5 CYBERSECURITY

PREDICTIONS FOR 2022

Enterprise-level security comes home

Companies must secure data on home networks in 2022. The hybrid workplace is here to stay,
and with more employees outside the traditional network perimeter,
the attack surface has grown exponentially. Organizations need to
rethink their longer-term strategies for securing distributed and
diverse environments, as they now have a reason to help employees
protect personal networks. Vendors already have Secure Access
Service Edge products available -- for example, Palo Alto Networks'
Okyo Garde and Fortinet's Linksys HomeWRK. Expect to see more as
the year progresses.

APIs become part of the attack surface

Attackers are setting their sights on unprotected APIs, and API attacks will see a banner year in
2022. These often overlooked connectors between applications frequently have access to
sensitive data and are vulnerable to common web application vulnerabilities, such as
distributed denial-of-service attacks and SQL injection. Securing APIs is difficult, because of
the increasing number of them used that are internal-
and external-facing. Plus, confusion surrounds not only
how many APIs are in use at an organization, but also who
is responsible for handling API security. Companies must
take stock of the APIs used in their organization and
properly secure them in 2022.

SIEM vendors add to XDR confusion

Extended detection and response (XDR) has been around for three years, but uncertainty
about it remains. Organizations may not understand what XDR provides, and
endpoint security vendors aren't making it any easier. In 2022, expect
SIEM vendors to exacerbate the issue as they insist they provide the
same services by adding XDR features to their SIEM products.
Specialists say that some SIEM vendors rebranded existing SIEM
products under the umbrella of XDR, and SIEM vendors are expected
to respond with new features that align with XDR leaders. This will level
the playing field between XDR and SIEM, causing additional confusion.

Insider breach damage exceeds

nation-state attack damage
Ransomware is a perennial issue and will continue to be in 2022, but don't overlook insider
attacks. Specialists predicted a major organization will fall victim to an insider attack and that
the cost of insider breaches will exceed nation-state attacks. Victim
companies may also not want to admit an insider attack due to
embarrassment and liability worries. Insider threats were certainly
happening in 2021 -- for example, in December, the U.S. Department
of Justice announced the arrest of a Ubiquiti employee who
attempted to extort the company. But expect to see more of them in
the news -- and hitting the wallet hard -- in 2022.

Rise of SOP-V platforms

A new acronym will make the rounds in 2022: security observability, prioritization and validation,
or SOP-V. SOP-V products unite attack surface management,
vulnerability management, asset management, threat intelligence,
security testing and risk ratings. With SOP-V, enterprises can
improve monitoring and response, learn what is happening on the
network and account for assets at scale. It will change the game,
integrating individual tools and building an architecture so they can
share data for analysis and allow analytics to prioritize risk.

© 2022 COMPUTER WEEKLY | TECHTARGET