Cyber predictions for 2022: three things to look out for

Published: Thursday, 30 December 2021 15:48

Joseph Carson, Chief Security Scientist at ThycoticCentrify, highlights three areas where cyber attacks and cyber resilience are likely to develop in 2022.

Hackers versus governments: are we on the brink of a cyber war?

I believe we are truly on the brink of a full-blown cyber war, as governments around the world have decided that they can no longer stand by and watch their citizens and businesses fall victim to cyber attacks. This means they must and will strike back, which could result in a full-scale cyber war if the ripple effects spread out of control, and more hackers join forces to collaborate and respond. This could result in the introduction of a cyber treaty in 2022 that could force cybercriminals to retreat to an ever-shrinking number of safe havens to operate as countries unite to fight back against cybercrime. Global stability has been on the knife’s edge for several years. The increase in cyber attacks and their magnitude of impact on society means the balance of the force is tipping.

Identity is the new perimeter and access is the new security

The paradigm shift to working remotely has been accelerating, making the traditional enterprise perimeter almost entirely redundant. In their bid to secure the new perimeter, organizations have had to first wrestle with the challenge of correctly defining it. Factors such as cloud computing, home office networks, endpoints, mobile apps, and legacy on-premise systems have exacerbated this issue. Some organizations have attempted to enforce multiple edge perimeter points, but this in turn becomes a major challenge to manage and secure.

We must look at all touch points across the organization and determine the unifying or common factor. For most organizations this is identity, one of the artifacts that organizations can still control. This means access has become the new security control for the organization’s perimeter. In 2022, businesses must get back in control by making identity and access security a top priority. Privileged access has become the digital polygraph test to verify that identities are authentic before enabling authorization to resources.

Zero trust becomes the baseline

Zero trust has been a trend that has topped cyber security priorities for the past few years. It’s becoming an increasingly important framework to not only reduce the known security risks of the past, but also to reduce the security risks of the future. As companies start looking into what zero trust really is, it becomes apparent that it is not a single solution you purchase and install, or a task you check as complete. Zero trust is a journey and a mindset on how you wish to operate your business in a secure way. You don’t become zero trust – you practice a zero trust mindset.

Companies are looking for ways to reduce the risks from cyber attacks and accept that security must become a living system within the business rather than the old legacy static approach. In 2022, zero trust can help organizations establish a baseline for security controls that need to be repeated and force cybercriminals into taking more risks. That results in cybercriminals making more noise that ultimately gives cyber defenders a chance to detect attackers early and prevent catastrophic cyber attacks.