By Sean Duca
The accelerated pace of digital innovation parallels the rise in cyber-attacks. As technology is both an enabler and disruptor to our way of life, the question remains: Are organisations well-equipped to deal with the security threats we will face in 2022?
Here are our predictions for the cybersecurity trends that will shape the digital landscape for the year ahead:
As calls for regulations gather steam, cryptocurrency will fuel the evolution of the ransomware industry. As a result, businesses will focus on improving their cybersecurity posture, identifying their level of preparedness for an attack, and closing any gaps in their existing security systems.
Security leaders must lead boardroom discussions, position cybersecurity as a team sport, and drive collaboration between security providers, cloud vendors, and telecom partners. The more united we are in our approach against cyberattackers, the harder it will be for them to put our finances, information, and livelihoods at risk.
Increased interactions with smart, intuitive devices with sensory triggers will create reams of digital data that will double up in existing physical spaces. Organisations need to draw up a strategic approach that will provide complete visibility into this hyper-connected security infrastructure.
Organisations will need to adopt an ironclad strategy that combines Zero Trust architecture with Artificial Intelligence (AI) capabilities to help enterprises accurately profile, correlate, and contextualise every digital entity on who they are, what they are accessing and always verifying every stage of digital interaction, thus eliminating implicit trust and validating every stage.
Attacks on essential infrastructure worldwide are on the rise. This trend will continue in 2022 and so will the need for fast-tracking global policymaking and regulatory collaboration. Governments and businesses will have to work together to create safeguards against complex threats, particularly those that target critical infrastructure through supply chain gaps.
Strong threat prevention and response strategy are indispensable for all critical infrastructure. Correlating endpoint threat data helps to better identify the source and spread of advanced attacks. Time-strapped security teams will benefit from technologies such as behavioural analytics and SOAR (Security Orchestration, Automation, and Response).
As remote workplaces go mainstream, enterprises will continue to deploy remote workforce management solutions such as Secure Access Service Edge (SASE) that will bring about both security and operational efficiency. We will also see a lot more harmonisation, or application rationalisation, around the all-remote-access technologies that people use, such as VPNs, which can be complex to work out.
Zero Trust will become an integral part of this new security paradigm, where legitimate users will need continuous validation through rigorous authentication and will have select access to applications and services that are necessary to do their jobs.
Greater reliance on digital services will usher in a new era of digital fraud including identity theft and unauthorised data collection. The rise of open-banking and hyper-growth of fintech, poor programming, or security misconfigurations at the application interface levels (API) could leave some groups such as the elderly more susceptible to frauds as new users of digital banking.
Awareness campaigns and educational programs will be central to retaining consumer trust and enhancing anti-fraud measures. Along with this, we will see financial institutions move to DevSecOps or a ‘shift left’ security approach, that will encourage integrating security into all stages of the software delivery process and ensure end-to-end visibility on their API ecosystem.
The writer is vice-president and regional chief security officer, Asia Pacific & Japan, Palo Alto Networks