For CISOs to continue tackling the threat landscape successfully, they must implement more sophisticated defence strategies in 2022 to mirror the increasing sophistication of the methods used by hackers. Kev Eley, Vice President Sales, Europe at LogRhythm, takes a look at the threats CISOs will face over the next 12 months and discusses how various trends will transform the cybersecurity landscape.
Throughout 2021, CISOs and cybersecurity decision-makers have found themselves busy with continued uncertainty around COVID-19 restrictions and weakened cyber defences as a consequence. A prolonged shift to remote working has increased usage of cloud software which has proven complicated to protect. In a global Statista survey, 94.5% of security leadership respondents stated that securing Digital Transformation initiatives is a cybersecurity priority post-pandemic.
A balance between remote and in-office working has provided many businesses with greater flexibility and efficiency. However, a hybrid working model has complicated the process further for CISOs trying to protect their business. In 2022, this will be no different. Research from Gartner shows that 75% of hybrid or remote knowledge workers say their expectations for working flexibly have increased, and four out of 10 employees are at risk of leaving if they are forced to return to an in-person office environment.
Cybersecurity taskforces will have to continue to be flexible and thorough to best protect this new business environment. I’ve put together some of my key predictions for 2022 so that CISOs can better understand how to protect their business in the year ahead.
Working from home will continue to present challenges
As mentioned previously, working remotely has totally transformed the way businesses operate and has become the ‘go-to’ environment for many. As the shift becomes more permanent, this way of working will become a target for attackers who will exploit the lack of protection many businesses are still operating with. Social engineering tactics will be ulitised by cybercriminals to impersonate employees and infiltrate systems.
Parallel to this, cybercriminals will also capitalise on relaxed Bring Your Own Device (BYOD) policies. CISOs will be rightly concerned about the risks of malicious viruses and lack of control over personal devices, as well as the potential for sensitive data to be accessed if the device is lost or stolen. It’s their responsibility to crack down on unprotected devices and ensure employees have access to cyber protection software when handling critical data.
CISOs will have a seat at the table
We can expect the role of the CISO to gain more appreciation from CEOs and boards in 2022, as they begin to understand a constant stream of communication with CISOs is the best way to gain better executive visibility. By understanding the risks their business is facing, they can better plan budget and labour allocation for the areas of business facing the highest risk.
This is a shift from what we have seen this year. Earlier this year, a report from LogRhythm found that only 7% of security leaders report to the CEO. Additionally, only 37% say they or someone in their security function reports to the board of directors, despite 60% of organisations experiencing a cyberattack in the last two years. CISOs have not been granted the necessary influence to effectively contribute to the business’ strategic planning and budgeting.
It’s not just CISOs that will be recognised next year. Security teams will find themselves with more influence and in higher demand across companies making substantial new cybersecurity investments. The increased investment will be primarily used for application security, as well as hiring talent to validate the source code companies bring in.
The increase of spear phishing
Attackers have sophisticated their methods of phishing as people have become wise to the traditional obvious and unrealistic suspicious email. Training and general awareness has caused attackers to change their tactics and take a better researched and prepared approach, known as spear phishing. Using social media platforms such as LinkedIn, attackers can gain a range of information that allows them to imitate colleagues and discuss recent company news that all adds to the realism of the phishing attempt.
In the UK, Statista found that 62% of surveyed CISOs believe that human error is their organisation’s biggest cyber vulnerability. CISOs will need to lobby for increased training on this to ensure employees are fully aware of the growing sophistication and remain on high alert of any unexpected or unusually worded emails, even if they appear legit at surface-level.
API vulnerabilities creating easy targets
Lateral movement techniques are used by cyberattackers to infiltrate deeper into an organisation’s network after carrying out an initial breach. Next year, we will see attackers ramp up the lateral movement concept for internal networks to new levels, even after the Russia-linked REvil Ransomware-as-a-Service group leveraged Kaseya’s network management and remote control software. Hackers were able to move not only within Kaseya’s network, but extend its reach to its customers.
Having seen the success of this attack, hackers will soon apply it to an entire partner network using misconfigured APIs, allowing them access from the Internet into a company’s environment. CISOs will need to get ahead of this. Proactive measures such as a comprehensive security information and event management (SIEM) platform are what’s needed to combat this, not defensively reacting after it starts to infiltrate systems and cause irreparable damage.
A plan for CISOs
After well over a year of adapting to this new environment, CISOs have already made huge strides in creating new plans and processes to enable enhanced protection. They recognised the need to adapt and acted on it, using unseen levels of automation and innovation to do so. In 2022, CISOs will need to fight for their voice to be heard among the C-suite, which will allow them to implement more sophisticated defence strategies to mirror the increasing sophistication of the methods used by hackers. The working environment will continue to change, but with thorough preparation, CISOs can continue doing what they do best: protecting their business.Click below to share this article