Three security trends to watch out for in 2022
Digital adoption skyrocketed in 2020-21 owing to the pandemic and increase in the number of users going online. According to data from the Indian Computer Emergency Response Team, the agency responsible for tracking and monitoring cyber security related incidents in India, the country has reported 12,13,784 cyber security incidents in the first 10 months of 2021 compared to 11,58, 208 incidents during 2020.
Clearly, with the increased number of digital initiatives, security concerns too have increased. We believe that 2022 will see attacks growing in scale and complexity. With this context, let us look at some of the biggest security trends in 2022:
1.The Rise of Ransomware-as-a-Service
With most of the workforce working remotely, targeted ransomware attacks are on the rise.The level of security and risk avoidance cannot be matched with that of the enterprise. Bad actors are taking advantage of this vulnerability and are getting into the system to take control of personal or organizational data. But the bigger threat today is that the fraudsters who know how to develop malware are selling it to affiliates to do the work of breaking into an enterprise and holding the data or information hostage till a ransom is paid. Also called ransomware-as-a-service, this trend has seen malware creators providing the entire gamut of knowledge for example hacking tools, SOPs, and collection method to wannabe hackers for a commission of the ransom collected.
Organizations and personal data can be shielded from ransomware attacks by educating employees to identify compromised emails and devices. This is the single most important precaution businesses must consider as research shows that employees who’re aware of these kinds of attacks are 8x less likely to fall for it. Creating a simulated environment or running a drill by conducting ransomware exercises and sending compromised emails and attachments to employees is a great way to alert them.
Attachments in phishing emails, particularly Word, Excel, PDFs, and PowerPoint, may compromise the security of your system. If you get an email that seems sketchy, avoid opening that attachment and report it to the IT department. Ransomware can be averted if employees are trained enough in identifying and reporting any suspicious activity on the network.
2.Supply chain attacks accelerate
Supply chain attacks are relatively new but highly effective type of attack that targets software code. In December 2020, the SolarWinds supply chain attack stood out and affected a huge number of organizations. The hackers managed to compromise a network and applications monitoring software and used it to distribute malware-infected updates to enterprises carrying out the updates. As the software is trusted by enterprises, it is allowed to install updates and sneak in the malware. SolarWinds was not the only high profile attack. This trend continued in 2021, and in July 2021, Kaseya revealed that its VSA product that is used by managed service providers to remotely monitor and provide IT services, was infected with a malicious payload. More than 800 and 1500 downstream enterprises were affected by the attack.
To ensure better protection against supply chain attacks, enterprises must look at deploying policies that allows only authorized apps to run. Enterprises must also inspect each application for any vulnerability and follow a zero trust security approach. They must also analyze every software application for the access rights they have.
3. Increased cloud adoption will require elevated security
As per Gartner’s research, in 2022 public cloud spending will grow by 21.7% hitting $482 billion. As we move towards the new normal of remote and hybrid working environments, cloud computing will gain more momentum in the coming years. With high flexibility and improved productivity of cloud services comes a greater risk of security threats due to infinite access points that can be breached easily.
Unauthorized access is the biggest security flaw in cloud-based systems. As per the cloud security spotlight report, 53% of organizations face unauthorized access through misuse of employee credentials. Identity Access Management (IAM) solutions can be installed to prevent bad actors from compromising your system. Users logging in or using the cloud service will be authenticated and authorized based on the access policies set by the organization.
Partnering with Cloud Access Security Brokers (CASBs) will be wise to mitigate risks involved with a cloud computing environment. The security framework of CASBs differs from that of firewalls and access gateways as they provide;
-Cloud governance, risk assessment, and management
-Increased control over cloud applications and features
-User and entity behavior analytics for threat prevention
-Auditing, data encryption, and malware detection
CASB’s mitigate risks and prevent loss of sensitive data and guard your system from external threats.
Today, organizations are using AI & ML in cybersecurity for two major applications –
Threat Prediction- Organizations using AI for prediction are benefitting from it by understanding and analyzing system vulnerabilities before an attack happens. The system learns from previous attacks, understands system topology, identifies potential flaws, and continuously suggests improvements to create a robust network defense.
Threat Detection- More than 50% of organizations adopt AI & M- based solutions for cybersecurity threat detection, as per Capgemini’s research. Security gaps and irregularities in the network are identified to detect cybersecurity issues and the user is notified to mitigate the threats.
Integrating artificial intelligence and machine learning in IT systems and infrastructure security will reduce the complexity and cost involved in cyber threat detection and remediation.
Clearly, with the increased number of digital initiatives, security concerns too have increased. We believe that 2022 will see attacks growing in scale and complexity. With this context, let us look at some of the biggest security trends in 2022:
1.The Rise of Ransomware-as-a-Service
With most of the workforce working remotely, targeted ransomware attacks are on the rise.The level of security and risk avoidance cannot be matched with that of the enterprise. Bad actors are taking advantage of this vulnerability and are getting into the system to take control of personal or organizational data. But the bigger threat today is that the fraudsters who know how to develop malware are selling it to affiliates to do the work of breaking into an enterprise and holding the data or information hostage till a ransom is paid. Also called ransomware-as-a-service, this trend has seen malware creators providing the entire gamut of knowledge for example hacking tools, SOPs, and collection method to wannabe hackers for a commission of the ransom collected.
Organizations and personal data can be shielded from ransomware attacks by educating employees to identify compromised emails and devices. This is the single most important precaution businesses must consider as research shows that employees who’re aware of these kinds of attacks are 8x less likely to fall for it. Creating a simulated environment or running a drill by conducting ransomware exercises and sending compromised emails and attachments to employees is a great way to alert them.
Attachments in phishing emails, particularly Word, Excel, PDFs, and PowerPoint, may compromise the security of your system. If you get an email that seems sketchy, avoid opening that attachment and report it to the IT department. Ransomware can be averted if employees are trained enough in identifying and reporting any suspicious activity on the network.
2.Supply chain attacks accelerate
Supply chain attacks are relatively new but highly effective type of attack that targets software code. In December 2020, the SolarWinds supply chain attack stood out and affected a huge number of organizations. The hackers managed to compromise a network and applications monitoring software and used it to distribute malware-infected updates to enterprises carrying out the updates. As the software is trusted by enterprises, it is allowed to install updates and sneak in the malware. SolarWinds was not the only high profile attack. This trend continued in 2021, and in July 2021, Kaseya revealed that its VSA product that is used by managed service providers to remotely monitor and provide IT services, was infected with a malicious payload. More than 800 and 1500 downstream enterprises were affected by the attack.
To ensure better protection against supply chain attacks, enterprises must look at deploying policies that allows only authorized apps to run. Enterprises must also inspect each application for any vulnerability and follow a zero trust security approach. They must also analyze every software application for the access rights they have.
3. Increased cloud adoption will require elevated security
As per Gartner’s research, in 2022 public cloud spending will grow by 21.7% hitting $482 billion. As we move towards the new normal of remote and hybrid working environments, cloud computing will gain more momentum in the coming years. With high flexibility and improved productivity of cloud services comes a greater risk of security threats due to infinite access points that can be breached easily.
Unauthorized access is the biggest security flaw in cloud-based systems. As per the cloud security spotlight report, 53% of organizations face unauthorized access through misuse of employee credentials. Identity Access Management (IAM) solutions can be installed to prevent bad actors from compromising your system. Users logging in or using the cloud service will be authenticated and authorized based on the access policies set by the organization.
Partnering with Cloud Access Security Brokers (CASBs) will be wise to mitigate risks involved with a cloud computing environment. The security framework of CASBs differs from that of firewalls and access gateways as they provide;
-Cloud governance, risk assessment, and management
-Increased control over cloud applications and features
-User and entity behavior analytics for threat prevention
-Auditing, data encryption, and malware detection
CASB’s mitigate risks and prevent loss of sensitive data and guard your system from external threats.
Today, organizations are using AI & ML in cybersecurity for two major applications –
Threat Prediction- Organizations using AI for prediction are benefitting from it by understanding and analyzing system vulnerabilities before an attack happens. The system learns from previous attacks, understands system topology, identifies potential flaws, and continuously suggests improvements to create a robust network defense.
Threat Detection- More than 50% of organizations adopt AI & M- based solutions for cybersecurity threat detection, as per Capgemini’s research. Security gaps and irregularities in the network are identified to detect cybersecurity issues and the user is notified to mitigate the threats.
Integrating artificial intelligence and machine learning in IT systems and infrastructure security will reduce the complexity and cost involved in cyber threat detection and remediation.
