How will cybersecurity evolve during the course of the next year? Looking into the near cybersecurity future for Digital Journal is Darren James, Head of Internal IT and Product Specialist, Specops Software.
Jones has analysed the main cyber-incidents for the year-to-date and finds password control to often be lacking: “The big, headline-grabbing attacks from 2021 have focused on the supply chain and ransomware attacks on critical infrastructure, which have wide-reaching impact. What is overlooked in many of these data breaches and attacks is that compromised passwords are often to blame for the initial security breach.”
Drawing on specific examples, Jones finds: “This was the case when Colonial Pipeline was breached in May, causing fuel shortages across the East Coast. The root cause of this ransomware attack was a compromised password that has since been discovered within a list of leaked passwords on the dark web.”
This means that businesses need to grapple with the essentials in order to boost their security credentials in 2022. According to Jones: “That said, in 2022, companies still need to focus on the basics — like password security — to improve protection against ransomware and other increasingly common attacks.”
This issues rests with the workers, says Jones, noting: “Employee passwords are the backbone of any company’s cybersecurity posture. Social engineering and AI-driven ‘spray and pray’ attacks are escalating and it’s easier than ever for attackers to obtain lists of leaked passwords. If there is just one step you take during 2022 to improve your password security, this is the one. Implement a comprehensive list of breached passwords that are blocked from being used in your environment.”
Jones recommends: “A strong list should be updated continuously with live attack data, providing protection from the passwords that are being used in attacks today. Equally important is setting password policies for employees, ensuring best practices in line with NIST and other standards like choosing longer passphrases and utilizing multi-factor authentication tools.”
With the continuation of COVID-19 and remote and hybrid work models, there are several other steps companies need to take in 2022 to improve overall security posture. Jones recommends the following for Digital Journal readers:
- Encrypt all devices used outside of the office to know that if they fall into the wrong hands they will not expose confidential company data.
- Implement multi-factor authentication to all network and cloud services. Many companies have identified the risk for admins and other privileged accounts but haven’t yet rolled out MFA to their entire organization. 2022 is the moment to take that step. Most cloud services office MFA today and it’s easy to configure to the requirements of your organization.
- Verify callers to the IT service desk. A bad actor impersonating an employee can contact the IT service desk and receive help to perform a password reset, which opens the door to penetrate the corporate network with malware or ransomware.