Story image

Ransomware will remain the number one security threat - Barracuda

By Shannon Williams, Wed 22 Dec 2021

Barracuda Networks has released its top nine cybersecurity predictions for 2022. Covering a range of topics from the evolving threat landscape to the sectors most at risk, the predictions point to a new year filled with both challenges and opportunities.

The 2022 predictions are:

Ransomware will remain the number one security threat:
The volume of ransomware attacks being mounted against Australian businesses will continue to rise throughout the new year. At the same time, governments at all levels will take the problem more seriously and collaborate at a nation-state level.

Attacks will range from extortions using stolen data to the penetration of critical supply chains. As well as looking for financial gain, the criminals will also increasingly use stolen data to discredit businesses and destroy reputations.

During 2022, it will be vital for both public and private sectors to work together to continue to make it increasingly difficult for cybercriminals to move the ransomware payments they receive.

Critical infrastructure will be at heightened risk:

Critical infrastructure was the target of a number of high-profile attacks in 2021, and it will continue to face significant security challenges in 2022. This infrastructure includes everything from energy and financial services to education and healthcare.

Fallout from the COVID-19 pandemic will continue:
The COVID-19 pandemic revealed that cybercriminals are willing to exploit a crisis to attack critical targets. It will be necessary for organisations such as hospitals and healthcare providers to understand the three steps of ransomware protection. They are avoiding credential leaks, securing access to applications and infrastructure, and backing up data.

The need for forensics skills will grow:
Senior IT security executives increasingly need to develop the ability to understand forensics and incident response. Many IT security organisations are still struggling with too many tools and not getting the signals to work together.

Detection and response will be the keywords to help IT security executives achieve what they need to during 2022 and beyond. Improving in this area will require an Open XDR platform or managed XDR solution delivered through a service provider. Those tools will enable IT security executives to respond more efficiently than they currently do.

Data consolidation will become more widespread:
Consolidation of data-driven platforms is likely to become far more common in 2022 as the market moves to be more service driven and offer managed detection and response capabilities.

At the same time, detection and response will become more complex. This will occur as organisations come to realise they lack the required skills in house. Many, especially SMBs, will need some type of managed service provider to help them in this area. This will allow them to respond efficiently and effectively to cyberattacks without needing to invest in building an in-house team.

A new cybersecurity role will emerge:
During 2022, expect to see the rise of the Cybersecurity Champion. This new role will be particularly evident within organisations undertaking software development. These champions will focus on whats been dubbed shifting left as it is now all about the developers, software development, and the software supply chain. On the very left of the entire software development lifecycle, getting this level of security attention at the developer level is where those roles will start to add value.

There will be growing opportunities for MSPs:
As increasing numbers of SMBs become aware of growing cyber risks, MSPs will be able to continue acquiring new clients. Indeed, MSPs that are ready to help growing organisations manage cyber risk will be at the forefront of the cybersecurity landscape.

There will, however, be many challenges for MSPs to overcome. Theres a massive talent gap, and it can be difficult to manage multiple vendors when assembling a cybersecurity offering.

The role played by MSPs will change:
Its clear that, to be successful in 2022, every MSP will have to become security first in their focus. At the moment, SMBs have no one to call if they have a cybersecurity problem. If theres nobody or no infrastructure to rely on in the event of a breach, MSPs will be the only people that workers can call in an emergency.

During the year, MSPs will see more and more calls about breaches or security concerns. Ready or not, they will be the only organisations with the connections and the equipment to help SMBs address their cybersecurity challenges.

The cybersecurity skills shortage will remain:
Unfortunately, the skills shortage that plagued organisations during 2021 will continue throughout 2022. Demand for individuals with years of experience in cybersecurity, such as CISOs and Infosec Directors, will rise at an exponential rate, however not enough people entered the industry ten or fifteen years ago to meet the current demand.

The bottom line is that this talent gap means many businesses will simply not be able to get the staff they need. As a result, they will increasingly rely on MSPs and their cybersecurity partners, such as like Barracuda.
 
As these trends unfold during the year, the implications for organisations of all sizes will become clear. Those who have retained the services of an MSP with top-level security knowledge and skills will be in a much stronger position to withstand new threats as they emerge.
 

Recent stories
More stories