2022 is already primed to be a year of major technological breakthrough as well as the inevitable cyber attacks which will surely dominate its headlines. From collaboration apps targeted by hackers to a rise in risk to the supply chain, in part I of our blog we broke down some of the biggest trends impacting business continuity and remote work, in part II well discuss the shifting tides in the RaaS (Ransomware-as-a-service) market, the risks of cloud business applications and the need to secure the email gateway from malicious files.
RaaS hit the SMB market
Ransomware has been devastating individuals and businesses for over 30 years. For most of this time, the corporate targets tended to be a larger business. According to recent research from ThreatPost, the rise of RaaS has enabled illicit hackers to diversify their pray to now include SMB, who often cannot weather the storm and live to see another day.
“In 2022, the RaaS model will see continued growth as it has proven to be an incredibly efficient vehicle for maximizing profits, while the growth trajectory is staying the same, the primary target of ransomware attacks will not. Government involvement in defense of critical infrastructure will motivate ransomware groups to target small and medium-sized businesses (SMBs) to draw less attention than larger, high-profile targets.”
If current trends continue, RaaS will make a major impact on the bottom line for SMB in 2022. With the combination of government pressure pushing RaaS out of CIS and the limited security budgets part and parcel of smaller organizations, SMB must take a serious look at the potential risks of RaaS impacting their business continuity in 2022 and beyond.
Cloud security & business applications
Cloud security may have been a buzzword in the 2010s but by the 2020’s it had become an essential and fundamental element of any business’s long-term cybersecurity outlook. In 2022 cloud security will continue to take a central role in guiding IT spending as well as employee education and CISO’s attempts to cultivate a more effective security culture across their organizations.
According to The State of Cloud Security 2021 Report In 2021, “36% of companies suffered a serious cloud security leak or breach due to cloud misconfiguration.” And this is just the tip of the iceberg, “Gartner expects that through 2023, at least 99% of cloud security failures will be the customer’s fault, mainly in the form of cloud resource misconfiguration.”
While in previous years cloud security may have been bundled into the broader costs or process of IT, in 2022 cloud security in business applications will become a central focus of all major enterprises cyber ethos across every level of operations. Part of mitigating this issue will be implementing new cloud management process such as CIEM or CSPM to better mange cloud assets and decrease human error.
Email Security takes center stage
Sometimes the most obvious security risks get little attention, due often to the sheer data overload of new attack vectors, rising risks and cyber based aggravations sent down the chain. This is case with many aspects of email security. While zero trust and multifactor authentication have increasingly filled IT discourse in recent years, many miss a critical element in email security overlooked or underappreciated by IT teams pushed to their max capacity.
File security, on a binary level has never been risker. Currently we are experiencing a nearly endless flow of malicious attachments targeting employees at every rung of the latter. 2022 will continue to see an exponential rise in emails containing malicious attachments as well as those seeking innovative solutions to compliment legacy cybersecurity technology.
In the coming year we expect solutions geared at mitigating zero-day attacks and preventing altered attachments to penetrate secure networks, such as those with deep file inspection technology, to gain traction with enterprises and SMB alike.
Where do we go from here?
From the collaboration applications keeping our teams together but leaving our data at risk to the advanced attacks focused on SMB and the supply chain, there are so many factors ripe for cyber exploitation in the coming year. In 2022, the key to ensuring cybersecurity will clearly be linked to better managing file sharing across all platforms. From collaboration apps and email to file transfer portals and embedded downloads with malicious content, every avenue must be closer inspected to mitigate potential cyber risk.
To effectively manage these evolving cyber risks, organizations must innovative their thinking towards risk, and develop a holistic approach to mitigating evolving cyber threats, integrating legacy security products with new niche solutions all within a cohesive framework built to proactively mitigate risk.