.png){kind=logo}
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
From the widely covered Colonial Pipeline ransomware attack that spurred a short-lived energy crisis in the US, to data breaches within social networking platforms and cyberattacks on the healthcare industry, cybercriminals left no stone unturned in 2021. As our world continues to evolve and transform, one of the more prominent changes we have seen is the rapid digitalization of processes and operations. Threat actors are taking advantage of this transition and are preying on the vulnerability of organizations moving to remote working models.
And this is only the tip of the iceberg – the successes from these threat actors will only embolden them further.
At the other end of this 'cyber warzone', IT teams have worked relentlessly to equip themselves with the necessary tools to safeguard themselves against these cyberattacks and mitigate the risks.
With cybersecurity threats looming ahead, and tools that threat actors use becoming more advanced and sophisticated, it becomes more vital than ever for organizations to take a proactive stance at protecting themselves from these risks. As we approach the new year, here are the significant trends that will shape the cybersecurity industry in 2022 and beyond.
Through analysing patterns, preventing repeated attacks and responding to changing behaviour, artificial intelligence is empowering greater proactivity in preventing threats and responding to real-time attacks. It also reduces time and resources spent by organizations in managing these threats.
But at the same time, organizations need to be aware that it will not be the panacea to a threatless cyber world. AI solutions can augment analyst output, but will not entirely replace it. As cyberthreats advance, detecting new types of attacks and handling more complex incidents will require human smarts, critical and creative thinking, and teamwork.
In 2022 and beyond, we expect to see more emphasis being placed on greater human-AI collaboration, where human analysts connect and correlate data from the AI output, streamline processes and generate actionable insights to strengthen their cybersecurity posture.
Once seen as a cornerstone for enterprise cybersecurity defence, organizations will start viewing data management as a strategic function and source of competitive advantage. According to a study from PwC, close to nine in 10 (87 percent) consumers would take their business elsewhere if they don't trust that a company is handling their data responsibly.
Against this backdrop, organizations will need to place greater priorities on data governance policies and measures to manage data, and then communicate their commitment to protecting customer data. This will allow them to build brand trust and loyalty, and unlock new business opportunities. Additionally, having well-established data protection measures will prevent the theft of valuable Intellectual Property (IP), allowing organizations to retain their competitive edge and stay ahead of the pack.
Just like the Internet of Things (IoT), which allows businesses to gather and analyse data from the billions of connected devices, the Internet of Behaviour (IoB) attempts to synthesize data from users' online activity from a behaviour perspective. While IoB has been used widely in the retail industry for e-commerce players to tailor go-to-market plans, we see a strong use case of IoB in the cybersecurity arena.
The behavioural data of every individual consumer, delivered through IoB, can help security teams detect unauthorized activities by hackers, enabling them to activate security protocols at the earliest point of entry. By capturing more dynamic aspects of a user's digital identity – such as typing rhythm, mouse movement, geolocation, type of device used, the usual pages and links the user access, walking speed – organizations will be able to detect non-conformal use or suspicious activities in an account, prompting IT and security teams to investigate further.
Instead of going after organizations built like an impenetrable fortress, threat actors are finding alternative entry points via the weakest link – the increasingly remote working workforce. Numerous reports have highlighted that the separation of employees, devices, and the cybersecurity team has led to decreased visibility and control over individual security perimeters, and thus contributing to a higher uptick of cyber-attacks.
The rising popularity of Bring-Your-Own-Devices (BYOD) and IoT devices will also create further headaches in 2022. With authentication remaining a huge challenge for IT teams, we expect to see organizations increasing their investment into smart cards, multi-factor authentication, and biometrics to improve security. Organizations will also prioritize a healthy cybersecurity culture amongst their workforce, and provide necessary training to their employees on improving their cyber-hygiene.
As more organizations adopt a cloud-first approach, IT will need to consider new ways to strengthen their cybersecurity posture. Securing the cloud is a whole different ballgame as traditional security doesn't work the same way in the cloud – there is no perimeter to protect, manual processes cannot occur with the necessary scale or speed, and the lack of centralization makes visibility extremely difficult to achieve.
In addition, the API-driven approach that makes cloud-first environments so flexible and configurable can also be a drawback that makes it easy to program in misconfigurations that open the environment up to vulnerabilities. Cloud Security Posture Management (CSPM) tools will become increasingly popular from 2022 as IT prioritizes the monitoring and management of cloud infrastructure.
From software-as-a-service (SaaS) to infrastructure-as-a-service (IaaS) and many more, 'as-a-service' models have become wildly popular in the enterprise world. Essentially, any IT function can be transformed into service and is widely adopted by organizations that want to cut costs and simplify IT deployments.
In 2022, we expect more demand for 'Privacy-officer-as-a-service (POaaS)', especially amongst smaller businesses that may not have the resources to officially appoint privacy officers. Specialized cybersecurity organizations that offer POaaS will be able to support their customers in various ways – checking, evaluating and documenting the data management process, ensuring compliance in managing third-party data, preparing employees with training and awareness campaigns, as well as managing communications with supervisory authorities and those affected by any data breaches.
As the frequency and complexity of cyber-attacks continue to evolve exponentially, it is unlikely that 2022 will be an uneventful year for the cybersecurity industry. Organizations will need to stay informed of the latest cybersecurity trends in order to take proactive measures to equip themselves and be actionable in protecting their employees, customers, and stakeholders.
Author:
David Chan, Managing Director, Adnovum Singapore
