By – James Forbes – May, Vice President, Barracuda Networks APAC
Barracuda Networks, a trusted partner and a leading provider of cloud-enabled security solutions, revealed predictions that will shape the future of the cybersecurity and tech space in the coming year.
Ransomware will still be a problem
Ransomware would continue to dominate the news for being the most lucrative way of making money for the bad guys. However, there will be a renewed focus on the governments prioritizing cybersecurity initiatives, building alliances with vendors, and sharing data with other countries. This level of collaboration will help improve security for everyone.
In this post-breach era, ransomware attackers have been ahead of their targets since they have their hands on stolen data, including credentials. These attacks range from extortion on valuable data to penetrating the software supply chain. It has gone beyond disrupting business operations and goes as far as revealing information to discredit a corporation and destroy the trust chain. Figuring out how to slow that down by encouraging collaboration between governments and developing alliances with vendors will be critical in the year ahead.
Critical infrastructures are expected to face the greatest security challenge
The COVID-19 pandemic has shown that cybercriminals are willing to exploit the crisis to attack critical infrastructures like healthcare and the vaccine supply chain. It will be necessary for hospitals and healthcare organizations to understand the three steps of ransomware protection: avoiding credential leaks, securing access to their applications and infrastructure, and backing up their data.
In 2022, critical infrastructure will continue to face significant security challenges. This also includes everything from energy and financial services to education and healthcare. For example, there have been numerous stories about how ransomware attacks that hit hospitals affect patient treatment and even lead to deaths. Attacks on critical infrastructure have the most direct impact on people’s lives, so security will be a challenge as cybercriminals continue to focus on these vulnerable areas.
Privacy requirements will drive security decisions
In 2022, privacy will dominate the security conversation because data can no longer be leveraged without accountability. Almost 75% of countries have some type of privacy regulation. So, all businesses must protect and enrich any data they collect from customers in a way that respects their privacy requirements.
These conversations about privacy policy also come up in the context of digital transformation. Companies are adopting many SaaS technologies, downloading apps and software, but they should be aware of the privacy implications of all of the technologies that are being used. In 2022, companies will be making decisions about which products to use, based on whether or not the data compliance is sufficient for their customers.
Having the tools in place to ensure compliance will become more important as well, especially for small and mid-sized businesses. While leveraging SaaS solutions like OneDrive, SharePoint, and Teams, they would need to understand what their teams are doing and make sure they have the tools to secure the data and are also compliant.
Forensics and XDR are new skills IT security executives would need in 2022
IT security executives would need to develop the ability to understand forensics and incident response. Many large and small IT security organizations, working with a managed service provider, are still struggling with too many tools and not getting the signals to work together.
Detection and response will be the keywords to help IT security executives achieve what they need to in 2022 and beyond. Improving in this area will require an Open XDR platform or managed XDR solution through a service provider. Those tools will enable IT, security executives, to respond more efficiently than they are now. Right now, most enterprises are investing in tools to protect multiple attack surfaces. It will be essential to capture the signals from each tool and correlate the data for actionable insights. From prevention, detection to response, it will require forensics and security analytics skills to defend against today’s cyberattacks. With the existing shortage of cybersecurity skillset, utilizing a managed SoC (Security Operations Center) with XDR capabilities could be the answer for all small and medium enterprises.
Data consolidation is expected to see in 2022 by the security market
Consolidation on data-driven platforms is one change that is expected to occur in 2022 as the market shifts to more of a service-driven kind of tooling, including XDR and managed detection and response.
Detection and Response, skillset many organizations are missing will get more complex. Many companies, especially SMBs or small-to-medium-sized enterprises, will need this skill set to respond efficiently and effectively to survive these cyber-attacks without investing so much in building an in-house team. So, they will have to rely on managed security service providers. At an enterprise level, it will mean getting to know the tools being used, identifying the signals received from those tools and consolidating those signals to make detection and response easier for the team.
Security talent shortage turns into a security crisis and creates new opportunities
The small and mid-sized companies were already short-staffed and were experiencing trouble hiring the staff they needed to protect themselves from security risks. The “Great Resignation” will make those challenges even more acute, especially in tech and healthcare. This will make a tough situation worse.
As a result, in 2022 businesses will rely more on their vendors to provide automated tools and services, like XDR and MDR. Managed services providers will become a critical resource as well. Gartner predicted 40% of mid-sized companies will leverage MDR by 2024. From a mid-market perspective, companies will need a service provider to help them successfully leverage SOC / NOC / XDR capabilities and stay secure. Increasingly, only large enterprise organizations will be able to manage their security needs internally.
The year 2022 will also see more security positions filled by people from unexpected backgrounds or with different skills. Due to the nature of the threats and the complexity of the environments, companies cannot go back to just hiring who they’ve hired before. Addressing security challenges constantly requires fresh thinking in the face of ever-changing attacks and overwhelming alerts. This is a great opportunity to bring in different perspectives and the cybersecurity or IT space that will play a prominent role in how companies secure themselves.
New security roles are expected to emerge over the next few years
Cybersecurity Champion is a new role that we will emerge in the next few years, especially in developing software. These security champions will focus on what we call shifting left because now it is about the developers, software development, and the software supply chain, including Open-Source libraries and other third-party libraries. On the very left of the entire software development lifecycle, getting that level of security attention at the developer level is where those roles will start to add value.
Security Analyst is another role expected to be at the forefront in the next few years. They will effectively detect and respond to threats by understanding the correlation of these different signals and execute on responding to these threats.
Sharing his insights on the predictions, James Forbes-May, Vice President, Barracuda Networks APAC, said, “With security now starting to be prioritized, the reporting structure will depend on the organization’s maturity and the leadership they have in place, such as if there is a CISO involved. Many of the IT teams won’t naturally be reporting to a CISO because their approach to security is event-driven. By being predictive and preventative and having the right tools and resources, one can have plans and programs to prevent incidents. So instead of having an event-driven approach to security, organizations will need to proactively shift to putting the measures and stopping those attacks from ever happening or stopping it earlier in the attack chain, so there’s less damage. Without a security practice at the very top, it will be challenging to bring this kind of change.”