Zero trust

Five cybersecurity trends to look for in 2022

In an aerial view, fuel holding tanks are seen at Colonial Pipeline's Dorsey Junction Station on May 13, 2021 in Woodbine, Md. Today’s columnist, Bindu Sundaresan of AT&T Cybersecurity, expects that we’ll see more attacks on critical infrastructure in 2022 like the one on Colonial Pipeline last May. (Photo by Drew Angerer/Getty Images)

Now that we have left 2021 behind, cybersecurity leaders have a lot to think about when it comes to the future protection of their businesses. Companies must take the time to assess their current security strategies and adjust as needed.

While the industry will continue to face challenges with the cybersecurity skills gap, zero-trust will play an even larger role as ransomware and third-party threats continue to rise, and organizations will need to stay proactive to maintain highly secure convergence with IT and operational technology (OT). Here are some trends to look for in 2022:

  • The zero-trust approach will continue to demand attention.

Traditional cybersecurity practices focus on a “castle and moat” model, where security protocols concentrate on keeping threats out. This approach assumes that any user with the right credentials to access a network has done so legitimately and the company can trust them to move freely through the system. However, as more organizations move their data and operations to the cloud more rapidly, the concept of a security perimeter as we know has become obsolete. As a result, organizations will continue to focus on adopting a zero-trust security model which restricts network access to only those individuals who need it. This model assumes that risk can come from anywhere and limits the possibility for unauthorized movement across networks. The zero-trust, pragmatic approach to cybersecurity will better support an agile business environment.

  • Ransomware will become the new “smash and grab” of cybercrime.

Moving into 2022, attackers will continue to pursue low-hanging fruit, but prices for the return of critical data will most likely fall as organizations’ threat awareness increases and they implement new protections. Companies will need to take a critical look at the vendors they work with and what access and monitoring processes they are using for internal resources. The digital supply chain will become more vital and, thus, more of a target to attackers. Moreover, social engineering will continue to dominate as the primary method of attack, until companies can find a way to build a true culture of cybersecurity, train employees properly, and improve individual cyber-behavior and hygiene.

  • Companies will need to secure data with third-party vendors in mind.

Attacks via third parties are increasing every year as reliance on third-party vendors continues to grow. Organizations must prioritize the assessment of top-tier vendors, evaluating their network access, security procedures, and interactions with the business. Unfortunately, there are many operational obstacles that will make this assessment difficult, including a lack of resources, increased organizational costs, and insufficient processes. The lack of up-to-date risk visibility on current third-party ecosystems can lead to loss of productivity, monetary damages, and damage to brand reputation.

  • Security teams will increase internal monitoring and IT/OT proactivity.

With an increase in threats to operational technology, operators of critical infrastructure will need to be extremely intentional when making security decisions and more proactive with IT/OT convergence, zero-trust security, and vendor security assessments. With an increase in attacks on critical infrastructure, there will be heightened scrutiny.

  • Management must prepare for an even wider skills gap.

Another pain point for security leaders in 2021 was a widening cyber skills gap. Taking continued mass employee resignations into account, it’s unlikely this pattern will end in 2022. In fact, the skills gap will become more prevalent as more organizations digitize their operations to accommodate the hybrid workplace. We will not have enough trained cybersecurity professionals to keep pace with the speed and sophistication of malicious actors. To address the risk this skill shortage will present, leaders will need to take a tailored approach to cybersecurity. This can also include utilizing cyber-as-a-service and exploring security operations center (SOC) automation and orchestration. By upgrading the SOC to streamline the flow of information and consolidating the tools in their security ecosystems, businesses will be better positioned to maintain secure networks with limited points of vulnerability.

Security teams must embrace the zero-trust approach, which restricts network access to only those individuals who need it, eliminating third-party threats, and increasing IT/OT coverage. Consider these cyber predictions when preparing for the year ahead, especially as the cyber skills gap continues to widen. Acting proactively on such trends rather than in reactive mode will enhance the organization’s cyber protection in 2022.

Bindu Sundaresan, Director, AT&T Cybersecurity

prestitial ad