabilities. These new best practices offer far, far more cost-effective in the long run and provide peace of mind for organisations.”
Jim Hietala, Vice President of Business Development and Security, The Open Group
“2021 saw the emergence of Zero Trust security architecture as the forward-looking security architecture, and as a consequence, we also saw vendors using and abusing Zero Trust in their messaging. In 2022, we expect to see Zero Trust move from concept to practical implementation, with the availability of more vendor-neutral industry standards and best practices, including reference models and architectures that will help end users to build viable, multi-vendor security architectures based on Zero Trust principles. Open standards will be key to this development.”
Stephan Jou, CTO Security Analytics, Interset at CyberRes, a Micro Focus Line of Business
“All indications are that AI technologies will be increasingly prevalent in cybersecurity. This includes everything from the increasing adoption of technologies like UEBA by enterprises, surveys that show investment in AI by SOC teams, and the adoption of ML and other AI methods by SIEM, IAM and other systems.
“However, the types of AI that will be adopted in 2022 will be focused on specific, battle-tested techniques such as statistical learning, anomaly detection, and (in a more limited capacity) NLP. Certain areas of AI research, such as large language models (like GPT-3), will not be heavily adopted in 2022 for cybersecurity. This is because there is not yet a good use case match within cybersecurity for those technologies, and also because the computationally expensive and non-transparent nature of these approaches do not lend themselves well to the SOC needs at present.”
Kai Waehner, Field CTO and Global Technology Advisor, Confluent
“Cyber threats are not new. However, our more and more connected world increases the risks. Successful ransomware attacks across the globe enforce enterprises to take action by implementing situational awareness and threat intelligence in real-time at scale to act proactively against cyberattacks.”
Fabien Rech, EMEA Vice President, McAfee Enterprise
“Our reliance on API-based services is rising, as they quickly become the foundations of most modern applications. This is only set to rise further in 2022, as global use of the internet, 5G, and connected devices continues to boom – this year alone, we saw a 57% increase in online activity.
“Often business-critical data and capabilities lie behind these APIs, and cybercriminals have been quick to take note of this and exploit the increase in API usage. However, attacks targeting APIs go undetected in many cases, as they are generally considered trusted paths and lack the same level of governance and security controls.
“It’s therefore critical that enterprises make API security a priority next year. Organisations must ensure they have visibility of all application usage across their systems, with the ability to look at consumed APIs. Adopting a Zero Trust mindset will support this. It allows enterprises to maintain control over access to the network and all its instances, including applications and APIs, and restrict them if necessary.
“Shoring up on API security is particularly crucial amidst the current supply chain crisis, as APIs are often used as an entry vector for wider supply chain attacks due to their interconnected nature. Next year, supply chains will continue to be a prime target for hackers, and so enterprises should look one step ahead and use threat intelligence solutions to predict and prevent API attacks before they take place.”
Rory Duncan, Security Go To Market Leader UK at NTT
“This year, as we’ve started to recover from the pandemic, demonstrating effective cyber-resilience has become more crucial than ever. This will continue to be a priority for organisations as we move into 2022, as the shift towards permanent hybrid working models for many enterprises will put continued pressure on their ability to detect threats. It’s essential that businesses leaders prioritise security, especially as the trusted perimeter expands to encompass remote users.
“As businesses consider their 2022 hybrid workplace strategies, they need to revisit and re-evaluate security from the ground up and assess where they may have unwittingly created gaps in their security armour. 80.7% of IT leaders have said it’s more difficult to spot IT security or business risk when employees are working remotely, so ensuring visibility by developing a multi-pronged approach to re-imagining enterprise security will be fundamental in 2022.
“The ability to respond quickly and effectively across the distributed IT environment will be paramount next year. The number of cyber-attacks in the headlines is only rising and it’s no longer a case of “if” but “when” an attack will occur. Ultimately, your business will be more exposed if it doesn’t have the right security measures and response capability in place.”
Pritesh Parekh, VP of Engineering and Chief Trust & Security Officer at Delphix
“With intense scrutiny on how businesses prepare for and respond to breaches next year, it’s clear that security and compliance concerns will be the key determinant for any interactions with third parties – whether customers, partners, or vendors. Following the pandemic, digital guides every third party interaction – potentially exposing data as soon it moves outside of the business’s digital walls. Endpoints have become beyond critical when it comes to securing data, but you can’t always control your endpoints if they exist within another organization, right? The answer is, you must, meaning that technology vendors who don’t rise to the occasion and implement the same standards as their enterprise customers will lose business, big time.”
Keith Glancey, Director of Technology Western Europe, Infoblox
“Cybercrime is getting organised. Gone are the days of lone hackers operating from back bedrooms. Cybercriminals are banding together to form businesses, using the dark web to recruit new “talent” and advertise “jobs” they’re looking to fulfil. With bigger businesses behind attacks, the stakes are significantly higher for organisations under fire. It’s not just businesses, either – we’re seeing an increasing number of nation state-led attacks from major players like Russia, China and the US. Their target? Personal data.”
“This systematic approach to cybercrime is a continuation of a broader trend towards “as-a-service” business models. Cybercrime-as-a-Service (CaaS) brings together malware developers, hackers, and other threat actors selling out or loaning their hacking tools and services to people on the dark web. Ultimately, CaaS makes these tools and services accessible to anyone who wants to launch a cyberattack, even those without the technical knowledge to do so.”