2022 Cyber Predictions: Supply Chain Cyber Attacks Will Persist

This is part of our 2022 cybersecurity predictions series. We heard from top leaders from around the industry on what the new year might bring for cyber.


As we transition into the holiday season, 2022 will be upon us before we know it. Given current supply chain issues and heightened cyber risk, Paul Ayers, CEO of Noetic Cyber expects 2022 to be a pivotal year when it comes to cybersecurity:





Supply Chain Cyber Attacks Will Persist


“In 2020 and 2021, the cybersecurity industry witnessed a shift in focus to supply chain security, with large supply chain attacks such as SolarWinds and Kaseya. From greater than 50 new vulnerabilities per day in 2020, there is no reason to believe that 2021 saw a decrease. Patching is hard, and prioritization is key. Looking ahead to 2022, it is evident that supply chain attacks will remain a huge threat and difficult for security teams to anticipate. For that reason, security teams must be able to map vulnerabilities to assets, business-critical applications and potential risk.”


The Cyber Industry Will See Renewed Focus on Prevention vs. Response


“Supply chain attacks continue to be a huge threat to organizations, and difficult for individual security teams to anticipate. The cyber industry swings back and forth between prevention and response, with a renewed focus on preventative approaches, such as security posture management, cyber hygiene, and cyber asset management, showing that organizations are trying to anticipate cybersecurity threats before the threat becomes an attack.”


Cyber Cartography Will Take Center-Stage


“We continue to face the same problem we have seen for many years: we have too many single-use cyber tools. Forward-thinking security teams are investing in data scientists and working to unlock this siloed telemetry and generate a wider cybersecurity view of the organization to build an advantage over attackers. Phil Venables, the CISO at Google Cloud, has discussed ‘cyber cartography’ as the way of mapping cyber risk, assets, vulnerabilities, users and more, in an effort to gain this advantage. To change the status quo in 2022, organizations must employ this proactive approach to ensure they are one step ahead of the adversary at all times.”


###