As we all know, the past two years have changed the way we use technology, and those changes have had a significant impact on the cybersecurity industry. But in the security world, we can never assume that the challenges of the past year are going to be the same ones we face moving forward.
That's why Forcepoint has revealed the data protection trends that will shape the cybersecurity landscape in 2022, as part of our Future Insights series.
We developed the Future Insights to ensure the industry, organisations and individuals can understand the trends and events that will influence cybersecurity over the next 12 months, so that we can build better and continue to protect important data – and the people who rely on it.
Cyberattacks Will Become Part of the Military Arsenal
While digital weapons have been used for years, we should expect cyberattacks to become a staple of military arsenals in 2022 and beyond. Nation states will look for vulnerabilities in government and critical infrastructure as an alternative to warfare, or as part of it.
Attacking governments or critical infrastructure means attacking everyday citizens in a way that is not as directly lethal as drone strikes or other attacks, but that can still be extremely effective in causing harm and destruction to dictate political outcomes or cause discontent and sow confusion. State and local governments are particularly vulnerable. They often don't have the cybersecurity budget or technology in place to prevent and respond to ransomware, and typically pay for ransomware without addressing the issue.
Smart cities are also particularly vulnerable to cyberattacks. As more aspects of a traditional city—from transportation to lights to resource management—are connected to the Internet, the more they are at risk of cyber disruption.
The bottom line is that cyber has no borders, and all targets are only a keystroke away.
The Rise of Mass-Market Malicious Updates
In 2022, we expect to see a significant rise in cybercriminals delivering a variety of malware via software updates.
One of the reasons this technique is effective is 'technical debt' - or the difference between the 'price' (time, human resources, technology investment) a technical project should cost in order to be perfect and future-proofed, and the "price" an organisation is prepared to pay at the time. Products can get behind the curve due to reduced investment, but a lot of this debt centres around applying software updates – absolutely necessary, and so often overlooked.
Even though there is the possibility that malicious may output malware through software updates, IT administrators must keep on top of applying updates and patches as they come in. If technical debt builds, vulnerabilities and security holes will provide a way in for attackers – and the combination of new malware delivery techniques plus unpatched vulnerabilities causes concern.
In addition, with the increase in hybrid working, end users are having to be more responsible for patching and updating their systems. This could lead to either updates not happening at all, or updates being applied by those unused to the task, meaning they are more likely to accept behavior IT teams would spot as suspicious. Leaders should ensure that cybersecurity training is rolled out and regularly updated, to ensure employees act as a first line of defense.
Understanding the Workforce to Better Understand Risk
To understand risk and implement successful cybersecurity strategies, we must understand what we are protecting and the factors that impact our ability to do so.
Over the past 18 months, we have seen a rapid deterioration of rules and boundaries in both digital and physical spaces. One of the critical boundaries that has arguably disappeared over this period is the boundary between people and technology. Many people are less interested in maintaining any boundary between their physical and digital lives and are continuously connected to electronic and IoT devices.
Organisations focused on building resilient security architectures realise that they must understand and protect their assets (both digital and physical), as well as understand their employees. However, the enmeshment of people and technology has complicated efforts to achieve holistic security coverage using traditional policies and guidelines, since security has traditionally focused on technology rather than people. Efforts to address these challenges have been further complicated by the unplanned transition to working from home, the impact of burnout, and the lack of boundaries between personal and professional lives.
As we continue forward, we will need help from technology and analytics to learn how to interpret a new world with fewer boundaries. Rather than trying to use technology as a unilateral force to control their workers' behaviours, companies need to better understand how their people adapt to, respond to, and inform their environments – and begin to implement security practices and tools that work with humans rather than against them.
The Rise of Tractor Hackers
As industries become more digital, the greater their exposure to threat actors grows. And while it may not be the most obvious industry facing tech threats, farming is under the spotlight for cybercriminals. Many tractors now run more software than a modern car – allowing farmers to run them from an iPad while enjoying a cup of tea.
The growing automation has given rise to precision agriculture and remote farming – but not without its drawbacks. Given the heavy reliance on technology in food and agriculture, could we see hackers bring tractors and food production across parts of the world to a screeching halt in 2022? If we do, unfortunately, we'll also see large scale disruption of a supply chain that operates under a concise shelf life.
As we incorporate technology into more critical infrastructure, we'll see the emergence of new technologies as high-value targets for cybercriminals. We welcome automation and greater resource efficiency with open arms, but we can't digitalise the world without a backup strategy in place for when that technology doesn't work. We all have a responsibility to plan for going offline or outages. If we don't consider the potential for widespread disruption, then getting from 'farm to table' may take a great deal longer than we expect.
The Curtain Rises on the Age of Prevention
Global enterprises and governments, both federal and local, have invested billions in trying to detect and thwart ransomware. Detection is an important part of a resilient infrastructure, but it could take six to nine months for us to see data breaches come to light. Obviously, more detection is not the solution. As an industry, we've failed at detection. We've tried to do it for decades. Every time we innovate, the bad guys find a way to circumvent it.
In recent years we leaned into machine learning and AI-based malware detection tools. Innovations like AI are useful, but the innovation arms race hasn't eliminated or reduced threats like ransomware. Instead, ransomware attacks continue to escalate in scope and financial impact.
In response, our industry has embraced Zero Trust architectures and explicit-trust approaches, but most Zero Trust journeys have focused largely on identity and access. The recent evolution in hybrid workforces and digital transformation, and their concomitant usage of content and electronic information everywhere, are leading indicators of where Zero Trust must go next: data.
Companies must rethink their perimeter, because the perimeter is now wherever data is used. Put another way: if you focus on authentication and detection, you may be successful at knowing who a person is on the network and what they're allowed to access. But you might not know what they're accessing and why.
If we follow Zero Trust, then let's not trust any of the assets coming into the network in the first place. In a model of 100% prevention, you decide that all content is bad and sanitise everything, regardless of source.
In 2022, the Zero Trust journey will continue as organisations look to proactively prevent compromise and stop trying to detect or react to threats.
Understanding the emerging data protection and cybersecurity challenges, and creating solutions which can address them, will be key to ensuring the ongoing security of data at every level and touchpoint as we head into 2022.
The full Future Insights blog series can be found at www.forcepoint.com/blog.