Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

2022 will be a year of challenge and opportunity for Australian CISOs

Jim Cook from Attivo Networks outlines the key issues CISOs are likely to face over the next 12 months, explaining how they can capitalise on emerging opportunities.

user iconJim Cook
Tue, 25 Jan 2022
2022 will be a year of challenge and opportunity for Australian CISOs
expand image

With large numbers of businesses still recovering from extended lockdowns and disrupted supply chains, it’s critical to ensure IT infrastructures are protected and fully functional as business conditions return to something approaching normal during 2022.

The key IT security trends that will shape the coming 12 months include:

  • An increasing focus on Active Directory
    Of all the ransomware attacks during 2021, almost all shared a particular feature. They succeeded after cyber criminals gained access to the victim organisation’s Active Directory (AD) resources.

    AD is a treasure-trove for attackers as it provides them with credential information to access an entire IT infrastructure. The fact that so many attacks used this vector is clear evidence of the work needed to secure AD in 2022.
  • Growing challenges for securing cyber insurance
    During the past few years, an increasing number of organisations have been taking out cyber insurance policies to protect against the expenses they can incur due to a cyber attack. In 2022, many will find it much tougher to obtain such policies.

    Insurance companies are likely to become far more diligent when checking the security measures organisations have in place. They will want the organisation to convince them it has taken all steps possible to ward off attacks.

    Expect some insurers also to decline to cover ransomware payments made to cyber criminals. Those organisations that opt to pay will probably have to cover the cost themselves.

    It’s also likely insurance companies will pay particular attention to the protective measures put in place around Active Directory deployments.
  • The ongoing rise of identity security
    Identity security will be a key trend throughout 2022. Coupled with this will be a renewed focus on improving the visibility of where exposures and vulnerabilities lie and the attack paths that cyber criminals can take.

    Organisations will have to be much better at intrusion detection and see when attackers misuse credentials or attack Active Directory. They’ll then be in a much better situation to undertake remediation.

    It’s not that existing security tools are doing a bad job. Rather, these are fundamentally not designed to detect credential-based attacks. Organisations will need new tools to close this gap.
  • The evolution of deception security
    Deception security will continue to expand beyond decoys and fake artifacts inserted into infrastructures to distract and mislead attackers. In 2022, this approach will also incorporate greater usage of concealment techniques.

    Concealment is an effective preventative measure because if attackers cannot see digital assets, they will be unable to steal or encrypt these. It’s also a necessary strategy because regardless of the security measures in place, the chances of an unauthorised party gaining access is never zero.

Deception and concealment are also very efficient and frictionless ways to achieve detection across a wide variety of attacker techniques. As soon as the deception leads attackers to access fake data, the organisation immediately knows unauthorised parties are on the network.

  • The ransomware threat will remain
    Ransomware was a major threat for organisations of all sizes throughout 2021, and this will continue to be the case in 2022.

    While encryption will remain a key feature of attacks, a greater proportion is also likely to incorporate so-called double extortion, when an attacker not only extorts the victim organisation but also threatens to release their data to the public.

    For example, if the victim is a law firm, it is unlikely to let sensitive client documents into the public domain. Therefore, they could have little choice but to pay the ransom demand.

    In 2022, attackers will increasingly use ransomware to disrupt operations and for financial gain. They will likely include attacks on various industries, from hospitals and medical centres to manufacturers and energy companies.
  • Australia’s IT security skills gap grows
    Throughout 2021, organisations found it increasingly difficult to recruit and retain sufficient IT security specialists to meet their requirements. In 2022, this skills gap is almost certain to increase further.

    Universities will need to restructure their courses, and organisations will have to invest in re-skilling existing employees interested in entering the security space. Vendors will also have to enhance their certification processes to nurture more new talent.

The coming 12 months will be a time of both challenge and opportunity for Australian organisations of all sizes. By being aware of and acting upon these key trends, they position themselves to flourish as the year unfolds and new opportunities emerge.

Jim Cook is the ANZ regional director at Attivo Networks.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.