It may seem like we’re still all stuck in 2020, but here it is, 2022. With the shift to remote work, the massive proliferation of data, and the expanding range of attacks - ransomware in particular - we’re facing what can seem at times like an endless stream of threats. While that won’t be changing any time soon, what will?
We assessed trends from recent years and predictions made by others, added in our research and identified five key areas to consider when it comes to security in 2022:
1. Wider Attack Surface
While on-prem, cloud services (server farms and external networks), and mobile devices have been the norm for some time now, we’re seeing significant growth in home networks and IOT as well as edge computing and truly remote connectivity via 5G. With more mobile malware, more remote work, more devices, and home networks (routers, wi-fi, etc.) integrated into organizations’ attack surfaces, we’re now faced with a massive area that organizations have to cover in order to protect assets.
“We’re seeing a shift from attacks being endpoint focused (+mail, phishing, malware) to becoming cloud focused (CSP, SaaS, identity) due to the movement of IT workload away from endpoint to cloud.” - Eliav Livneh, Lead Security Researcher at Hunters
2. Continued Expertise Shortage
According to Forrester research, one in ten security professionals are leaving the industry – it’s being called the ‘brain drain.’ This is on top of the existing shortage of experienced workforce. On top of that, a CISO turnover is overdue, as many have stayed in their existing jobs longer than average due to the pandemic timing.
“The ‘Great Resignation’ has an impact on the SOC: people change jobs, but organizations need to retain their talent, and also be ready for employee churn. This is a trend whose effect can be supported or mitigated through technology.” - Lital Asher-Dotan, CMO at Hunters
3. Increase in Third Party Attacks
It’s nearly impossible to run an organization without third party vendors providing applications, data support, and other services. With a larger arsenal of tools for operations as well as for security, third party vendors have become a larger target for attackers. Without thorough visibility on risks throughout the attack surface, organizations can be left vulnerable and open to losing valuable IP and productivity.
“More cyber startups means more security products and a bigger tech stack – I call it Security Overhead – and it makes life harder for the analysts and SOCs to fuse everything together.” - Uri May, CEO of Hunters
4. More Targeted Ransomware Attacks
Reports continue to come in from 2021, but there’s no doubt that ransomware attacks continued increasing at an alarming rate. Many experts predict that ransomware attacks will become more targeted this year. With a greater threat to the attackers of potential investigations and enforcement, they’re becoming more selective of where, when, and how to target organizations. And as ransomware grows in popularity as a tactic, it’s also an opportunity for attackers with additional motives to hide malware in the process. These attacks are often well-planned over multiple months.
“Some people think ransomware is this reactive kind of operation and we don’t have any chance of stopping it, but that’s not the case. It’s a complex operation with multiple touch points, a sophisticated kill chain, and lateral movement. - Uri May
5. Next Level Automation
With the larger tech stack, the wider attack surface, and the continued expertise shortage naturally follows a need for more sophisticated automation for security. In many cases, that means more AI and ML powered technology and predictive analytics in order to do as much of the work possible for the analysts to maximize their time assessing potential threats.
“Customers are seeking tools that will enable them to respond accurately, tying security analytics insights with response” - Noam Biran, VP Product at Hunters