13 Cybersecurity Predictions for 2022

Cyber ​​security will continue to be a serious concern for business leaders in 2022. Ransomware and malicious and accidental threats are on the rise. With stricter data regulations, companies are being forced to increase data caution. Data security and use. Here, data security officials have new threats to data. And they share their thoughts on the future, both of which are likely to fail. Cybersecurity Predictions

1 Record-level security will become an issue in Suite C:

Record-level data security will become a hot topic and a key priority in 2022 after a wave of high-profile data breaches that cannot be ignored. We might even see a whole new open standard file format emerge with record-level data security already built-in. ?

2 Businesses will have a Sarbanes-Oxley-sized red flag on federal data privacy and security standards:

There is no way to protect the privacy, access, and use of data without s ” first ensure that the data is secure? A complex job for the governance and security teams that will be specified by the regulations this year. A big regulatory storm is on the horizon: Cybersecurity Predictions a US federal data privacy law at the level of the Sarbanes-Oxley Act of 2002, which would require executives of listed companies to personally certify that security/protection statements company data is correct. I certainly hope we don’t see scandals as shocking as Enron’s, but if the data breaches continue to worsen, we can expect legislation that requires publicly traded companies to have committees of the public. ‘Board-level data audit documenting how the company protects sensitive data, with CEOs and CDOs required to sign accountability statements.

3 One of the weak links in 2022 will likely be the mesh of business applications:

the growing network of integrations enables automated workflows and data exchanges. However, this mesh also allows lateral movement of attackers, and it is well beyond the reach of the company. In 2022, we must anticipate a number of major breaches due to the lack of control in the monitoring of these interconnected data paths between SaaS applications.

4 Cyber ​​insurance will be harder to obtain:

Liability insurance is a type of insurance design to cover losses and penalties associated with a data breach or other cyber attack. But this kind of insurance will become more difficult to obtain. Why? Because for the first time, ransomware has reached a level where payments from insurance companies now exceed premiums paid. Cybersecurity Predictions This means that large insurers could limit the volume of business they book and be very selective when it comes to writing new cyber policies. Some cyber insurance providers even exclude ransomware coverage when renewing their customers. Companies will need to increase their investments in IT tools and processes to prove to insurers that they are a valid risk.

5 Cybersecurity insurance premiums will skyrocket:

Today’s complex threat landscape means that the requirements for affordable cybersecurity coverage will expand, and premium discounts will increasingly be tied to actions organizations are taking or not taking to mitigate threats. I predict cybersecurity insurance companies will become more familiar with security requirements and apply unprecedented scrutiny when reviewing claims and drastically lowering coverage limits. Expect to see more requirements imposed as well as more discounts given for certain policies or technologies used. There will also be an increase in one-stop cybersecurity platforms to help mid-size businesses manage security and meet evolving cybersecurity assurance requirements. These automated solutions will allow businesses to adapt to the dynamic threat landscape and alleviate some of the staff shortage that has plagued businesses in recent years.

6 New and unpatched VPN and endpoint vulnerabilities will be increasingly exploited:

Updating or upgrading the firmware of your endpoint and VPN devices can be a tedious process, requiring extensive testing. before deploying patches and carefully planned maintenance windows. Unfortunately, attackers are well aware of the vulnerabilities and the resulting exposures. This is evident from the CISA list of vulnerabilities repeatedly exploited by attackers in 2020 and 2021. Many are related to remote access. Some are even from 2018. Make 2022 the year in which you master the vulnerabilities of your VPN and your endpoints. Increasing the speed of Zero Trust Network Access (ZTNA) provided in the cloud.

7 Security vendor consolidation is coming:

A trend we’ll likely see in 2022 is that security leaders will be directing their teams to consolidate and simplify their operational systems, rather than adding more and more tools. and programs. This theme should be to consolidate, simplify and get back to basics. By the way, I mean that. That the most important security operations always require the best measures. But the large average business already has 50 to 70 large tool vendors. Cybersecurity Predictions Many teams will be able to integrate their security providers. Probably not. Best yet, but enough to give users a coherent view of things rather than silos. As a result, we should expect to see the number of security providers in large organizations reduce by 20-30%.

8 Ransomware will continue to wreak havoc across the enterprise, causing a steady wave of payloads for malicious actors:

as the U.S. government has strongly advised organizations against paying bad actors when they fall prey to a corporate attack. ransomware, the lack of guarantees, and more stringent solutions will mean that in many cases companies will have no choice but to pay ransomware fees.

9 AI and machine learning will simplify and accelerate the adoption of fraud prevention:

According to a recent report, e-commerce retailers now experience an average of 206,000 web attacks per month, with 42% of businesses reporting fraud digital hinders innovation and expansion into new channels. . Yet despite this, only 34% of businesses invest in fraud prevention and mitigation. With the rise and fall of e-commerce there are no signs of decline. There will be an increase in machine learning to prevent fraud. This will help online retailers track the scammer and spot pattern tactics. Which can be missed by a manual check. Can analyze historical data. And compare it to open transactions. This will be particularly beneficial during peak shopping seasons.

10 Businesses will build applications that are both reliable and secure… or risk crashing:

No business can afford to focus on observability or security, you have to do both. No one will use an application that is reliable but not secure, or secure but not reliable. From a developer and enterprise perspective, we need to raise the bar for both observability and security. We have to reach a common threshold. Every application a customer uses believes that security and reliability are built-in. It is assumed that the applications will run whenever a customer needs them and will remain secure. If you knew that an app was insecure, chances are you will never use it again. If it does both (reliability and security), then the app will still be used. It is that simple.

11 2022 will be the year of the COVID security cleanup:

When COVID-19 forced organizations to transform their business models virtually overnight, companies did what they needed to do to keep the lights on and their employees connected in a distant world. They deployed a large number of new technologies in Sprint to support the operation. And acted so quickly in most cases. That they could not properly respond to security issues. This has left CISOs in a big mess. Eliminate all security flaws introduced by organizations striving for digital conversion. CISO focused on cleaning the covid security. They can only go so fast. And we will see some significant results in the next few years. (E.g. security incidents due to incorrect configuration of cloud, excessive access rights, and shadow IT.).

12 Recalculated Security: Understanding Risk Means Understanding Workforce:

In 2022, organizations will turn to analytics to recalculate their understanding of cybersecurity risks and to reshape their protection strategies. When we talk about business risk. It then boils down to two basic principles: a) What we are protecting. And two) you understand the factors that affect your ability to protect. Why in the last eighteen months we have implemented the “rules” to manage the behavior of employees. They are slowly eroding and the risks can be easily identifi without a clear understanding of this behavior. Controls technology and personnel requirements for remote and hybrid employees. The new rules will determine how we protect our organizations from internal and external threats.

13 Organizations will increasingly embrace low-code security automation:

In 2022, automation will expand beyond the Security Operations Center (SOC) to serve as a record system for the entire organization. security organization. In businesses, there are enough employees fighting for the security forces. And the cyber security forecast “The Big Resignation” puts even more strain on the organization as a whole. Automation will help employees overcome process and data fatigue. Businesses will look to use low-code automation to harness the collective knowledge of their entire security organization and form a centralized logging system for operational data.