Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Cybersecurity in the Year Ahead: Trustwave 2022 Cybersecurity Predictions – Part 2

This is part 2 of Trustwave’s 2022 Cybersecurity Predictions blog series.

In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever.

As global cyber defenders, predicting where the broad industry could be heading is a daunting task. But by analyzing data patterns, the latest threat intelligence, the path of legislation, and the evolving needs of organizations as they continue their digital transformation and a rapid move to the cloud, we can make informed recommendations about where we need to focus our efforts as a cyber community in the coming year.

To this end, the security experts at Trustwave, Trustwave Government Solutions and the elite Trustwave SpiderLabs team from around the world will share their thoughts in a series of blogs on what 2022 might have in store for the cybersecurity industry and how we can best prepare for the next evolution of the fight against cybercriminals.

Please check out Part 1 of Trustwave’s 2022 Predictions.

The Focus Will Be on Machine Learning, AI and Automation as Defensive Measures

Tom Powledge Tom Powledge, Chief Products Officer and Senior Vice President of Managed Security Services at Trustwave

“Advancing innovations in machine learning, artificial intelligence and automation will continue to be a key initiative for the cybersecurity industry in 2022. As the attack surface widens with rapid cloud adoption and the number of endpoints on networks continues to grow, we need even smarter solutions that can sift through mass alert noise and precisely elevate the real threats to human security experts, so they can focus their efforts on rapid response. 

Organizations should invest in implementing solutions that leverage these technologies and ensure they have the staff or an expert partner in place to utilize solutions to their full capabilities. Machine learning, artificial intelligence and automation are not outright replacements for human talent with deep expertise, but these technologies can certainly help us defend at scale and maximize the effectiveness of human security experts in the ongoing fight against cybercriminals.”

Government Will Continue to Prioritize Cybersecurity and Mandate Critical Solutions in Data Protection

Bill Rucker Bill Rucker, President, Trustwave Government Solutions

From a government perspective in 2022, I expect to see a continued focus on executing the Executive Order (EO) on Improving the Nation’s Cybersecurity signed by President Joe Biden in May. There are a number of items in the EO that could prove beneficial, including the requirement for federal agencies to implement Endpoint Detection and Response (EDR).

I see the federal government turning to automation and artificial intelligence to reduce the impact of the ongoing cyber personnel shortage.

In the coming year, I also expect Congress to continue looking at how to better address reporting and disclosure by ransomware victims. At the same time, the Cybersecurity and Infrastructure Security Agency (CISA) will look into improving collaboration with the private sector to provide best practices around combating ransomware.

Next year, Congress will likely start to look more deeply at data management, governance and protection. Privacy rules likely will be a part of that conversation as well. I don’t think we will see final action on these issues before the 2022 election, but there will definitely be a greater focus leading into November.

 

Effective Identity and Access Management Is A Necessity, Not an Option

Kory Daniels Kory Daniels, Global Director, Cyber Defense Consulting, Trustwave

Effective Identity and Access Management (IAM) at scale will be critical for organizations to prioritize in the coming year. The rules of engagement were much more predictable when workers kept to the traditional 9 to 5 workday and remained at a designated office location. As a result, many companies didn’t even have insider threat management on their radar. Now, there is a new layer of complexity with the surge in remote and hybrid work.

Successful digital identity theft means an attacker can freely impersonate a member of your workforce. So, how do you know if someone is who they say they are? What certification exists, and baseline behavior is in place to establish trust? This is much more difficult to decipher with a virtual workforce – as workers are in a myriad of locations, time zones, and accessing files off-hours. Baselines for understanding normal user and entity behaviors have shifted further since remote behaviors differ quite drastically. 

As a result, it has become much more expensive for organizations, especially those with mature insider threat management programs in place, to distinguish a bad actor from an actual employee. Refining an ongoing identity and access management program and addressing these challenges will be paramount in 2022.

 

Organizations Will Establish Information Security and Cybersecurity Architectures to Provide GRC

Kevin Kerr Kevin Kerr, Lead Security Principal Consultant Americas for Trustwave's Consulting & Professional Services.

Companies must get their hands around data/information and develop a culture within a company where data/information is the key to all aspects of the business. Organizations will need to address the concept of data and information security from the inception of an idea, line of business, or project.

Organizations will have to establish infosec and cybersecurity architectures to provide governance, risk and compliance (GRC), and also implement risk management and cybersecurity frameworks to ensure that the appropriate level of security is in place. 

Organizations will need cyber business resiliency, and they will need it in near real-time.

Organizations have and will continue to struggle to manage IT/IoT/OT as they are different and bring with them different threats/risks/impacts, requirements, technologies, management techniques and tools.

Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More