These are the security trends in 2022 and why IT security is more important in 2022 than ever before. […]
The past year once again provided proof that cyber security has become the dominant topic of the decade in IT &digitalization. Ransomware ransom demands received even more emphasis through double extortion and also increased their damage potential through attacks on the supply chain. Technical legacy issues in corporate networks, the complexity of managing various hardware- and cloud-based environments, and unclosed security gaps offer potential attack areas for companies.
Cybercriminals are taking advantage of the opportunities offered to them and will continue to exploit all opportunities to monetize vulnerabilities in 2022. In order to counteract the potential danger, cyber security is a mandatory part of digitization efforts and the corporate strategy.
The single malware actor of the past has long been replaced by a highly professional business model of cybercrime, which companies have to face with adequate risk minimization strategies. With the highest degree of specialization, highly efficient attacks are created by cybercriminals, which are accompanied by greater damage potential for companies.
Instead of the watering can principle of the past, targeted attacks have taken place, in which individual organizations are targeted. Malware actors operate on the basis of a criminal-to-criminal business model with a division of roles among specialists. State-sponsored attacks are also known. In addition to spying out gaps for penetration into a network by an actor, other specialists take over the programming of ransomware code and offer it via ransomware-as-a-service.
More criminals are investigating the network for valuable data that they extract before encryption. The next department is responsible for money laundering after the ransom has been paid. Each individual function of the attackers must be countered with the help of a multi-layered security approach.
The danger for companies comes from different directions and some attack surfaces are “homemade”. On the one hand, known loopholes in hardware infrastructures are exploited by attackers faster than companies with patch management can put a stop to them; however, security measures were sometimes neglected to provide the necessary employee connectivity when moving to the home office.
In addition to the quickly established access to applications and the data center for a “working from Anywhere”, the cloud offer was also quickly expanded. Quickly implemented workarounds were not always given the necessary attention in terms of security in a timely manner.
A dangerous mixture of rapid action, lack of resources of IT experts and neglect of the modernization of the security infrastructure increase the attack surfaces of companies. IT teams therefore have to regain an overview of how their protective screen is by means of continuous assessment. If attackers succeed in penetrating a network via a vulnerability, their lateral movement through the infrastructure is the biggest problem if there is no sufficient segmentation.
Accordingly, companies must develop strategies on how they can better protect their infrastructures in view of the increased risk potential and at the same time position them in a future-oriented manner. With the move to the cloud and the broader digitization, the realignment of IT security is also necessary. If data and employees have left the secured network, the security infrastructure located at the perimeter reaches into the void.
In addition, there are IoT environments in the production environment that require remote access for maintenance, and edge computing is entering completely new application areas. There is a demand for innovation in terms of IT security, which can keep up with the agility of new business models and digitized infrastructures. After all, the next infrastructure revolution is already knocking on the doors with 5G: the new wireless standard with its speed advantage and performance is taking classic network connections off their hinges.
5G allows a runtime-optimized, local application delivery model based on edge computing upstream of the cloud. Thus, the new radio standard heralds the next phase of the transformation, accompanied by fundamental changes in the network, application and thus necessarily also the security infrastructure. In view of this innovation potential, security is required that seamlessly controls data traffic regardless of the location of the user, the device used or the network.
A paradigm shift is therefore not only associated with the connectivity and availability of the applications, but it is also important to usher in security. Traditional network security must be replaced by a model that addresses all urgent challenges across the board: from security for users when accessing the Internet and their applications in the data center or cloud environments, to security for data streams in IoT and OT environments, to new application delivery models driven by 5G.
Machine learning and AI algorithms bring a new kind of intelligence to threat protection and thus enable increased granularity and agility in the adaptation and scaling of security measures.
Zero trust is the magic word for the modern challenges, because an approach based on rule–based “least privileged” access enables highly granular access to applications – without exposing the entire network. Companies create rights for access to applications or services, as well as applications to each other, regardless of where they are stored or how the connection is made. A cloud-based security platform monitors access rights intermediately and gives companies the control function over all data streams.
*Christoph Heidler is VP Global Transformation Strategy & CIO EMEA at Zscaler.