Cyber security services company, Bridewell Consulting, has outlined its top cyber security predictions for 2022. Compiled from the knowledge of its team of highly-skilled consultants, coupled with data gathered from its 24/7 security operations centre in 2021, the company warns of the automation of security threats, increased risks for remote workers, and more nation-state attacks on the UK’s critical national infrastructure.
1) 2022 will be the year of remote risk – With remote and hybrid working here to stay, we expect to see a large increase in mobile malware attacks. Cyber criminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices and remote working. Social engineering will remain the initial attack vector for deployments of malware, phishing and ransomware, with an increase in deepfake technology making attacks more technologically convincing in 2022. Phishing volumes have already surpassed levels seen in 2020, and in 2022 we’ll see a rise of update-themed phishing emails designed to trick remote employees into believing they are legitimate updates, as well as those used to tailgate employees into restricted areas under the guise of being a new employee hired during lockdown.
- Ransomware will become automated – Human operated ransomware will be the biggest cyber risk for organisations in 2022. Different from traditional commodity ransomware attacks, we’ll see more cyber criminals with a high level of offensive security knowledge gain access to organisations and survey the environment for an extended period before launching a potentially devastating attack on data and systems. The risk presented by human operated ransomware will only increase as wormable variants such as WannaCrypt and NotPetva are utilised more. Additionally, automation will play a key part in the evolution of modern ransomware and malware attacks, with machine learning and Artificial Intelligence (AI) used to remove some of the mistakes that allow businesses to respond to current threats.
- Volume of hackers-for-hire will increase – Over the past few years, groups such as REvil and DarkSide have appeared and disappeared after carrying very public attacks against numerous industries. In 2021, we saw a number of hacker groups arrive, have a big impact, and then vanish as quickly as they came, only to repeat the same process again a few months later. In 2022 we can expect more of the same, in particular large attacks on lucrative targets such as supply chains and cloud providers to maximise ransom value and payments. Managed services and third-party suppliers will also be under greater risk. Phishing-as-a-Service will become commonplace on dark web forums, increasing attack volumes.
- Zero-Trust will become the de facto cyber security approach – With the rise of hybrid working, Zero-Trust will become critical in 2022. Lack of secure cloud configuration will continue to cause security breaches and organisations will seek to separate users and devices from data, applications, infrastructure, and networks, through the Identify, Authenticate, Authorise and Audit model (IAAA). More CIOs and CISOs will roll out system-wide Multi-Factor Authentication (MFA) with stricter rules around conditional access built in and supported by session information and telemetry to develop a comprehensive audit trail for real-time detection of a policy breach. Extended Detection and Response (XDR) will also become the technology of choice for Zero-Trust, enabling rapid detection and response of threats across endpoint, network, web and email, cloud and importantly identity.
- Organisations will turn to hybrid SOC models to plug skills gaps and aid consolidation – As the cyber skills shortage grows and enterprises lack security professionals with the depth of knowledge and technical skills to develop more advanced capabilities required for running a cloud-native modern Security Operations Centres (SOC), we will see more organisations turn to hybrid SOC models which combine the cyber skills of in-house teams with the expertise of a Managed Security Service Provider (MSSP). Companies will use providers to plug gaps in defences while developing in-house expertise in tools and techniques including EDR, XDR and intelligence-based threat-hunting. Hybrid SOCs will also be used to facilitate consolidation of security tools, driven by a growing desire from the board to reduce security costs, maximise ROI and improve efficiency.
- Rise in 5G and connected devices will increase IoT risks – 5G will continue to be rolled out globally in 2022 and increase the number of connected devices within organisations, particularly within industrial IoT. Manufacturing and Critical National Infrastructure (CNI) will remain the sectors most susceptible to security issues, with more factories and facilities becoming connected and more organisations reliant on IoT devices for measuring and monitoring processes remotely. We expect to see the introduction of more government guidance and standards to bolster IoT security as uptake increases.
- Organisations will shift focus from prevention to detection and response – As the speed and complexity of attacks continue to grow, demand for managed security services, such as Managed Detection and Response (MDR) will rocket. No longer the luxury of large enterprises, in 2022 we expect all companies to seek to shift from prevention to response andlook to implement early warning systems to alert on early signs of a potential breach. Security Orchestration Automated Response (SOAR) solutions, such as Microsoft Sentinel, will be critical alongside MDR to help to improve the efficiency. Traditional tools such as anti-malware software and spam blockers will still be important, but these will increasingly be combined with proactive tactics, such as MDR, threat hunting, and ethical hacking to ensure any vulnerabilities are identified and mitigated immediately.
- Critical National Infrastructure will face more threats – CNI will face increased activity from nation state groups, which are likely to prioritise green energy targets given the global focus on the development of sustainable infrastructure. The oil and gas sector will also be the subject of more directed attacks from hackers-for-hire as they attempt to target high value income industries.
- Cyber security transformation will drive digital transformation – Digital transformation became a necessity for businesses in 2021, driven largely by Covid-19. Probably the biggest mistake we saw in 2021 was a reactive approach to security transformation, whereby security was only considered afterwards. In 2022, we expect to see this model flipped with a rise in mature companies who seek to use cyber security transformation as the driver for digital transformation. Cyber security will shift from a box-ticking exercise to a business enabler, with CISOs and CIOs working directly with the CEO to develop an adaptive and customisable security model to ensure cyber security is as strong as possible before broadening the attack surface further.
- Cyber Security vendors will start to consolidate – Microsoft and Google will evolve to become leaders in cyber security. Microsoft has already announced a huge commitment to growing its cyber security offering and given the company’s dominance in the collaboration market and Google has already taken huge steps to bolster its security expertise. As both companies continue to build their expertise, we expect to see traditional cyber security players start to lose market share as they struggle to keep up with the visibility, coverage and collaboration benefits the global giants can offer.
Martin Riley, Director of Managed Security Services at Bridewell adds: “Cyber threats are always evolving and 2022 will be no different. Attackers will use new technologies to launch more sophisticated attacks and remain under the radar, while businesses will use technology to strengthen defences and drive efficiencies. Heading into 2022, organisations need confidence that their systems, data and processes remain protected, regardless of how the landscape evolves, and ultimately that comes down to developing an agile and adaptive security strategy.”
Bridewell is now the second-largest and one of the fastest growing, privately-owned, cyber security services firms in the UK, with its security operations centre protecting some of the UK’s most critical national infrastructure. The company was recently namedCyber Business of the Year in The 2021 National Cyber Awards and won the SME 100 Growth (Under £10M) and Tech Company of the Year awards at the Thames Valley SME Growth Awards 2021.
About Bridewell Consulting
Bridewell Consulting is a cyber security services company providing global, 24×7 managed detection and response services and cyber security consultancy.
With extensive experience in delivering large-scale transformational projects in highly regulated environments, Bridewell enables organisations to drive strategic change securely, providing a full breadth of end-to-end cyber security services. Its expert team comprises of a diverse range of highly skilled consultants, supported by industry leading technology, deep technical expertise, accredited methodologies and a client-centric business driven approach.
Bridewell delivers a vast number of services across critical national infrastructure, aviation, financial services, government and oil and gas. The company hold a number of industry accreditations including NCSC, CREST, ASSURE, IASME Consortium, Cyber Essentials Plus, ISO27001, ISO9001 and are PCI DSS QSA Company. https://www.bridewellconsulting.com/