The long-tail of COVID-19 and the evolution of ransomware
The long-tail of COVID-19 means security teams are having to deal with user sprawl and device sprawl, causing big headaches in 2022.
Dave Henderson, CEO - Sales & Marketing at BlueFort Security, says many organisations are finding themselves in a very different place than was envisaged in their three, four or even five-year strategies.
"These differences are being felt right across companies from new (and abandoned) product offerings, routes to markets, employees and physical office space," he says.
"The element that knits all this together is the underpinning IT infrastructure - and for IT and security teams this could cause the biggest New Year headache of all."
Henderson says IT strategies that were written even three years ago will become - in large part - a thing of the past.
"It was probably written when the company had physical offices, and most employees worked there.
"As we wave goodbye to 2021, offices are still largely empty. The concept of networking is increasingly difficult to define," he says.
"Security teams are having to deal with user sprawl and device sprawl. Instead of securing a main location of 1,000 employees, they’re now having to secure 1,000 branch offices each with one employee in it.
"The concept of all endpoints being in a secure network location is the thing of Christmas pasts. From a cybersecurity standpoint, the assumption should be that every endpoint is in a hostile situation."
According to Henderson, all of this means that in 2022, many IT and security teams will spend a large chunk of time reviewing what they’ve done in the previous 12 months, and in many cases, undoing some of those things.
"A recent study found that 30% of CISOs admitted that since March 2020 they’ve lost track of movers, joiners and leavers, and 29% stated they are missing corporate devices," he says.
"For these guys, IT discovery will become the number one priority in 2022. Why? It’s simple. You can’t protect what you don’t know is there."
Ian Jennings, CEO - Technical & Operations at BlueFort Security, says one of the biggest, and most serious, cyberthreats that companies face today is from ransomware.
"To illustrate the point, PwC UK claims that its threat intelligence team has tracked more ransomware incidents globally up to September this year than for the whole of 2020," he says.
"In 2022, despite security teams’ best efforts to mitigate this threat, the cybercriminals will inevitably remain one step ahead and the scale of attacks will increase and become ever more sophisticated."
Jennings says the business of ransomware will continue to evolve - and not in a good way for those that fall victim.
"As it stands right now, if a company is successfully targeted in a ransomware attack, the perpetrators demand payment for the safe return of the data," he says.
"If the target refuses to pay, the data is encrypted - and the organisation finds itself in a disaster recovery scenario. Far from ideal."
According to Jennings, as we look ahead, we’re going to see the stakes significantly raised.
"Data will be stolen, a demand for payment will be issued, but if the victim does not pay, the data will be published on the Internet for everyone to see," he says.
"Depending on the information contained in the leaked data, the potential fallout in this scenario could literally be the difference between life and death."
Jennings says the key challenge that security teams face is mitigating the ever increasing cyber risk brought about from the growing complexity of environments.
"To help overcome this challenge it’s vital to compile an in depth - and ongoing - view of the organisation’s IT estate," he says.
"If you want to apply effective security controls, knowing what assets you have within your environment is fundamental. It’s far easier to protect things that you know about."