When it comes to IT security, 2021 was neither mundane nor boring. Giants like British Airways, Macy’s and Facebook were breached, data privacy scandals splashed across Facebook (again). There was the GDPR upheaval, among many other events.
But let’s take a look at the current year: what does 2022 hold? With Netwrix’s team of cybersecurity analysts, we’ve identified the IT security trends that will likely influence businesses in 2022. Have your back!
1. Cyber security compliance rules will become stricter and more extensive.
We foresee two major trends in compliance.
First, attention to the protection of personally identifiable information (PII) will continue to increase in 2022, and as a result we will see a strengthening of data security and privacy laws. Following in the footsteps of the EU with the GDPR, the U.S. states of New York, Colorado, and California have already passed local data protection laws, which affect companies storing the personal data of residents of those states. Like the GDPR, these laws require companies to maintain security procedures regarding IT systems, internet networks, implement deletion policies and comply with expedited data breach notification requirements.
Within the next five years, we should see the adoption of a national data privacy standard in the United States. It will echo the GDPR scenario, with various local laws being combined into one European regulation. For this reason, companies need to ensure that they will be ready for compliance by adopting good security practices such as continuous IT risk assessment, regular audits, and ensuring deep visibility into data repositories and user activities.
Second, with data breaches on the rise in 2022, we anticipate stricter enforcement of existing compliance standards. Presumably, cyber attack notification rules will be the first to be affected, due to the increase in the number of cases in which companies are hiding these breaches. For example, it took Cathay Pacific seven months to notify authorities of the exposure of 9.4 million passenger records and it took other businesses six months to disclose the data leak that concerned 500 000 internet users..
In fact, stricter enforcement is already underway. In Australia, the Information Commissioner’s Office has introduced a 30-day data breach notification requirement. Similarly, the Gramm Leach Bliley Act (GLBA) is about to enact a requirement to notify consumers of any data theft or cyber crime within six months. We are confident that more and more standards will become stricter in 2019, and the tightening of breach notification rules is just the beginning.
2. Cybersecurity will become more data-centric.
In a cloud environment, the concept of a network perimeter becomes blurred. The lack of boundaries and the much greater volume of information is forcing IT professionals to shift from perimeter defense to data-centric security. Even if your company isn’t storing super-secret information or national defense plans, it certainly maintains personal data – about its employees, customers or both – that needs to be protected against cyber threats such as ransomware, malware and phishing attacks due to increased compliance regulations and heightened public attention to IT security.
To be successful in 2022, companies must focus on cybersecurity solutions by enhancing firewall and VPN protection. The biggest challenge is knowing what kind of data you are storing, where it is, who has access to it, and how it is managed. As a result, data-centric security will drive an increased need for data discovery solutions. In 2022, continuous data discovery will be a must.
3. Cloud adoption will accelerate.
The popularity of Cloud services and solutions will continue to grow. According to Logic Monitor’s study by 2022, 83% of enterprise workloads will be handled in the cloud. There is no doubt that the problem of securing data stored in the cloud will get worse.
General security best practices will remain the same: Encrypt your data, securing networks, grant access on a need-to-know basis, implement data recovery processes within web servers, be wary of open or unprotected APIs, and streamline the monitoring of your cloud infrastructure. To automate the execution of certain security operations and minimize the risk of human error, you’ll also want to consider artificial intelligence and machine learning technologies (for more on this, see #4).
Cloud solutions will be especially popular with large enterprises, which often hire their own DevOps teams to develop software in-house to refine or automate certain processes. For reasons of price and simplicity, this custom software is developed primarily in the cloud. Companies need to integrate cybersecurity into these solutions during the development and testing phases, and as a result, DevOps teams need to evolve into SecDevOps teams, so that security is not an afterthought but an integral part of the process.
4. Artificial intelligence and advanced analytics tools will become more popular
The increasing complexity of IT infrastructures, the phenomenal increase in data volume, stringent compliance regulations and the growing popularity of cloud technologies have long been headaches for enterprises. Amid a severe shortage of InfoSec skills and employees, companies will continue to look for ways to automate IT security processes, driving demand for solutions that incorporate advanced analytics, artificial intelligence (AI), and machine learning technologies.
We expect to see increased demand for sophisticated IT solutions with AI elements, and vendors will respond by inventing increasingly comprehensive ways to automate security processes to facilitate decision making. Over the next few years, we expect this functionality to apply to all aspects of the cybersecurity industry. In addition, traditionally complex and expensive solutions will have to adapt to the growing market demand for lighter alternatives. We can expect solutions that are easier to deploy, less expensive and perhaps less sophisticated – but still based on machine learning.
However, before companies get infected by the buzz around AI, they need to make sure they have the essential security controls and processes in place, such as regular risk analysis, monitoring of the IT environment, configuration management, and so on. Only once their security posture is mature enough can companies adopt more complex technologies like machine learning or UEBA.
5. Blockchain, will be used for computer and systems security.
Blockchain technologies will increasingly be applied to data security. As a digital record of data transactions distributed across a network of computers without a central control center, blockchain eliminates the single point of failure problem and makes it difficult for criminals to compromise large volumes of data. In addition, these solutions allow for the verification of data transactions and bring more transparency to business operations.
There are already success stories. In the United States, the Food and Drug Administration (FDA) has developed a platform for sharing medical data based on blockchain that facilitates the real-time exchange of patient data between the agency and partner hospitals. Ernst & Young, meanwhile, has launched its fourth blockchain project. In collaboration with Microsoft, the company developed a blockchain solution designed to increase transparency and trust in the rights and royalties management process.
Blockchain-based data security will not be widely adopted in 2022, but it will steadily enter the market. We advise data security managers to become familiar with this technology and consider its future adoption.
6. Connected objects (Internet of Things) will continue to present risks.
Connected objects capable of transmitting data are already part of our daily lives. Businesses and consumers use a variety of them: Alexa and other voice-activated home devices, smart locks, insulin pumps, pacemakers, smart air conditioning and so on.
Connected objects are currently too vulnerable to hacking. Prominent examples include. St. Jude cardiac devices, which a hacker can access and drain the battery or administer incorrect pacing and shocks, and taking control of the digital systems of a Jeep car by a Wired reporter. In addition, researchers at Ben-Gurion University found that hackers could easily access baby monitors, security cameras and other home devices using common default passwords for many brands. One reason for this is that connected objects are still considered “cool” and therefore attract start-ups and entrepreneurs who do not always consider cybersecurity to be a critical element. Instead, their priority is to have a good idea, build a minimum viable product and ship it as soon as possible. In too many cases, security is unfortunately not part of that minimum viable product.
We expect that in 2022, hackers will move from experimenting to launching new types of cyber attacks targeting the Internet of Things. At a minimum, for their security, consumers should ensure they have a unique and strong password for each device and never rely on the default password. We also hope that manufacturers will put more effort into properly securing their products rather than being the first to market at an attractive price. Hopefully, California has already passed an Internet of Things cybersecurity law and these technologies could be regulated by other states and countries before anything really goes wrong.
7. Personal data breaches will continue to occur
Hundreds of data breaches have occurred in recent years, but more importantly, the volume of stolen personal information is growing exponentially. The chances of this data being used for extortion or other malicious purposes are extremely high, and it is enough for other malicious actors to claim to have stolen personal data to blackmail people. The most recent example is a scam by extortion still in progress: racketeers contact hacked e-mail addresses disclosed in lists and then blackmail them by claiming that the people have been caught watching pornographic videos (while their computers have not even been hacked).
A similar scenario can be used to blackmail employees of a company, but instead of asking for money, the criminals demand the company’s IP or other valuable data. This risk of blackmail victims becoming malicious internal users is another reason for companies to closely monitor their employees’ permissions and activities.
There are many other ways that criminals can profit from stealing personal data. For example, they can use it for targeted phishing attacks, to access corporate systems (banking and otherwise) under a victim’s name, and for other types of identity theft.
Conclusion
It could almost feel like an episode of Black Mirror, where a blackmailed employee can trade your company’s intellectual property for silence. But there’s no need to panic. A wise man is worth two. To stay safe in 2022, use basic cybersecurity controls, understand and comply with any regulations you may be subject to, and make sure you have visibility into your IT infrastructure and data. For more tips and tricks, be sure to check our other cybersecurity articles. We wish you a prosperous and secure 2022!
