What’s New for 2022: Tanium’s EMEA Experts Offer Their Cybersecurity Predictions

Cybercriminals rarely work in 12-month cycles. Yet, the start of a new year is always a good time for IT and security decision-makers to take stock. Over the course of 2021, a few things became very clear.

First, ransomware will be here as long as organizations neglect basic cyber hygiene, victims continue to pay their ransoms and criminals are harbored by hostile nations. Ransomware-as-a-service (RaaS) will continue to lower the barrier for entry to a growing number of affiliate groups in 2022.

Second, supply chain risk is set to surge. Over 90% of firms suffered a direct breach as a result of their partners in 2021. The hacking community is just getting started.

Finally, organizations must manage these and many other cyber risks in the context of a rapidly evolving working environment. It will increasingly be characterized by more flexible working, seamless use of collaboration tools and cloud-based infrastructure holding the whole thing together.

The cybersecurity challenges associated with the hybrid workplace should by now be pretty clear.

With this backdrop in mind, here are the top industry predictions for 2022 from Tanium’s EMEA experts:

Collaboration tools will be targeted as a key source of compromise

Contributed by Oliver Cronk, Chief IT Architect, EMEA, Tanium

“When the pandemic first struck, many businesses were forced to work remotely practically overnight. Many turned to collaboration tools such as Zoom and Microsoft Teams to continue daily operations. Yet, this increase in use and the flow of data across such platforms prompted hackers to exploit vulnerabilities and steal sensitive information on a massive scale.

Hackers will continue to look for vulnerabilities related to the new hybrid workplace model — and we predict that in 2022 employees using collaboration tools at home could come under siege.

Threat actors are aware these tools carry lots of valuable data. Instead of trying to find technical weaknesses in them, they’ll look to exploit users through impersonation instead. This could happen both on and off-platform. For example, we’re already seeing Zoom-themed credential phishing attacks circulating through email, text and social media messages.

In 2022, organisations should make securing collaboration tools a key part of their security strategies. As part of this, they will need to make important decisions about whether to allow people from outside the organisation to use them, or restrict access to staff members. Additionally, security training programs should be updated to specifically cover threats that users could encounter on collaboration platforms.”

Enterprises will increasingly need to understand third-party risk

Contributed by Oliver Cronk, Chief IT Architect, EMEA, Tanium

“We’ll begin to see more security and IT teams rigorously assessing third-party risk in 2022 — with assessments being done on a continuous basis rather than only when a company first joins the supply chain.

The cyberattack suffered by SolarWinds remains a key talking point within cybersecurity teams worldwide — as they continue to learn from one of the highest-profile breaches in recent times. The supply-chain attack led to at least 18,000 of the software firm’s customers downloading an update that left them vulnerable to hackers. CISA reports that “a much smaller number have been compromised by follow-on activity on their systems.”  The recent Log4Shell vulnerability in Log4J is a reminder that software development libraries and the associated software supply chain challenge continues to be difficult to manage.

Organisations must have a robust approach in place to avoid any unnecessary threats. Baseline levels of security offered by providers — often related to identity and access management (IAM) and privileged access management (PAM) — are no longer enough. Businesses need to carefully consider the architecture of their security ecosystem moving forwards.

There should be an increasing number of questions around where suppliers have made recent changes in their use of technology and the impact this has on security. The security and cyber-hygiene standards expected of suppliers will vary depending on their size and the level of resources they can devote to such tasks.

Finally, IT teams will also be looking to build reliable inventories of their assets and where they sit — which will become critical to effective supply chain risk management in 2022 and beyond.”

Technology isn’t always king when it comes to business continuity and protecting corporate assets

Contributed by Chris Vaughan, AVP, Technical Account Management, Tanium

“Amid the continued shift to remote and hybrid working in 2022, organisations must understand the critical areas of their business, and what the impact will be if something goes wrong or access is interrupted.

In a time of crisis, falling back to manual processes may be the only way to ‘keep the lights on’ both during and after an incident. But if an organisation has secured its kingdom with only digital keys, there could be a problem.

The past year has shown that technology isn’t always the answer, especially when it comes to business continuity and disaster recovery. Sometimes, falling back on manual processes such as physical security or system re-boot are critical for business continuity and protection of an organisation’s key assets.

Detailed scenario planning is crucial when it comes to ensuring business continuity. To protect their key assets into 2022, organisations will build an ops strategy that has physical and IT ecosystems working as one.

Risk analysis and operational resiliency will become key to hybrid working success

Contributed by Steve Hamilton, Area Vice President, Northern Europe, Tanium

“Hybrid working is fast becoming the new standard for businesses, which heralds new cybersecurity risks.

CIOs and CISOs will play a key role in preventing operational incidents and outages — with preventative security such as prompt patching growing in importance. However, the task of objectively scoring and systematically lowering IT risk through a preventative approach is by no means simple — especially with organisations now deploying more endpoints than ever, across both remote and office environments.

For this reason, in-depth risk analysis and operational resiliency will become a much greater focus for businesses in 2022. IT and operations teams will need to work together to unite around a common set of actionable data for real-time visibility and control over their computing devices. This will enable them to lower risk by preventing, adapting and rapidly responding in real-time to any technical disruption or cyber threat.”

The IT industry will need to agree on what Zero Trust actually means

Contributed by Chris Vaughan, AVP, Technical Account Management, Tanium

“Zero Trust is a simple concept that some tech vendors have complicated for their own benefit. As we move into 2022, the IT security industry needs to agree on a definition that all organisations can understand and implement effectively.

This should allow for the creation of Zero Trust policies that help IT security teams to define sensible user and software permissions, manage third-party risks and contain user mistakes. All of these are essential components of an effective, preventative cybersecurity strategy.

Most organisations view Zero Trust from a network perspective, yet fail to consider individual endpoints as part of the equation. However, in 2022 we expect to see security leaders looking at all aspects of identity, the network, endpoints and applications when considering a Zero Trust architecture approach. This will ensure they’re all on the same page when it comes to verification.

The premise behind Zero Trust of not trusting anything or anyone is straightforward. But more education needs to be offered by vendors. They should at least agree on how organisations can implement technology holistically across their IT estate, and how this will work for remote workers.

We’ve witnessed ransomware incidents this year where infected personal devices were allowed access to corporate networks. A growing number of organisations will adopt a Zero Trust approach to try and mitigate similar issues in 2022.”

There’s plenty here to keep IT and security leaders busy over the coming year. And some food-for-thought for the industry-at-large. While specific approaches to addressing these trends will depend on each organization’s risk appetite, a focus on following industry best practices and popular security frameworks should offer the best results.

---

Learn how Tanium gives IT operations, security and risk teams confidence to quickly manage, secure and protect their networks. Sign up for a free demo to test drive Tanium in your own environment.