2022 will be the year that many companies that went remote on a temporary basis will decide to make that approach semi-permanent. According to Havoc Shield Co-Founder, Phil Leslie, that will drive a need for cybersecurity awareness that weighs much more heavily on human factors than ever before.
Sure, you can have employee machines set up with endpoint security, password managers, malicious traffic filtering, and more. However, the biggest lever in 2022 will be the way that companies involve their teams in understanding modern security risks and having a heightened awareness to do their part in fending off attacks.
Leslie adds that the moment that an especially well-crafted phishing email slips through automated scans, and your employee is sitting on their couch in their pajamas with no IT person in sight, will be the moment that all of the awareness-building will either pay off or fail. Companies that involve their teams in a positive way in learning about modern security threats will do well in 2022; others will find themselves facing challenging security incidents.
This is just one facet, one opinion about information security and what the future holds. We’ve asked our other friends from different fields to know more about their thoughts on the emerging IT safety trends this 2022. Here are some of their answers:
API Security Will Emerge as a Top CISO Priority
We are living in the application programming interface (API) world. Small microservices running on top of portable containers are essentially APIs that coordinate to deliver full application experience. These APIs present a large attack surface and organizations will prioritize security of these APIs, now that they are being used for critical workloads.
Contactless Security Will Replace the Legacy Badge-Enabled Campus Access
In 2020, COVID-19 massively changed the way the world conducts business. There will be a real long-lasting impact of these changes on physical security at enterprise campuses, factory floors, etc. Contactless access control will replace the legacy badges and hardware as employees, contractors, and other key personnel try to access physical locations.
Cyber-Attacks Will Accelerate in 2022
2021 saw a sharp increase in global cyber-attacks, ending with the highly damaging SolarWinds hack whose unprecedented scale is only now slowly getting revealed. This trend will continue to increase in 2022, as a large portion of the workforce continues to access critical enterprise infrastructure from remote locations.
– Umesh Padval, Venture Partner at Thomvest Ventures
Untracked Assets on the Internet Will Become a Major Reason for Breaches
With modern IT infrastructure in place, including cloud, third-party services, modern deployment practices, etc., the definition of an asset has evolved in the last decade. Adding a hybrid workforce to the mix has resulted in a substantial increase in the number of internet assets. Traditional one-time security assessments will find it hard to keep this ever-evolving attack surface secure. Continuous attack surface visibility will become a major cyber security investment for small- and medium-sized enterprises (SMEs), as well as large organizations.
– Sudhanshu Chauhan, Director of Red Hunt Labs
Organizations Will Be More Conscious with Transmitting Data with Vendors
Well, unless you have been living in Fiji for the past few months, it would have been hard not to hear about the supply chain attacks stemming from SolarWinds. This will affect the cybersecurity community at all levels, from the private to public sector and from the largest of companies to the SMB market. Companies will increasingly come to realize that when they transmit information and data with vendors, they are ultimately taking a risk as to whether the vendor will be a responsible custodian of their data. Everyone will be building up their vendor risk management programs.
– Jonathan Mandell, Chief Executive Officer of Teepee Vendor Risk Management
Businesses Will Start Using On-Premises Solutions and ZTNA Will Be More Popular
I see two trends in information security in 2022. First, companies are going to widely use on-premises solutions for keeping data secure. On-premises service does not store the customers’ information on any third-party’s cloud storage. The information is stored on the company’s server. Second, Zero-Trust Network Access (ZTNA) will gain popularity this year. Virtual private networks (VPNs) became an inadequate option during the pandemic, so organizations will use ZTNA for enhanced security this year.
– Victor Fredung, Chief Executive Officer of Shufti Pro
More and More Clients Will Take Out Cyber Insurance
Something that has been popular with corporate businesses for a while, we are seeing a trend in cyber insurance being bought by smaller businesses. Not many cyber-attacks become public, but out of the attacks that have made the press in 2020, many have used cyber insurance to pay off ransomware criminals so they can quickly get back to normal—with minimal disruption and salvage brand reputation. Ultimately, business owners do not want to lose their business. However, a warning to business owners, check the terms of your cyber insurance and ensure you have the security measures in place mentioned in the conditions, otherwise your insurance is void and will not pay out in the worst-case scenario.
Employees Will Have Limited Access to Organizations’ Systems
We are only human, but it is human error that is the biggest weakness or vulnerability when maintaining cybersecurity. This, combined with remote working, is changing the way businesses address cybersecurity. We are seeing employees given restricted, limited access to systems, particularly outside the office environment. Of course, if they do not have access to systems, it dramatically reduces security risk and removes human error.