Protection of a business in terms of cybersecurity solutions remains paramount, including the adoption of technologies and cultures that will provide digital protection to a firm and to ensure employees are not at risk from potential threats such as adware and ransomware.
To gain an insight into the cybersecurity concerns that business need to wake up to, Digital Journal Boaz Gorodissky CTO and co-founder, XM Cyber and Mike Heredia VP EMEA & APAC, XM Cyber.
Advanced persistent threats
According to Gorodissky: “Hacker groups that specialize in advanced persistent threats (APTs) will continue to widen their target populations and enhance their toolkits by focusing on stealthy infiltration techniques.”
The level of threat will not be helped by a resource shortfall, as Gorodissky finds: “A shortage of expert cybersecurity personnel will expedite the development of automatic systems capable of replacing humans or drastically reducing the need for human interaction.”
Many of the attack methods will be automated, says Heredia, especially as “the value of bitcoin and other cryptocurrencies grows, attackers will invest in higher degrees of automation and more sophisticated techniques to infiltrate targets.”
Gorodissky cautions that cloud computing remains as vulnerable ahead as it has been in 2020, noting: “Cloud breaches will become more common, with attackers compromising credentials to access essential data on public clouds.”
Indeed, Gorodissky explains: “The same threats that affected organizations in 2021 will continue in 2022: a lack of fundamental cybersecurity hygiene, misconfigurations, poor credential management, and so on.”
It also stems that any external systems remain vulnerable: “Organizations will continue failing to thoroughly vet all third-party security and privacy practices before allowing them access to sensitive data. This vulnerability will increase the frequency and effect of third-party attacks.”
Even hybrid systems are vulnerable, says Heredia: “In 2022, leaders will become aware of the hybrid security threat. Organizations will improve their security operations approach to holistically perceive the threat and move beyond policy/compliance to security.”
Many of the attacks will come from rogue states. Gorodissky says: “Nation-states will activate more disruptive attacks against their adversaries.”
In addition, many targets will continue to be specific: “We will see a growing number of disruptive attacks threatening critical infrastructure such as computer network attacks (CNA), operational technology (OT), medical equipment, cars, etc.”
Heredia adds that other areas of the business that are weaker include logistics, with his prediction that there will be “An increase in supply chain-related attacks targeted in a more deliberate way.”