Cybersecurity moves fast. It can be hard to know what will happen tomorrow, let alone in the next months. Cybercrime showed no sign of slowing down in 2021 and enterprises continue to fall victim to cyberattacks, with gangs targeting larger organizations with increasingly large demands.
In good news, we can always take stock of the recent past and know what to prepare for. In this article, specialists point out five forecasts for cybersecurity in 2022 — is your company prepared if the predictions come true?
Content Summary
Enterprise-level security comes home
APIs become part of the attack surface
SIEM vendors add to XDR confusion
Insider breach damage exceeds nation-state attack damage
Rise of SOP-V platforms
Enterprise-level security comes home
Companies must secure data on home networks in 2022. The hybrid workplace is here to stay, and with more employees outside the traditional network perimeter, the attack surface has grown exponentially. Organizations need to rethink their longer-term strategies for securing distributed and diverse environments, as they now have a reason to help employees protect personal networks. Vendors already have Secure Access Service Edge products available –for example, Palo Alto Networks’ Okyo Garde and Fortinet’s Linksys Home WRK. Expect to see more as the year progresses.
APIs become part of the attack surface
Attackers are setting their sights on unprotected APIs, and API attacks will see a banner year in 2022. These often-overlooked connectors between applications frequently have access to sensitive data and are vulnerable to common web application vulnerabilities, such as distributed denial-of-service attacks and SQL injection. Securing APIs is difficult, because of the increasing number of them used that are internaland external-facing. Plus, confusion surrounds not only how many APIs are in use at an organization, but also who is responsible for handling API security. Companies must take stock of the APIs used in their organization and properly secure them in 2022.
SIEM vendors add to XDR confusion
Extended detection and response (XDR) have been around for three years, but uncertainty about it remains. Organizations may not understand what XDR provides, and endpoint security vendors aren’t making it any easier. In 2022, expect SIEM vendors to exacerbate the issue as they insist, they provide the same services by adding XDR features to their SIEM products. Specialists say that some SIEM vendors rebranded existing SIEM products under the umbrella of XDR, and SIEM vendors are expected to respond with new features that align with XDR leaders. This will level the playing field between XDR and SIEM, causing additional confusion.
Insider breach damage exceeds nation-state attack damage
Ransomware is a perennial issue and will continue to be in 2022, but don’t overlook insider attacks. Specialists predicted a major organization will fall victim to an insider attack and that the cost of insider breaches will exceed nation-state attacks. Victim companies may also not want to admit an insider attack due to embarrassment and liability worries. Insider threats were certainly happening in 2021–for example, in December, the U.S. Department of Justice announced the arrest of a Ubiquiti employee who attempted to extort the company. But expect to see more of them in the news – and hitting the wallet hard – in 2022.
Rise of SOP-V platforms
Anew acronym will make the rounds in 2022: security observability, prioritization and validation, or SOP-V. SOP-V products unite attack surface management, vulnerability management, asset management, threat intelligence, security testing and risk ratings. With SOP-V, enterprises can improve monitoring and response, learn what is happening on the network and account for assets at scale. It will change the game, integrating individual tools and building an architecture so they can share data for analysis and allow analytics to prioritize risk.
