Well into the year, we tend to see breach disclosures and cyber-attacks with initial compromise tracking back to early in the year. Business leaders must stay focused as we start the year and determine how to protect their data.
All cyber-attacks have one common target – data. Whatever the motive behind accessing that data – be it financial gains, access to trade secrets, advancement of domestic interests or pure disruption – for the adversary, data is always their end target. So, while it’s essential to determine which security technologies are needed to secure their organizations, it’s also paramount that business leaders and security professionals critically assess where their data will reside, which environment is best suited for their various data sets and surround them with the proper security controls.
Critically assessing those three areas, however, is not always simple. It can vary significantly depending on the type of data residing within a business environment. For example, certain data may need to stay on-premises for more oversight – which doesn’t interfere with effectively mining it – while other data can better serve business purposes in the cloud, with the right security and policy controls surrounding it.
Understanding your data, where it lies and where you choose to keep or move it is the first and most critical step in securing your business for the year ahead. Without that consideration, you leave yourself open to some of the biggest threats and trends expected in 2022, including:
-
A New Form of Extortion: Ransomware’s Ripple Effect on Business Partners
In 2022, we will begin to see more far-reaching ransomware attacks, in which a ransomware attack experienced by one business becomes an extortion threat for its business partner. In essence, we will see the introduction of triple extortion attacks. With business partners tightly interlinked through the supply chain, an attack on one organization can have a severe ripple effect on another company. Furthermore, ransomware attackers won’t stop at extorting the victim organization for ransom. Instead, they will turn to its business partners whose data they were able to access through the compromise or business partners who cannot afford the supply chain disruption. In other words, we will see certain businesses faced with the dilemma, do we pay our supplier’s ransom or can our operations afford and withstand our supplier’s downtime?
We know that data is always the target, so cyber-criminals will seek to maximize their attacks. The potential to become “collateral damage” in a ransomware attack will force businesses to scrutinize and audit their supply chains’ access to their data and the security and policy controls surrounding their trusted relationships. -
A Hybrid Cloud Approach Will Strengthen Security
Attackers are mirroring business strategies, and just as organizations worldwide invest in their cloud journeys, so are attackers extending their focus onto cloud environments. We’ve seen Linux-based malware and container targeting increase, which will prompt organizations to reconsider how they manage their data, ultimately recognizing the need to diversify where their data resides. Understanding that not all data should reside on-premises or in clouds, businesses will shift more toward a hybrid cloud approach, spreading their data across multiple environments to allow them to better manage and protect their data, placing proper security controls around critical data.
-
Ransomware Syndicate Takedowns Will Shift Attackers’ Target Focus
Law enforcement activation and government actions are putting pressure on ransomware syndicates. In 2022, we will see cyber-criminal groups shift more of their targeting to regions that do not have the security resources, defenses and government cyber strategy to stop them – observing an increase in attacks. Conversely, nations such as the US or UK may see a decrease in cybercrime incidents amid attackers’ fears of drawing attention that places them at the center of law enforcement’s target scope.
This year we will see businesses double down on their data protection strategies, conducting “audits” to determine what needs to live where. Businesses will become more intentional with their data. This might include modernizing their core architectures to provide the necessary transaction speed, encryption and privacy to thrive responsibly or designing their cloud security environments to be open and interoperable to extend security visibility and threat detection and response across their hybrid architectures.
When it comes to cybersecurity, 2022 will be characterized by diversity. This will mean diversity in targets, adversarial tactics and data. The strategies we design to respond to this landscape must be diverse as well – which is why they must be grounded in diverse environments that enable an open, hybrid cloud approach.