API Security, Ransomware Top 2022 Threats

Companies are looking for ways to reduce the risks from cyberattacks and 2022 looks to be the year organizations accept that security must become an adaptable, changeable system within the business and overhaul their legacy static approaches accordingly.

As the public grows more aware of the impacts of cyberattacks and demand action, organizations must take the opportunity to develop holistic IT security strategies based on current and evolving threats. 

Cloud Native Now

“In the coming year, we can anticipate that organizations will seek cybersecurity measures that harden their defenses against future threats,” explained Martijn Loderus, vice president of solution engineering and delivery at Symmetry Systems. “The recent escalation in ransomware attacks and data leaks has forced business leaders to expect that involvement in a breach is a high probability.”

Organizations already are beginning to prepare themselves for a year of advanced threats, consistent malware attacks and more sophisticated phishing scams, ransomware and supply chain security threats in 2022. Here’s a look at what some security thought leaders are predicting will be the top IT security trends, tools and threats to prepare for in the year ahead. 

Embracing a Full API Life Cycle Focus

In 2022, more organizations will realize that the only way to truly secure APIs from increasingly complex and advanced cyberattacks is to embrace holistic processes and a full life cycle focus. 

Michael Isbitski, technical evangelist at Salt Security, said this mindset requires a shift away from the desire to test all code with scanning tools that already struggle to provide adequate code coverage and leave business logic unaddressed.

“The mindset shift requires that practitioners account for an organization’s unique business logic in application source code as well as misconfigurations or misimplementations of infrastructure that lead to API vulnerabilities and API abuse,” he said. 

Zero-Trust Takes Center Stage

Kevin Dunne, president at Pathlock, said he believes this year, zero-trust will shift from a nice-to-have to a need-to-have approach.

He noted that the federal government has already mandated that all agencies employ a zero-trust approach, and agencies are moving quickly to put these safeguards in place.

“However, today’s approach to zero-trust is mostly an application of least-privilege access, and a rudimentary one at that,” he noted. “Organizations are providing what they believe to be the least amount of privileges required, but they are not monitoring after the fact to see what is actually used and removing what is not used.”

From his perspective, monitoring of entitlement use at the transaction level will be a critical capability to ensuring that least-privilege access is a reality and not simply an assumption.

Joseph Carson, chief security scientist and Advisory CISO at ThycoticCentrify, pointed out that zero-trust has been a trend that has topped cybersecurity priorities for the past few years.

“It’s becoming a more important framework to not only reduce the known security risks of the past but also to reduce the security risks of the future,” he said. “As companies start looking into what zero-trust really is it becomes very clear that it is not a single solution you purchase or install or a task you check and can mark as completed.”

Carson said zero-trust can help organizations establish a baseline for security controls that need to be repeated and force cybercriminals into taking more risks.

That results in cybercriminals making more noise that ultimately gives cybersecurity defenders a chance to detect attackers early and prevent catastrophic cyberattacks.   

“Zero-trust is a journey and a mindset for how you wish to operate your business in a secure way,” he added. “You don’t become zero-trust—you practice a zero-trust mindset.”

Ransomware Threats Grow More Sophisticated  

With the growth of vulnerabilities targeting IoT/OT systems, ransomware threats will continue to worsen by means of ransomware-as-a-service (RaaS), said Bud Broomhead, CEO at Viakoo.

This method helps bad actors execute attacks more quickly by using proven techniques to stage an attack while efficiently outsourcing the backend commodity infrastructure to save time. 

“Organizations should pay more attention to not only critical services and systems supporting employees and customers but also secondary systems that are less obvious prey,” he said. “These systems may not contain sensitive data, but can inadvertently provide access to the more desirable targets.”

Tyler Shields, CMO at JupiterOne, added that while ransomware will continue to be a major issue for enterprises in 2022, he believed there will be a significant increase in misconfigurations and shadow or unknown asset attacks.

“We witnessed this problem growing throughout the past year, and with the pace of cloud transformation and application development growth, I would be surprised if the impact of these issues doesn’t continue to grow in the year ahead,” he said. 

Focus on VPN, Automated Security Tools 

Archie Agarwal, founder and CEO at ThreatModeler, said the pressure of the business imperative to adopt cloud at rapid speed during the pandemic will begin to unravel as it becomes apparent security slipped through the cracks during the rushed migration.

“As a result, we will see the rise of even larger breaches due to simple cloud security misconfigurations and permissions errors,” he said. “This will fuel the mushrooming of startups based on automation of cloud configuration, permission analysis and remediation platforms.”

Heather Paunet, senior vice president at Untangle, said in the coming year, she expects to see more of a focus on security and an increase in security offerings in general.

“With the number of attacks on prominent businesses in 2021, public awareness of the impacts of cyberattacks has been exponentially raised,” she explained. “More and more organizations will review their portfolio to include not just the core software they provide to their customers, but also newer VPN technologies, firewall technology and endpoint technologies.”

She noted that after cyberattacks such as the SolarWinds hack, it’s become clear that the benefits of using one management tool to provide access and control over all aspects of the IT stack can also expose more of that stack to vulnerabilities and attacks.

“We’re seeing trends toward technologies that provide easy ways to segregate both employee and administrative access to isolate and minimize the impact of any potential attacks,” she said. “With evolving workplace scenarios, we’ll see more organizations offering newer VPN technologies to extend connectivity and security to all aspects of the network from corporate to branch to remote workers.”

 

Nathan Eddy

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

nathan-eddy has 200 posts and counting.See all posts by nathan-eddy