This guest post was contributed by Daniel Smith, Head of Security Research for Radware Cyber Threat Intelligence. This is part of our 2022 cyber predictions blog series, where we hear from experts on what the new year might bring for cybersecurity.
As we near 2022, we see that the pandemic and subsequent economic shocks have spawned innovations in technology, including large steps forward in the cloud and edge deployments. Longtime businesses are reinventing themselves as contactless online-only experiences. According to Radware’s The State of Web Application and API Protection report, 70% of production web applications now run in cloud environments.
This massive shift to the clouds and edges will continue through 2022 and beyond, affecting enterprise security.
Monitoring and detecting threats directed at the remote workforce
The evolution to a remote workforce was inevitable. The pandemic accelerated the digital transformation timeline. With the shift to a remote workforce, the attack surface has evolved and expanded in favor of threat actors. Protecting the remote workforce in 2022 from service degradation will be critical to maintaining a productive work environment. In addition, organizations will continue to hire remote employees who they have never met. This will raise concerns around their knowledge base, security hygiene, and exposure to social engineering attempts, resulting in the move towards a zero-trust model.
Improving security standards for cloud-based workloads and instances
If the industry has learned anything in the last five years, it’s that security standards are lacking when it comes to cloud-based workloads and instances. Given the long history of cloud-based breaches, it's fair to say that in 2022, the industry will need to improve its security standards and reign in excessive permissions in the cloud. The cloud is not "more" or "less" secure; it's different. Those who are deploying cloud-based environments need to understand that the responsibility is on them. Migrating to the cloud doesn't absolve organizations of the obligation to secure their environment.
Limiting opportunities during the physical supply chain crisis
In 2022, we expect to see an increase in information and communications technology supply chain attacks and for threat actors to take advantage of the physical supply chain crisis. The global pandemic had a massive impact on the worldwide supply chain, resulting in supply disruptions worldwide. These disruptions are expected to last until 2023. Knowing any digital disruption will have a ripple effect, threat actors will be looking to target the physical supply chain with DDoS and ransomware attacks.
Addressing cyberattacks as proxies for nation-state activity
It is expected that nation-states will continue to advance their political agendas via cyber for the foreseeable future. Going into 2022, it will become increasingly difficult for the private sector to monitor, detect, mitigate, report, and attribute nation-state activity. As a result of this irresponsible behavior by nation-states in cyberspace, organizations will be forced to choose a side, dividing the internet users and organizations based on location and further escalating cyber conflicts.
Preventing threat actors from leveraging the security industry as a resource
In 2022, the hunters will increasingly become the hunted as nation-states and organized criminals look to leverage the security industry as a resource and target unsuspecting information security professionals and budget-strapped organizations.
Countering cyber aggression with offensive operations
It has become clear that you cannot win a cyber conflict with a defense-only strategy. Unfortunately, most offensive cyber campaigns in 2020 and 2021 have had a minimal impact on the threat landscape. It is expected that global law enforcement agencies will continue to hack back with offensive operations in 2022 with marginal results. Both the public and the private sector need to be prepared for an escalation in conflict due to these offensive cyber campaigns.