Insider threats, supply chain attacks and quantum threats -- enterprise security predictions for 2022
The transition to remote and hybrid working has led enterprises to radically revise the way they operate. This has thrown up a variety of new challenges in ensuring systems remain secure.
Industry experts give us their views on what security issues businesses will face as we head into 2022.
Keith Hollender, global cybersecurity practice lead at MorganFranklin Consulting thinks the move to remote working will lead to more insider threats. "Whether purposeful or accidental, we will see a rise in insider threats and data loss challenges amidst the continued remote work environment. From verifying identities to ensuring sensitive information isn't stolen, it will remain difficult to control what employees do outside of the office as they remotely access files and systems. For example, organizations will need to grant access to employees but can't always tell if their identity is legitimate. To secure remote work, it will require very strong identity and access management controls, less privileged access, and more logging and monitoring which are all challenging to execute. Due to these factors, it will remain very easy for threat actors to circumvent remote access controls in 2022."
Devin Redmond CEO and co-founder of Theta Lake also thinks businesses need a better way to secure remote collaboration tools:
With 91 percent of companies using between two and six collaboration platforms like Teams, Webex, Zoom, Slack, and more, organizations will seek a better way to apply consistent security and compliance policies across platforms.
More examples of liability from leaked chats, online meetings, and similar digital channels will hurt organizations across industries. This is likely to include sensitive and private data from individuals as well as organizations along with examples of bad behavior leading to investigation, censure, employee termination, and more.
Theresa Lanowitz, head of evangelism at AT&T Cybersecurity, believes manufacturing firms will be prime targets. "Organizations in finance, healthcare, manufacturing, energy and utilities, and the public sector will all grow their cybersecurity investments in 2022. Manufacturing, in particular, is a prime area for disruption with the increase in the number of IoT devices during the pandemic to protect their global supply chain and support the convergence of IT and OT."
Jeff Williams, co-founder and CTO of Contrast Security believes software supply chain security will need to be reinforced. "Software supply chain security programs will move beyond just the code you write and code you import to start including all the tools used in the software development process, such as build tools, test environments, and developer laptops."
However, Moshe Zioni, vice president of security research at Apiiro, thinks supply chain attacks will peak in 2022. "I believe that supply chains will peak in 2022 due to insights from both sides of the coin. For example, on the attacker's side, cybercriminals will be drawn to supply chain attacks more than ever because of the ease of operation under the 'black-box' that those systems provide. With that said, from the defender's side, I foresee that we'll see more and more solutions, detection mechanisms and practices for different parts of the supply chain that will be present at more enterprises, leading to better detection chances."
Colin Earl, founder and CTO of Agiloft, thinks strong infrastructure is key. "It's normal to get excited about new technology whether it be the Metaverse or a revolutionary new machine learning algorithm. However, with the rapid innovation occurring across industry sectors today, enterprises make sure to also invest in critical IT infrastructure to support these new systems. With innovations like these, there comes a whole new set of challenges ranging from regulations and compliance issues to security. The proper fundamental infrastructure and functions like CLM still need to be maintained for these companies to avoid added risk and legal liability. As we've seen with Facebook over and over again, ignoring best practices for legal and compliance can lead to massive government fines and damage brand regulation, regardless of the size of the company."
Robert Penman, analyst in the thematic research team at GlobalData, believes quantum threats need to be taken seriously:
Quantum developments have the potential to break public-key cryptography, which secures most of the internet. Shor’s algorithm may render Rivest-Shamir-Adleman (RSA) encryption useless, and both IBM and Google have roadmaps to create quantum computers capable of defeating RSA by 2030.
While there is a risk it will be caught unprepared, the cybersecurity industry will likely develop quantum-resistant encryption before RSA codes are broken. However, powerful quantum computers in the future could break the encryption of secure communications captured today. The consequences are the potential for huge data breaches in the future, with important communications, personal data, and national security matters unlocked. It is therefore imperative that companies implement quantum security solutions in 2022.
Kevin Bocek, VP security strategy and threat intelligence at Venafi, thinks enterprise IoT is set to become a target. "The devastating consequences, both direct and indirect, of ransomware attacks against critical OT infrastructure wreaked havoc on water treatment systems, took down food and agriculture plants, and even spurred panic buying of gasoline in the case of Colonial pipeline. With these successes behind them, we’ll see attackers shift targets from takedowns of OT infrastructure to enterprise IoT devices. In the case of Facebook’s outage becoming a kinetic event, employees were unable to scan badges on IoT readers to enter their office. Next year, we should expect to see ransomware holding enterprise IoT devices hostage. These campaigns will attempt to take over everything from security cameras to diabetes monitors to point of sale devices, often by stealing machine identities. And because IoT depends on machine identity, individual things don’t need to be targeted, just the service providing software updates and command-and-control. This will be the new face of ransomware in the enterprise IoT age."
CEO sales and marketing at BlueFort Security, Dave Henderson, believes businesses will need to review their security policies. "IT strategies that were written even three years ago will become -- in large part -- a thing of the past. It was probably written when the company had physical offices, and most employees worked there. As we wave goodbye to 2021, offices are still largely empty. The concept of networking is increasingly difficult to define. Security teams are having to deal with user sprawl and device sprawl. Instead of securing a main location of 1,000 employees, they're now having to secure 1,000 branch offices each with one employee in it. The concept of all endpoints being in a secure network location is the thing of Christmas pasts. From a cybersecurity standpoint, the assumption should be that every endpoint is in a hostile situation."
On a bright note, we will see more CISOs appointed to company boards thinks Brendan Hannigan, CEO and co-founder of Sonrai Security. "The most valuable commodity is data and the one responsible for that is the CISO. We now see the role of the CISO elevated to a leadership role to help remediate risk management for the business."