In addition, this expert foresees continued cyber exploitation of pandemic anxieties, as well as two other trends to watch for
According to the a global information security survey by EY, the frequency of disruptive attacks had increased for 73% of respondents from the Asia Pacific region, and 57% of APAC respondents were unsure if their cybersecurity defences were robust enough to withstand hackers’ evolving techniques.
This year, cybercriminals continue to take advantage of the pandemic to profit massively.
As the cybersecurity landscape continues to evolve, enterprises and business leaders need to prioritize the upgrade of their security infrastructure and their employees’ cyber awareness, and stay abreast of the latest cybersecurity trends for the region, such as the following five:
- Microservices will attract macro threats
One big advantage of the current mass migration to cloud software is it reduces operating expenses, and vendors can upgrade and scale their software without downtime, by using microservices.
As the trend for cloud services continues in 2022, we expect to see growth in microservice level attacks as criminals turn this to their advantage.
- Supply chain security will be a key focus
The high profile supply chain attacks of 2021 demonstrate that threat actors can gain access to organizations through a third party. As organizations adopt go digital and partnerships grow, so will their exposure to supply chain vulnerabilities.
In 2022, organizations will be even more concerned about the source of their software. There will be more focus on digital code signing and ensuring that Incident Response processes are in place to limit the impact if and when an attacker does successfully exploit a weakness in the supply chain, such as the current Log4Shell crisis. This is one of the worst remote code execution flaws in recent years and will no doubt continue to wreak havoc for years to come. Supply chain security is now increasingly important, and this is unlikely to change anytime soon.
- Cybercriminals will continue to take advantage of the pandemic
This year, threat actors have continued to exploit human psychology as well as organizational and technical weaknesses in more complex and dispersed networks, resulting in considerable economic and productivity damage.
In 2022, threat actors will continue to exploit these weaknesses that organizations struggle to correct due to ever-increasing complexity. In other words, 2022 will look a lot like 2021 but with more notable and sensational exploits.
- More secure internet standards may give threat actors an advantage
Safeguarding an organization requires visibility and inspection of encrypted network traffic. Newer and more secure internet standards such as HTTP/2 and TLS 1.3 will provide an additional avenue for organizations to secure and ensure data privacy, but threat actors are aware.
This further complicates the inspection demands that most security detection methods employ today. Thus, security measures may ultimately fall short, as exploits can easily be hidden even within encrypted traffic that many organizations may opt out of decrypting.
This, in turn, will increase interest in AI and machine learning tools that allow malicious activity to be detected without breaking encryption.
- Revamping personal cyber hygiene will be more important than ever in 2022
Identity theft is being used in more complex scams, and unfortunately, employees and individuals are not adequately securing their accounts.
Sharing too many personal details on social media, not using multi-factor authentication; using weak passwords or being too trusting when the phone rings are just a few common examples.
Furthermore, attacks have become more complex and multi-layered, with threat actors chaining together multiple minor cyber incidents that lead to a full exploit.
In light of this, personal cyber-awareness should be a top priority in 2022, and the security of an organization begins with every employee.
Organizations are already realizing the many benefits of digital transformation: now they need to channel some of the benefits back into prioritizing cybersecurity by modernizing and safeguarding their infrastructure for continued operational resilience.