ROUNDTABLE: Cybersecurity experts reflect on 2021, foresee intensifying challenges in 2022

Privacy and cybersecurity challenges and controversies reverberated through all aspect of business, government and culture in the year coming to a close.

Related: Thumbs up for Biden’s cybersecurity exec order

Last Watchdog sought commentary from technology thought leaders about lessons learned in 2021– and guidance heading into 2022. More than two dozen experts participated. Here the first of two articles highlighting what they had to say. Comments edited for clarity and length. The second roundtable column will be published on Dec. 27^th.

Paul Ayers, CEO, Noetic Cyber

In 2021, large supply chain attacks successfully exploited critical vulnerabilities.  Patching is hard and prioritization is key. By mapping cyber relationships to business context, security teams can focus on a smaller number of critical assets and vulnerabilities.

The cyber industry swings back and forth between prevention and response. A renewed focus on preventative approaches, like security posture management, cyber hygiene and cyber asset management shows organizations are trying to anticipate these problems. Forward thinking security teams working to unlock siloed telemetry and generate a wider cybersecurity view of the organization.

Dr. Darren Williams, CEO, BlackFog

We’re seeing ransomware gangs morph into savvy businesses, with one going so far as to create a fake company to recruit talent. In 2022, we’ll see this trend continue to pick up steam, with greater coordination between gangs, double extortion evolving to triple extortion, and short selling schemes skyrocketing.

Additionally, we will see a shift in threat actors coming from Southeast Asia and Africa. As cyber criminals look to find cheaper labor and technical expertise, we’ll see activity pick up in these regions in 2022 and beyond.

Fred Kneip, CEO, CyberGRX

Boards don’t want to be sued. Security leaders need to anticipate that board members are going to start paying more attention and really start asking questions about the company’s cybersecurity practices.

There has only been slow improvement in implementing the controls to prevent ransomware. And, on top of that, 80 percent of people say they’d be willing to pay the ransom. Ransomware isn’t going anywhere. In fact, we’re going to see it evolve into a successful business venture with partners, investors and prospect lists.

Venkat Thiruvengadam, CEO, DuploCloud

More so than ever, companies need to have a dynamic security posture as compliance standards are getting more stringent. Companies are having to abide by published industry standards . . . certifications have proven to be something enterprises must have, rather than ‘a nice to hav.’

Looking ahead, IT security teams should be most concerned that their infrastructure  has been deployed as per security and compliance standards for their industry.  Security must go hand-in-hand with provisioning, rather than be addressed as an afterthought.

Chris Eng, Chief Research Officer, Veracode

The White House’s Executive Order on Cybersecurity is a clear sign that action to standardize software security is finally being taken at the federal level. With new guidelines on the way, the biggest takeaway from this year is that cyber risk is finally being considered a serious priority issue for businesses.

According to Gartner, in 2022 API vulnerabilities will become the most frequent attack vector . . . businesses building APIs into their software should be sure to invest in tools that scan for API vulnerabilities, prioritize them, and remediate them.

Jerome Becquart, COO of Axiad

With remote work becoming the norm, moving to a zero trust approach has become a basic requirement. Being able to validate the identity of my users, partners, machines and applications in real time, is now critical. One way to achieve this is to embrace a passwordless approach to authentication.

Companies have gotten better at authenticating their human users. However, the threat is moving more and more to machines, payloads and applications. This presents an even bigger challenge than human user authentication, due to the great variety of devices and machines.

Sascha Fahrbach, cybersecurity evangelist, Fudo Security

The scale and frequency of significant attacks in 2021were shocking. More needs to be done with overhauling the concept of the perimeter. Organizations need to realize that the proliferation of user access accounts represents a clear and present danger.

Going into 2022, insider threats will remain a significant issue, as work-from-home and hybrid work become established in our daily lives. IT departments should expect a higher level of scrutiny towards the supply chain and be ready to play ball with new federal regulation.

Dor Knafo, CEO, Axis Security

In 2021 many companies learned that enterprise networks are too visible! There are 550+ known CVEs targeting VPN today. Zero trust network access (ZTNA) services are seen by many as the first step in a company’s zero trust journey.

Employees and contractors returning to the office will be a major security concern in 2022. Companies will need to connect users to apps through both public edge and private edge . Hybrid work will be adopted by 77% of employees, so this will become a major necessity for cyber security leaders in 2022.

Joseph Spurrier, Chief Technology Officer, Kion

Serverless is not for everyone and shouldn’t be used everywhere. People will start to realize this in 2022 – just like microservices shouldn’t be used everywhere.

A large company that is reliant on serverless is going to have a critical outage and it’s going to take too long to troubleshoot and resolve. Or a company will have a serverless component infected that goes undetected for a long period of time because there are so many different services to manage in an application.

Chris Jacob, Global Vice President, ThreatQuotient 

Recent events have called into question the privacy and security of information stored with third parties. We’re seeing an uptick in privacy-focused services, some of which utilize blockchains. As more people participate in these decentralized communities, small pieces of information are stored on other users’ systems and verified with a public ledger.

Moving away from centrally managed services is going to present a challenge to those charged with keeping data safe and available. While it seems counter-intuitive, the more privacy is introduced, the more challenging security becomes.

Altaz Valani, Research Director, Security Compass

An area of focus for 2022 is the extension of SBOMs (software bill of materials.) It’s no longer about just a list of software components, but also about adding security information into the construction of an application or platform.

This will provide greater confidence in the software supply chain and bring about a stronger connection between SBOMs and compliance. In 2022, SBOMs will roll into a compliance layer at the enterprise level. While there is currently no single tool for integrated business and DevSecOps compliance, we are certainly strengthening the fabric.

Adam Gordon, Instructor, ITProTV

There were an estimated 714 million ransomware attacks in 2021. Multi-Cloud hosting will become more of a focus as companies continue to grapple with ransomware attacks, which are growing and here to stay.

The move away from passwords for authentication and towards multi-factor authentication should continue in 2022, but won’t yield any better security outcomes, due to the continuing lack of cyber hygiene training and awareness. Meanwhile, Spain, Australia, France and Italy are moving ahead with cybersecurity investments announced in 2021 – and the US  government is rolling out an ambitious cybersecurity executive order

Ravi Srinivasan, CEO, Votiro

Ransomware attacks are here to stay. As business leaders debate whether to pay ransoms, security leaders will shift focus to prevention approaches and outsource the detection and response efforts to managed services providers.

Digitizing old business processes leads to more supply chain connections, exposing more homegrown applications in the cloud and more users accessing new services from outside the traditional enterprise network. This leads to bad actors exploiting misconfigurations of application and data platforms in the cloud, more high-profile supply chain exploits and personalized phishing attacks.

Pieter Luitjens, CTO, Private AI

Having spent the last decade of my life putting AI models into production in environments that require the utmost robustness, it is no surprise to me that we’re seeing an explosion of AI being used in the cybersecurity, data protection, and privacy spaces.

Over one trillion megabytes of data is produced every day, with more than 80 percent of it being unstructured. Robustly trained AI is the only way to reliably deal with these massive volumes of unpredictable data.

Steven Malone, VP, product management, Egress

In 2022 we’ll see a rise in multi-vector attacks. We’ve already seen hackers combining phishing, smishing and vishing, and the next step will be to take aim at collaboration platforms.

Hybrid work has created huge demand for collaboration tools, and they can be a treasure trove of unsecured data. Hackers always follow trends, and can be expected to take advantage of changes in the way that organizations store their data, so I expect that we’ll see a rise in attacks targeting these platforms.

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

---

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/roundtable-cybersecurity-experts-reflect-on-2021-foresee-evolving-challenges-in-2022/