Looking ahead: the biggest cyber security challenges for 2022

As we get underway with a new year our Chief Revenue Officer, Ian Ewers, outlines the top five challenges organisations will need to manage in 2022.

1. Ransomware – this will continue to be the biggest challenge that businesses face. In 2021 it is estimated that ransomware will cost the global economy over £15bn and 37% of all businesses and organisations were victims to some kind of ransomware related attack. The ‘ransomware-as-a-service’ business model that is now being used by threat actors (where the specific parts of a ransomware attack are de-coupled and run by different threat actors with specialist skills e.g. access) will continue to develop and the creative approaches to the these attacks will evolve further.  As an example of the creative evolution, we have seen ransomware attacks where the attacker has gained access to the target’s cyber insurance policy and knows the level of cover they have, so ransoms them to that value, knowing they can pay.

2. Operational Technology (OT) will continue to be a challenging environment to secure . As attackers are increasingly using ransomware as a part of their OT focused attacks, the potential for significant disruption – as well as the potential for loss of human life (in healthcare environments for example) and the impact of these attacks will continue to grow. This will be compounded by the increase that has been seen in the number of vulnerabilities being identified in OT environments making the risk of compromise much higher, especially given the difficulty in patching some OT.

3. Supply Chain Attacks will continue to be utilised by the more advanced attacker groups as the ability to compromise smaller organisations, software providers etc, as a means to use them as a ‘trojan horse’ to then compromise larger target organisations. This is difficult to defend against. The Solar Winds attack which compromised over 18,000 customers was the biggest, but not the only, supply chain attack of 2021. These are well publicised attacks and Governments and the private sector are scrambling to work out how to defend against them, but effective solutions haven’t yet emerged.  SolarWinds highlights another issue: organisations’ dependence on key capabilities mean that they continue to be a point of vulnerability even after discovery.  How many companies have replaced SolarWinds Orion service in their network?

4. Talent & skills shortages – the gap between supply and demand for talent in the industry will continue to grow. We are seeing this challenge worsen year on year. Covid-19 has meant we can recruit in a much bigger talent pool, as we are no longer looking for people within commutable distance of London, but that doesn’t remove the problem that there simply aren’t enough people in the cyber security industry.

5. Cloud misconfiguration will continue to be the fastest growing area of vulnerability.  Numerous attacks have been seen where by misconfigurations of cloud environments have unwittingly given access to sensitive information, the most common of these seems to be misconfigured S3 buckets in AWS environments. With the rapid rise in ‘DevOps’ the ability of developers to create cloud instances to test and deploy software has facilitated faster deployment times for new code, but has introduced risk through the normal process of infrastructure teams setting up these environments being circumvented, and the normal checks and testing not always being performed. The concept of ‘DevSecOps’ (ensuring security is built in to the DevOps process)  has been around for a while but seems be struggling to get traction as it is perceived to slow down release cycles.

If you’d like to know how we can help you meet the challenges in this new year then get in touch to arrange a chat about better protecting your organisation in 2022 and beyond.