Companies must secure data on home networks in 2022. The hybrid workplace is here to stay, and with more employees outside the traditional network perimeter, the attack surface has grown exponentially. Organizations need to rethink their longer-term strategies for securing distributed and diverse environments, as they now have a reason to help employees protect personal networks. Vendors already have Secure Access Service Edge products available -- for example, Palo Alto Networks' Okyo Garde and Fortinet's Linksys HomeWRK. Expect to see more as the year progresses.
APIs become part of the attack surface
Attackers are setting their sights on unprotected APIs, and API attacks will see a banner year in 2022. These often overlooked connectors between applications frequently have access to sensitive data and are vulnerable to common web application vulnerabilities, such as distributed denial-of-service attacks and SQL injection. Securing APIs is difficult, because of the increasing number of them used that are internal- and external-facing. Plus, confusion surrounds not only how many APIs are in use at an organization, but also who is responsible for handling API security. Companies must take stock of the APIs used in their organization and properly secure them in 2022.
SIEM vendors add to XDR confusion
Extended detection and response (XDR) has been around for three years, but uncertainty about it remains. Organizations may not understand what XDR provides, and endpoint security vendors aren't making it any easier. In 2022, expect SIEM vendors to exacerbate the issue as they insist they provide the same services by adding XDR features to their SIEM products. Specialists say that some SIEM vendors rebranded existing SIEM products under the umbrella of XDR, and SIEM vendors are expected to respond with new features that align with XDR leaders. This will level the playing field between XDR and SIEM, causing additional confusion.
Insider breach damage exceeds
nation-state attack damage Ransomware is a perennial issue and will continue to be in 2022, but don't overlook insider attacks. Specialists predicted a major organization will fall victim to an insider attack and that the cost of insider breaches will exceed nation-state attacks. Victim companies may also not want to admit an insider attack due to embarrassment and liability worries. Insider threats were certainly happening in 2021 -- for example, in December, the U.S. Department of Justice announced the arrest of a Ubiquiti employee who attempted to extort the company. But expect to see more of them in the news -- and hitting the wallet hard -- in 2022.
Rise of SOP-V platforms
A new acronym will make the rounds in 2022: security observability, prioritization and validation, or SOP-V. SOP-V products unite attack surface management, vulnerability management, asset management, threat intelligence, security testing and risk ratings. With SOP-V, enterprises can improve monitoring and response, learn what is happening on the network and account for assets at scale. It will change the game, integrating individual tools and building an architecture so they can share data for analysis and allow analytics to prioritize risk.