When was the last "easy" year for security teams? Certainly not last year. Not this decade or even this century. Every year in recent memory has seen its share of noteworthy and novel cyber attacks.
It doesn't take a crystal ball to predict 2022 will be more of the same. If anything, the pace and scale at which threats and challenges compound will only expand the threat landscape and overwhelm current enterprise defenses more quickly than ever. Cybercriminals aren't going to let up, and neither should security teams' efforts to protect networks, systems, applications and data.
Cyber threats aren't the only security challenge to be aware of in 2022, however. New technologies being adopted bring their own vulnerabilities to address, and perennial issues make "top challenges" lists year after year.
Here's a look at the top seven trends and challenges security teams and organizations need to be aware of in 2022.
1. Supply chain attacks
Organizations need to be mindful of the third-party vendors and suppliers they work with. Trust is an inherent value here, but organizations must also do their due diligence in vetting third parties. Software- and hardware-based supply chain attacks can devastate a company.
This article is part of
Take the SolarWinds hack reported in December 2020 that involved nation-state actors exploiting SolarWinds Orion, an IT performance monitoring system. Through the Sunburst backdoor, threat actors were able to gain access to more than 30,000 SolarWinds customers and partners, including governmental entities, such as the U.S. Departments of Treasury, Commerce and Homeland Security, as well as private entities, such as Intel, VMware and Cisco.
This hack is just one example of how widespread and harmful a supply chain attack can be. Organizations must carefully vet their supply chain and third-party partners.
Learn how to protect your organization from supply chain attacks:
2. Software supply chain security
Beyond knowing third-party suppliers, it's important to know what software and software components third parties and service providers use, as evidenced by the Log4Shell exploit in December 2021.
A defect in the Java-based Apache Log4j library enabled malicious actors to launch remote code execution attacks and potentially take control of target systems. Any software using the vulnerable library was subject to attack. While companies could quickly update the library version they used, the libraries used by their suppliers and partners -- and their suppliers and partners, and their suppliers and partners and so on -- needed to be updated to avoid being vulnerable to attack. Unfortunately, many companies are unsure about the components of their own software, let alone others' components their software connects to. If one link in this software supply chain uses a vulnerable version of Log4j, everyone is at risk.
Following proper patch management is key to ensuring Log4j -- and any software -- is secure and up to date. Using software bills of material (SBOMs) and requesting them from third parties is important to know if components in partners' software are secure.
Learn how to protect your organization from software supply chain security issues:
3. Remote work and hybrid workforce security
The COVID-19 pandemic has forever changed the workplace and how it is secured. In March 2020, cybersecurity professionals across the globe were forced to deal with an influx of remote workers seemingly overnight as organizations rushed to set up employees to work from home amid quarantines and shutdowns. Enabling secure remote access and connectivity, adopting technologies to maintain employee productivity and ensure security, enforcing remote security policies, and handling security issues on home networks, such as shadow IT, among other challenges, became everyday headaches for security admins.
As employees begin to trickle into offices two years later, companies face another challenge: enabling a secure hybrid mix of in-office and at-home employees. This involves maintaining remote security practices and in-office security practices in tandem or creating a new hybrid workplace security model.
Learn how to secure your hybrid workforce:
4. Nation-state attacks
Warfare has been around since the dawn of time, and cyberwarfare has been around since the dawn of the internet. Lately, the stakes have become higher as nation-state actors have become more sophisticated -- and motivated -- than ever before.
Stuxnet is widely believed to be the first nation-state attack. Developed by the U.S. and Israel, the Stuxnet worm targets SCADA systems, infecting instructions sent by programmable logic controllers. Stuxnet was used to physically damage Iranian centrifuges from 2006 to 2009.
In a more recent example, Nobelium, the nation-state attackers connected to the SolarWinds hack, used the Orion Sunburst backdoor to infiltrate its targets.
The war in Ukraine has also showcased the inclusion of cyber attacks in warfare, including many instances of wiper malware against Ukranian organizations, which, while not connected to Russia or any other nation-state, began on the eve of Russia's invasion.
Learn about nation-state attacks and how to protect against them:
Many called 2020 the "year of ransomware," with attacks spiking 148% during the COVID-19 pandemic. Then came 2021. For the second year in a row, the IBM Security X-Force Threat Intelligence Index found ransomware attacks were the most prominent type of cyber attack, accounting for 23% of attacks in 2020 and 21% of attacks in 2021.
Learn how to protect against ransomware:
6. Staffing issues
The security industry is no stranger to the skills shortage. For years, report after report has concluded more security employees are needed than there are people are applying for security jobs.
The most recent "(ISC)2 Cybersecurity Workforce Study" found that, although the cybersecurity workforce gap decreased for the second year in a row -- from 3.12 million in 2020 to 2.72 million in 2021 -- the number of security employees still must grow by 65% to properly defend today's organizations. Yet, hiring employees with the necessary skills -- and retaining those employees -- continues to be a challenge, not to mention the effect the Great Resignation may have on the industry.
Learn more about cybersecurity staffing issues:
Phishing is a never-ending challenge faced by organizations of all shapes and sizes -- no company nor employee is immune to attack. According to the "2021 Verizon Data Breach Investigations Report," 25% of all breaches involved a form of phishing or social engineering.
These attacks, which involve malicious actors tricking employees into revealing passwords, credit card numbers and other sensitive data, come in many forms, including email phishing, spear phishing, business email compromise, whaling, vishing and image-based phishing.
The following are some notable phishing attacks:
- Facebook and Google were scammed out of more than $100 million after attackers impersonated a legitimate partner of the businesses between 2013 and 2015. The phishing scams involved contracts and invoices for funds due.
- Sony Pictures was hacked in 2014 after company executives received phishing emails from a group called Guardians of Peace. The attackers reportedly stole more than 100 terabytes of data.
- Austrian aircraft supplier FACC was defrauded of $54 million in 2016 after an employee was phished by an attacker, purporting to be the company CEO, who requested a wire transfer to a bank account controlled by the attackers.
Learn more on phishing attacks and prevention:
Supply chain attacks, software supply chain security, remote and hybrid workforce security, nation-state attacks, ransomware, staffing issues and phishing are far from the only information security challenges enterprises will face in 2022.
Beware and prepare for the following issues that increase the attack surface and present cybersecurity risks as the year progresses:
- IoT security. IoT adoption comes with a number of challenges, from knowing which IoT devices are connecting to the network to securing communications to encryption. Learn about the top IoT security challenges.
- Cloud security. As more enterprises move data and applications to the cloud -- according to Hornetsecurity, 93% of businesses will be in the cloud within five years -- cloud security is becoming more important than ever. Check out the top cloud security challenges.
- 5G security. Enterprise 5G is expected to be cellular technology's greatest application. Its benefits are not without security issues, however. Learn how to identify and prepare for 5G security issues.
- Password security. The "2021 Verizon Data Breach Investigations Report" found 61% of breaches involved credentials. Ensuring employees keep these credentials secure is critical. Read up on password hygiene best practices.
- Secure software development. While security is often seen as a software development inhibitor, spending the time and money to securely develop software is necessary to prevent vulnerabilities that could lead to breaches. Learn about cybersecurity by design in software development.