Top 10 cybersecurity predictions for 2022

Bridewell Consulting has outlined its top 10 cybersecurity predictions for 2022.

Compiled by its skilled consultants, and coupled with data gathered from its 24/7 security operations centre in 2021, the company warns of the automation of security threats, increased risks for remote workers, and more nation-state attacks on the UK’s critical national infrastructure and supply chains.

“Cyber threats are always evolving and 2022 will be no different. Attackers will use new technologies to launch more sophisticated attacks and remain under the radar, while businesses will use technology to strengthen defences and drive efficiencies. Heading into 2022, organisations need confidence that their systems, data and processes remain protected, regardless of how the landscape evolves, and ultimately that comes down to developing an agile and adaptive security strategy”
MARTIN RILEY, DIRECTOR, MANAGED SECURITY SERVICES, BRIDEWELL CONSULTING

Top 10 cybersecurity predictions for 2022

1. 2022 will be the year of remote risk. With remote and hybrid working here to stay, expect to see a large increase in mobile malware attacks. Cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices and remote working.

Social engineering will remain the initial attack vector for deployments of malware, phishing and ransomware, with an increase in deepfake technology making attacks more technologically convincing in 2022.

Phishing volumes have already surpassed levels seen in 2020, and this year we’ll see a rise of update-themed phishing emails designed to trick remote employees into believing they are legitimate updates, as well as those used to tailgate employees into restricted areas under the guise of being a new employee hired during lockdown.

2. Ransomware will become automated. Human operated ransomware will be the biggest cyber risk for organisations in 2022. Different from traditional commodity ransomware attacks, we’ll see more cybercriminals with a high level of offensive security knowledge gain access to organisations and survey the environment for an extended period before launching a potentially devastating attack on data and systems.

The risk presented by human-operated ransomware will only increase as wormable variants such as WannaCrypt and NotPetva are utilised more. Additionally, automation will play a key part in the evolution of modern ransomware and malware attacks, with machine learning and Artificial Intelligence (AI) used to remove some of the mistakes that allow businesses to respond to current threats.

3. Volume of hackers-for-hire will increase. Over the past few years, groups such as REvil and DarkSide have appeared and disappeared after carrying out very public attacks against numerous industries. In 2021, we saw a number of hacker groups arrive, have a big impact, and then vanish as quickly as they came, only to repeat the same process again a few months later.

In 2022 we can expect more of the same; in particular, large attacks on lucrative targets such as supply chains and cloud providers to maximise ransom value and payments. Managed services and thirdparty suppliers will also be under greater risk. Phishing-as-a-Service will become commonplace on dark web forums, increasing attack volumes.

4. Zero-Trust will become the de facto cyber security approach. With the rise of hybrid working, Zero-Trust will become critical in 2022. Lack of secure cloud configuration will continue to cause security breaches and organisations will seek to separate users and devices from data, applications, infrastructure, and networks, through the Identify, Authenticate, Authorise and Audit model (IAAA).

More CIOs and CISOs will roll out system-wide Multi-Factor Authentication (MFA) with stricter rules around conditional access built-in and supported by session information and telemetry to develop a comprehensive audit trail for real-time detection of a policy breach. Extended Detection and Response (XDR) will also become the technology of choice for Zero-Trust, enabling rapid detection and response of threats across endpoint, network, web and email, cloud and importantly, identity.

5. Organisations will turn to hybrid SOC models to plug skills gaps and aid consolidation. As the cyber skills shortage grows and enterprises lack security professionals with the depth of knowledge and technical skills to develop more advanced capabilities required for running a cloud-native modern Security Operations Centres (SOC), we will see more organisations turn to hybrid SOC models which combine the cyber skills of in-house teams with the expertise of a Managed Security Service Provider (MSSP).

Companies will use providers to plug gaps in defences while developing in-house expertise in tools and techniques including EDR, XDR and intelligence-based threat-hunting. Hybrid SOCs will also be used to facilitate consolidation of security tools, driven by a growing desire from the board to reduce security costs, maximise ROI and improve efficiency.

6. Rise in 5G and connected devices will increase IoT risks. 5G will continue to be rolled out globally in 2022 and increase the number of connected devices within organisations, particularly within industrial IoT. Manufacturing and Critical National Infrastructure (CNI) will remain the sectors most susceptible to security issues, with more factories and facilities becoming connected and more organisations reliant on IoT devices for measuring and monitoring processes remotely. Expect to see the introduction of more government guidance and standards to bolster IoT security as uptake increases.

7. Organisations will shift focus from prevention to detection and response. As the speed and complexity of attacks continue to grow, demand for managed security services, such as Managed Detection and Response (MDR) will rocket. No longer the luxury of large enterprises, in 2022 expect all companies to seek to shift from prevention to response and look to implement early warning systems to alert on early signs of a potential breach.

Security Orchestration Automated Response (SOAR) solutions, such as Microsoft Sentinel, will be critical alongside MDR to help to improve the efficiency. Traditional tools such as anti-malware software and spam blockers will still be important, but these will increasingly be combined with proactive tactics, such as MDR, threat hunting, and ethical hacking to ensure any vulnerabilities are identified and mitigated immediately.

8. Critical National Infrastructure will face more threats. CNI will face increased activity from nation state groups, which are likely to prioritise green energy targets given the global focus on the development of sustainable infrastructure. The oil and gas sector will also be the subject of more directed attacks from hackers-for-hire as they attempt to target high-value income industries.

9. Cybersecurity transformation will drive digital transformation. Digital transformation became a necessity for businesses in 2021, driven largely by Covid-19. Probably the biggest mistake we saw in 2021 was a reactive approach to security transformation, whereby security was only considered afterwards. In 2022, expect to see this model flipped with a rise in mature companies who seek to use cybersecurity transformation as the driver for digital transformation.

Cybersecurity will shift from a box-ticking exercise to a business enabler, with CISOs and CIOs working directly with the CEO to develop an adaptive and customisable security model to ensure cybersecurity is as strong as possible before broadening the attack surface further.

10. Cybersecurity vendors will start to consolidate. Microsoft and Google will evolve to become leaders in cybersecurity. Microsoft has already announced a huge commitment to growing its cybersecurity offering and given the company’s dominance in the collaboration market and Google has already taken huge steps to bolster its security expertise.

As both companies continue to build their expertise, we expect to see traditional cybersecurity players start to lose market share as they struggle to keep up with the visibility, coverage and collaboration benefits the global giants can offer.

ABOUT BRIDEWELL CONSULTING

Bridewell Consulting is the second-largest and one of the fastest-growing, privately-owned, cybersecurity services firms in the UK, with its security operations centre protecting some of the country’s most critical national infrastructure.

It also delivers a vast number of services across aviation, financial services, government and oil and gas. The company hold a number of industry accreditations including NCSC, CREST, ASSURE, IASME Consortium, Cyber Essentials Plus, ISO27001, ISO9001 and are PCI DSS QSA Company. The company was recently named Cyber Business of the Year in The 2021 National Cyber Awards and won the SME 100 Growth (Under £10M) and Tech Company of the Year awards at the Thames Valley SME Growth Awards 2021.

Article is taken from Interface – Issue 28