TOP LESSONS LEARNED BY CYBERSECURITY TEAMS IN 2022
More significant data breaches occurred in 2022, including Microsoft which experienced a massive data breach, and hackers have been accused of stealing the source code for Cortana, Bing, and several other Microsoft products. In specific high-profile incidents in 2022, Samsung and Nvidia were also attacked.
In the field of cybersecurity, reviewing and looking back means taking measures of how the threat landscape has changed over time and the lessons that security teams learned from this cat-and-mouse game in 2022 that they can take into the next year and beyond.
It Is Essential To Use Robust Authentication And Lessen Reliance On Passwords:
"We have observed a considerable rise in the amount of broken, stolen passwords," said Darren James, head of IT at Specops Software. "Our full database of unique passwords has nearly doubled from 2.7 billion to 4 billion in 2022."
When combined with bad 2FA or MFA selections, stolen credentials are still a highly sought-after commodity on the black market and continue to be a severe risk. Therefore, more robust authentication is the first measure to secure a network. A form of authentication that lowers the danger of stolen credentials is essential as more workers work remotely or in hybrid environments. Authentication is just as good as its implementation.
Untrained Employees Can Cost A Company Millions Of Dollars:
Employee education and awareness should be a key component of any organization's defensive plan since "workers continue to be targeted in threat actor initiatives through phishing and other social engineering techniques." The attacks by the Lapsus$ group should warn that they can defeat even the most effective cyber defenses if attackers take advantage of vulnerable areas in the system. Employers must be proactive in teaching staff members about cyber threats and how to detect and stay safe from them.
Network Security Should Be The Priority:
Protect every device as networks grow increasingly spread. Knowing whose devices are connected to your network is crucial, especially if you permit employees to use them. To improve your security posture, several security professionals advise being proactive and converting to a zero-trust architecture.
Identify Vulnerabilities With More Effort:
Additionally, businesses must do more to stay on top of open-source and proprietary software vulnerabilities. However, this is a complex undertaking, given that hundreds of bugs appear yearly. Using vulnerability management solutions, operating system and application vulnerabilities may be identified and prioritized.
Organizations Must Take Additional Precautions To Guard Against Supply Chain Cyberattacks:
Recommended by LinkedIn
Supply chain breaches have emerged as a major cybersecurity threat in 2022, with multiple events garnering media attention, such as the cyberattacks that compromised Okra and the GitHub platform.
Most businesses rely on digital resources in some way now, and the supply chain is heavily digitized. Your system becomes connected to theirs because of your dependency on another organization's services. Therefore, a strike on one side may weaken the other. Due to this, businesses must carefully select their service providers and implement security processes to guard against hackers using these connections to access essential data.
Continuous Work Should Be Put Into Security:
Quite so many businesses outside of technology believe that cybersecurity is something you do once and are then protected. Nevertheless, because technology constantly evolves, safeguarding it should be a continual endeavor that demands a risk management strategy. Making the procedures or solutions that would lower the risk to that level a priority would be a brilliant idea.
There Is No One-Size-Fits-All Approach In Cybersecurity:
Co-founder of Halborn and former CISO Steven Walbroehl asserts that a hammer is designed for a nail, not a screw. His purpose? He argues that developers or businesses should avoid trying to generalize security and regard it as a solution that can be applied to all assets or resources. We should all do our hardest to locate cybersecurity products or services tailored to or functional with the specific technology that has to be secured.
Keep Sensitive Information Out Of Plaintext:
Never save confidential material in plaintext, especially credentials to privileged accounts or systems. Sensitive data encryption is a crucial need of regulatory standards and best practices. It also serves as a security control that necessitates unique access, which should be granted with extreme caution, to utilize cryptographic assets to access the data fully.
Have A Response Plan:
Among the most critical things we've learned this year is that a purely reactive strategy to cybersecurity may hinder or jeopardize a competitive edge in the industry, economic condition, and market expansion. In all likelihood, 2023 will be exhausting for CISOs. They will once more encounter difficulties on all fronts. As part of your business continuity and disaster recovery program, be prepared for the worst-case scenario with cyber insurance, a data backup strategy, and a reaction plan.
Phishing Goes Beyond Email:
The key takeaway from this incident is that email security is no longer the only concern regarding phishing. Cybercriminals are luring employees into inputting their user names, passwords, and MFA credentials by exploiting actual cloud app URLs to take them to forged login sites. Cybercriminals have persuaded even some workers to grant access to data using "imposter applications." Phishing tactics leverage various platforms, including search engines, social media, blog sites, and legal services like Google Docs and Microsoft OneDrive.
In 2023, cyberwarfare will still be a problem since there will still be people and organizations trying to wreak havoc online. To keep ahead of these challenges, organizations need to comprehend cyber threats and how they can protect themselves. Therefore, if you work in cyber security, you should take the most constructive attitude to any breach or incident reports and try to learn as much as possible from them.