News & Views

2022 Netwrix predictions

 

With cyberattacks – especially ransomware – on the rise, IT teams and security professionals must be on the alert as never before.  We talk to Ilia Sotnikov, cybersecurity expert and VP of User Experience & Security Strategist at Netwrix (www.netwrix.com) for his predictions for 2022.

“We can expect legislation to increase as security incidents at private companies affect national security.  The impact of ransomware and other cyberattacks is no longer limited to just the victim company anymore; attacks are now affecting entire regions.  For instance, attacks on companies that supply food or fuel have led to empty shelves in supermarkets and long queues at petrol stations.  Therefore, we can expect that security requirements for private organizations in critical sectors will become tougher.  In particular, notification rules will be affected, as governments need more visibility into the specifics of cyberattacks in order to improve legislation.  In some cases, governments may opt to use proverbial carrots as well as sticks, such as tax breaks that reward organisations for investing in cyber defences.”

“With insurance payouts becoming both more frequent and more costly, the cost of cyber insurance has already skyrocketed: Prices rose 96% in the US and 73% in the UK for the third quarter of 2021 compared to the same quarter last year.  We expect continued increases in 2022.  Moreover, insurance policies will require implementation of critical controls that reduce the risk of cybersecurity incidents.  With attacks becoming increasingly common, insurance companies will pay in exceptional cases only.”

“Attackers have seized upon a very effective strategy for getting access to large organizations – through the relatively weaker IT infrastructures of SMBs that provide them with services.  Accordingly, managed service providers (MSPs) will need to increase both the breadth and depth of their security measures, since many SMBs rely upon them for their security.”

“Most cryptographic algorithms today rely on the premise that there’s no processor sufficiently powerful to crack them in a reasonable timeframe – but quantum computing will allow such a processor to exist.  While this technology is still far from any practical application, concern is growing.  For example, the U.S. has announced export controls on eight Chinese quantum computing companies because of worries about China's ability to break encryption.  As the technology matures, we can expect more widespread adoption of post-quantum encryption standards.”

“Companies will need to address challenges in machine learning.  Over half (59%) of large enterprises today are already using data science (DS) and machine learning (ML).  However, these techniques bring risks as well as benefits.  ML algorithms are especially vulnerable in the learning phase because bad actors can poison the input in order to subvert the results, which can break critical processes and even put lives in danger in cases such as healthcare or traffic lights in a smart city.  Organizations using ML must understand these threats and redouble their efforts to defend against them.”

“Attackers will use residential home networks as their infrastructure.  A home network is much easier to infect with malicious software than a professionally secured enterprise IT environment.  With processing power and bandwidth connectivity in residences increasing, home networks will become more attractive to bad actors.  For example, by infecting many devices, they will be able to change IP addresses or even domain names dynamically during malware campaigns, thwarting common defences like IP blocking and DNS filtering.  IT teams should keep this new threat vector in mind when reviewing their security strategies and incident response plans.  Moreover, the IT industry should seek to increase user awareness and best practices adoption to reduce the number of easy victims.”

“Prioritization is the only way for organizations to manage the risk of cyberattacks in this new era of advanced technologies that can be used for both good and evil.  Simply put, organizations need to focus on securing their most important and valuable assets from the most likely incidents, and update their policies regularly.  It is increasingly obvious that cyber insurance is not a lifebuoy.  Risk assessment is first and foremost our own responsibility.”