IT News: Security (Dec. 13th, 2021)
John J. McLaughlin
Editor-In-Chief, Board Member, Professional Services Engineer, Community leader
In This Issue:
Get ready for more hacking, more scammers, and a bigger need for online security
If you're ready for a sedate year in cybersecurity news, you won't find it in 2022. Here's a snapshot of some of the cybersecurity trends we expect to see in the new year.
The next 12 months promise to be busy ones in the world of cybersecurity. Here are our six predictions for what will be the most important cyber trends of 2022. [CXOTalk, December 9th, 2021]
The National Institute of Standards and Technology (NIST) released analysis showing the number of vulnerabilities reported in 2021 was 18,378 this year.
The figure set a record for the fifth year in a row, though the amount of high severity vulnerabilities fell when compared with 2020 There were 3,646 reported high risk vulnerabilities in 2021, as opposed to 2020's 4,381.
This year, the number of medium and low risk vulnerabilities reported exceeded those seen in 2020 at 11,767 and 2,965 respectively. [IT Secuity Guru, December 9th, 2021]
Bridewell Consulting, has outlined its top cyber security predictions for 2022. The company warns of the automation of security threats, increased risks for remote workers, and more nation-state attacks on critical national infrastructure.
Bridewell Consulting's predictions are:
2022 will be the year of remote risk - with remote and hybrid working here to stay, Bridewell Consulting expects to see a large increase in mobile malware attacks. Cyber criminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices and remote working. Social engineering will remain the initial attack vector for deployments of malware, phishing, and ransomware, with an increase in Deepfake technology making attacks more technologically convincing in 2022. Phishing volumes have already surpassed levels seen in 2020, and in 2022 we'll see a rise of update-themed phishing emails designed to trick remote employees into believing they are legitimate updates, as well as those used to tailgate employees into restricted areas under the guise of being a new employee hired during lockdown... [Continuity Central, December 8th, 2021]
Kelvin Murray, senior threat researcher at Carbonite and Webroot, discusses how cyber security can be bolstered to mitigate malware in 2022
Be it in person or online, the world is still struggling in the fight against viruses. 2021 was another year where the headlines were awash with COVID-19. But cyber scandals too were vying for their spot in the limelight, as malware and ransomware attacks ran rampant, and supply chains took a digital beating (just in case they weren't tormented enough).
Unfortunately, 2022 looks set to be subject to the same scope of threats - with more fresh assaults and ever-creative ways to exploit vulnerabilities thrown in for good measure. So, as we head into a new year, now is a pivotal time to look back at some of the nastiest, most recent malware to better understand the threats and how to protect against them. [Information Age, December 9th, 2021]
The pandemic has brought new challenges to the world of security threats. At the same time, defending against these threats shows that the basics of cybersecurity are still valid, and we need to double down on these methods.
This is especially the case as Windows 11 is beginning its rollout, with new sets of security problems certainly ahead.
Malware vs. Microsoft Exchange
During 2021, we observed a series of vulnerabilities specifically targeting Microsoft Exchange servers. Both were discovered in August. The first is called ProxyShell. It attacks servers through compromised authentication credentials and the mail programming interface. [Security Boulevard, December 7th, 2021]
With any ransomware attack or security event, there's going to be a before, a during, and an after. To understand how to protect your organization at each phase is to understand how an attack unfolds.
In this article, I'll cover what happens in the aftermath of an attack. Hopefully, you've followed the necessary ransomware recovery steps to prepare for the 'before' and 'during' of an attack. Here, I'll discuss what to do next as you bounce back, reduce reputational damage and risk, and minimize the overall cost to your organization. [Business 2 Community, December 7th, 2021]
Most failed Security Operations Centers (SOCs) that I've seen have not failed due to a technology failure.
Lack of executive commitment, process breakdowns, ineffective workforces (often a result from poor management and lack of commitment . again) and talent shortages have killed more SOCs than any and all technology failures.
BTW, if somebody wakes me up at 3:00 a.m. and says 'Anton, what is the top reason why a security operation center may fail?' I would name the loss of executive commitment. I have seen too many SOCs that decayed over time as management lost interest in their excellence, then in their performance and finally in their existence... [Security Boulevard, December 10th, 2021]
Part mainframe, part mobile device, cars will increasingly become targets for cyberattackers.
Vehicle safety, which has long been a top concern for automotive companies, today equates to cybersecurity. That's because now more than ever, vehicles run on software.
They are fast-moving, highly connected data centers, part mainframe, and part mobile device, loaded with Internet of Things (IoT) devices. They are effectively mobile nodes operating at the edge of massive cloud infrastructure. And they will increasingly become targets for cyberattackers. [Dark Reading, December 7th, 2021]
Take a glance on social media on any given day, and we'll hear from commentators stating how there is a (cyber) skills gap and that it must be addressed if we are to meet the challenges we are all increasingly facing.
Let's be clear about something before we continue. If we are saying that there is a skills gap, then there are organizations out there that are ready to hire cybersecurity professionals now. The assumption is that these professionals don't have the right skills that the organizations are looking for.
But how true is this? [Security Boulevard, December 8th, 2021]
With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Market forecasts, drivers, and trends are explored
The identity, authentication, and access (IAA) market is set to grow by 13.4% in revenue in 2021, reaching $28.9 billion, according to Omdia's latest Identity Authentication Access Market Tracker. During 2021, the increasing number of security breaches and attacks has brought into even sharper focus the need for strong IAA technology. Identity has never been more important for cybersecurity than now. In this sense, COVID-19 merely turbocharged a tendency that had been underway for several years, i.e., identity adopting a central role in this market and being invoked in all the other areas, including infrastructure and data security. [DARKReading, December 10th, 2021]
Recommended by LinkedIn
Endpoint detection and response (EDR) is all about securing and monitoring all enterprise devices to effectively detect and respond to potential incursions
With so many servers, PCs, laptops, tablets, and smartphones accessing enterprise networks, an EDR tool is necessary to keep on top of things...
What Is Endpoint Detection and Response?
Endpoint detection and response (EDR) is about collecting and analyzing data from endpoints regardless of where they are in the network - in-house, remote, or mobile. The goal is to spot and stop attacks. As well as removing threats, EDR can help to trace the source of any attacks, so that such events can be prevented in future... [ServerWatch, December 6th, 2021]
With enterprises going to such great lengths to protect themselves against data loss, how does ransomware continue be such as an ever-present cyber security issue?
The reality is that ransomware continues to pose a major and costly threat to businesses, and misinformation only compounds the problem. With so many bad practices going around about ransomware and how to ensure that your data is protected, organizations are struggling more than ever on developing solid defense and recovery plans.
Join Nasuni and Microsoft in this panel discussion with guest, Brien Posey, to hear about their perspectives on ransomware protection in the cloud, and how a successful strategy minimizes downtime with the ability quickly restore productivity without having to pay attackers.
Hosted by TechTalk Summits [Wednesday, December 15th, 2021: 4:00 PM to 5:00 PM]
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Virtual | Live
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.
Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.
'Cybersecurity is no longer just an IT problem'
Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world's security leaders and gain other pressing topics of interest to the information security community.
The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world's security leaders.
Hosted by FutureCon [Wednesday, December 15th, 2021: 8:00 AM to 5:15 PM]
Join CSO's Bob Bragdon, NetWitness' Ben Smith and IT security leaders for a private, interactive, virtual roundtable.
In the face of escalating attacks and skilled resource shortages, SOAR (security orchestration, automation and response) is emerging to be one of the most effective solutions at addressing information security risks and has been identified as a top technology in this year's CSO Security Priorities Study. While there are a growing number of SOAR solutions available today, they are not always plug and play, and their effective implementation relies heavily upon how they ingest internal and external data and intelligence.
Topics to be covered during this virtual roundtable include:
Hosted by CSO and NetWitness [Thursday, December 16th, 2021: 1:00 PM to 2:00 PM]
The best foundation for a cybersecurity intelligence system is relevant and timely information about potential threats. Intelligence communities rely on a broad range of sources and information to identify and recognize bad actors. The IT world needs to do the same.
Collective information from the internet provides a rich source of data to mine timely information about credible threats.
In this webinar learn:
Hosted by ITProToday [Thursday, December 16th, 2021: 11:00 PM to 12:00 PM]
What is customer identity and access management (CIAM) and when should you build vs buy?
Okta, the leading provider of identity, is hosting a private wine speaker series focused on Customer Identity and Access Management. In this three part series, attendees will hear from subject matter experts on:
An overview of customer identity and access management and when should you build vs buy How to create secure, frictionless customer experiences to drive digital growth Unlocking long term business growth with customer identity and access management
Hosted by TechTalk Summits and Okta [Tuesday, January 11th, 2021: 5:00 PM to 6:00 PM]
Learn about the latest tactics and techniques threat actors are using to target enterprise email systems - Gain insight into how your users could be duped in social engineering attacks
Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, you'll learn about different tactics adversaries employ to steal from enterprises, including business email compromise (BEC) and stealing customer information. You will gain insights into how to recognize and defend against complex social engineering techniques designed to break into email.
Attend this webinar and you'll:
Hosted by DARKReading and Abnormal [Tuesday, January 18th, 2021: 1:30 PM to 2:30]