2022 has been a particularly challenging year in the dynamic world of cybersecurity. All types of cyber attacks have been observed more often than ever before. Businesses around the world face more significant security challenges.
The accelerated digital transformation that began with the onset of the global COVID pandemic in 2020 is particularly beneficial for cyber criminals. Working from home and the progressive digitization of many areas offer more starting points for phishing, hacking, fraud, and online blackmail.
This article provides a compact summary of the most relevant topics and developments in 2022 in the field of cybersecurity investments. We also take a look at the key trends for the year ahead and beyond. And we describe how you can invest in current and upcoming cybersecurity trends and challenges.
2022: Review of Cybersecurity Trends
Passwords are the most important safeguard for all elements of our digital life – from emails to bank accounts to digital shopping carts. But nobody likes passwords. They are often uncomfortable and can be a prime target for attacks.
What are the reasons for that? Secure passwords must be complex and unique. But often, they aren’t because most people dislike or need to remember to create and reset long and complicated passwords regularly. It is considered highly cumbersome to create passwords, store them securely and manage them efficiently for the many different user accounts of our digital lives.
In 2022, working remotely proved to be the number one driver for adopting Zero Trust security models. Passwordless authentication practices and the evolution of conditional access policies facilitated the move to Zero Trust. We’ve seen more and more companies consider passwordless authentication for remote users.
“Zero Trust” is not simply a technical solution. “Zero Trust” is a journey that consists of five stages. These are:
- Definition of the protective surface
- Mapping of transaction workflows (how data moves in the network)
- Development of a Zero Trust network
- Creation of an appropriate zero trust policy
Network monitoring and management
We know Zero Trust is a journey. And that most companies have accelerated remote office adoption and cloud migrations because of the COVID-19 pandemic. One of the key questions about Zero Trust in 2022 is: How far has your company come on its journey so far? And what are your plans for 2022 and beyond?
Cloud workloads are still at risk
During our security assessments, we observed that cloud-native security controls and default policies were poorly configured or simply adopted the default settings in many different client environments.
Problems of this type are usually due to a need for qualified personnel and complex control mechanisms, as well as insufficient planning preparation for cloud migrations. This results in high risks in the corporate environment.
Cybersecurity Insiders’ 2021 Cloud Security Report found that 96% of organizations have moderate to strong concerns about cloud security. At the same time, 72% are not or only moderately confident about the security level of their cloud.
As a result, many companies still have a lot to do to improve their cloud security. So it is hardly surprising that Extended Detection and Response (XDR) enjoyed increasing popularity in 2021 – a trend that is expected to continue in 2022.
XDR solutions overview an organization’s entire infrastructure, including endpoints, cloud infrastructure, mobile devices, and other network points. With visibility and management from a single pane of glass, security management is simplified, and consistent security policies can be enforced across the enterprise.
The year of supply chain attacks
From the SolarWinds SUNBURST attack (described by Microsoft President Brad Smith as the most sophisticated attack ever) to breaking into the Kaseya software management platform, well-coordinated supply chain attacks/supply chain attacks increased significantly in 2021. Only the recognized large-scale actions were reported.
These catastrophic attacks again underlined that all modern organizations must ask themselves whether they have the proper threat detection measures and incident response processes to protect modern and to counter constantly evolving cybersecurity threats.
What to expect in 2023? New and known trends in cybersecurity
After this summary of the cybersecurity year 2022, we want to focus on the year 2023. Which cyber trends can be expected?
EDR to XDR remains a challenge
The gradual transition from EDR to XDR was a big theme in 2021. It will remain a major trend in cybersecurity in 2022. Customers still need clarification about these terms and why companies need these types of solutions. What feels like only a short time ago, Palo Alto EDR was introduced, and already it is known that a new security function from Microsoft should be switched to.
Often the view of the big picture needs to be included. Why is this solution even necessary? And what specific needs does it serve?
Vendors are expanding their offerings of endpoint and workplace security solutions based on the EDR (Endpoint Detection and Response) model to integrated and enhanced solutions based on the XDR (Extended Detection and Response) model.
With XDR, threat detection and response extend to endpoints and entire networks, including the cloud. The technology relies on threat analysis and automatic response to incidents.
Despite the significant benefits, such as improved detection of sophisticated attacks, improved visibility for SOC teams, and integration of rich third-party threat intelligence for faster incident response, the various XDR offerings available in the market have so far been reluctant to be embraced by customers.
Are they too complex for customer environments? Are there the right teams to deploy and manage such controls? In 2023, many companies will probably still need help understanding the point of XDR and the mechanisms of interaction with other, more established security solutions such as SIEM, SOAR, and EDR.
Improved cloud-native security controls
Recent vulnerabilities in public cloud environments like Microsoft ChaosDB (Azure Cosmos DB) have put cloud providers on heightened alert. Because the vulnerabilities could allow an attacker to access another customer’s resources using the current account’s primary key with read-write permissions, we expect public cloud providers to increase the security of their managed services, and cloud-native tools will continue to improve.
These include cloud-native vulnerability assessments, improved threat analysis, enhanced container security, a greater focus on application security, and cloud-native firewalls.
Introduction of cloud-native tools
More and more companies are moving from cloud-first to cloud-native technology. This means that adopting and securing cloud-native tools will be key cybersecurity trends in 2023. How can automated connections be ensured? And how can asynchronous events be correlated in your applications? Many companies will have to answer these questions in 2023.
ices using a cloud-native microservices architecture. It becomes evident that the multitude of “moving parts” creates a complex architecture that requires a wide range of skills to manage.
More connected devices (IoT) and more attacks on 5G networks
The increasing expansion of 5G technology with the corresponding complex adjustments to the infrastructure, the introduction of software-based services, and the connection of almost all technical devices to the Internet create a perfect target for malicious actors. Service providers and IoT solution providers must protect themselves against exploiting security vulnerabilities with the Zero Trust architecture.
However, every activity and innovation in cyberspace has a price. Setup often comes with a steep learning curve. Another challenge is understanding a malicious actor’s perspective on your new technology.