Top trends that will define the cybersecurity landscape in 2022

Jeremy Ho, Vice President at Attivo Networks
Jeremy Ho, Vice President at Attivo Networks


Amidst the ongoing pandemic, the use of digital tools, automation and cloud computing have skyrocketed within APAC organisations. In 2022, as we move into the “new normal”, organisations will continue to face new challenges posed by the increasingly complex cybersecurity landscape.


Organisations must thus prepare for the onslaught of cybersecurity risks by gaining a better grasp of what lies ahead in the new year. Here are the top three trends that will shape the cybersecurity landscape in 2022.


Ransomware attacks will continue to haunt APAC organisations


The average ransom paid by APAC organisations was US$1.23 million. Organisations will continue to be hit hard, not just monetarily however – with attackers continuing to use money theft, data theft, and business disruption to obtain profits.


Additionally, cybercriminals have been able to do this with ease as technology such as cryptocurrencies and blockchain have made it much simpler for them to collect ransoms from organisations.


We expect attackers to continue to outrun defences, target the bottom line, and seek monetary returns through identifying vulnerabilities and maximising the impact of their attacks.


As ransomware advances and stakes increase, organisations must prepare to deter and detect any ransomware penetration before it causes irreversible damage. Active Directory (AD), in particular, has become a high-value target for attacks due to the privileges and credentials that it contains.


Besides organisations, governments are also closely watching ransomware developments. Notably, governments need to safeguard critical infrastructure systems such as power generation and water treatment facilities. Recently, four critical infrastructure organisations in a Southeast Asian country have been targeted by a cyber-espionage group.  We expect such systems to become prime targets for attacks moving forward.


Rise of innovative technology to combat human-operated attacks 


Ransomware attacks today have evolved to become more sophisticated human-operated activities – with human threat actors bypassing traditional cybersecurity defences to carry out attacks. More organisations are thus considering innovative ways to ensure cybersecurity and protect their assets, for example, by adopting active defense strategies with deception tactics.


Imagine a chest overflowing with gold. In this context, only a malicious actor with bad intention will attempt to search and lay their hands into the treasure trove. With this happening, cyber defenders will have the added advantage to detect the attacker, misdirected them and trapped them in the deception paradigm.


Deception technology will continue to grow in popularity in the new year and will be the disruptor to attackers. The approach is to redirect attacks away from real asset by using advanced capability to lure the attackers. Practically, the attackers cannot attack what they cannot find and is lured into a world of deception.


Back to the basics with identity and trust


The ongoing ransomware pandemic has taught organisations one important lesson: taking care of the fundamentals can remove most cybersecurity challenges and vulnerabilities.


As the world moves into a new sense of normalcy, identity and credentials will become even more crucial. The recent ransomware attack, where Taiwanese computer giant Acer’s login details of at least 3,000 Acer retailers or distributors have been stolen, has demonstrated that credentials will continue to be one of the most sought-after data types by attackers.


Workplace and technology trends stemming from the pandemic, such as remote working and the pervasiveness of SaaS and IoT, will only continue to gain prominence. This will require organisations to stay on top of identifying and distinguishing distinct users and devices.


Organisations can properly defend themselves with a solid cybersecurity foundation. Ensuring that everyone with access to data, applications and networks have basic cybersecurity hygiene is the first crucial step. In addition, organisations should restrict access to critical corporate data from home and enforce higher authentication standards.


2022 will be the year that organisations look to tools such as Identity Detection and Response (IDR) solutions, so that they can gain visibility to vulnerabilities that exist on-premise, remotely, and in the cloud. By doing so, they will be better equipped to conduct systematic assessments and implement capabilities, in order to detect live attacks and respond quickly.


APAC organisations are all at different levels of cyber-maturity. It is crucial that both leaders and laggards understand where they stand and how the threat landscape looks like, so they can best determine their cybersecurity strategy for the year ahead.

Viewed : 1780