How should you look to safeguard your critical assets moving into 2022? We have put together 7 key recommendations to help you secure your organisation in 2022.
1. Prepare for Ransomware 2.0
Ransomware attacks are not only using more complex methods that can infect a system and traverse throughout an entire network, but threat actors like Ragnar Locker are increasing the damage by both holding data hostage AND threatening to release that confidential data to the public if the ransom isn’t paid. This means that prevention is critical. If an attacker successfully gains access to your systems and encrypts them there is no guarantee that the hacker will give you a decryption key. The best course of action is to be proactive to truly reduce the chance of an attack.
- Take inventory of all data assets
- Monitor access to them to identify malicious behaviour
- Use the law of least privilege when granting administrative authorisation to employees
- Continually monitor, patch, and update all software and/ or devices
- Regularly back up critical data assets
- Be prepared to respond quickly to an incident before it escalates further
2. Get to Grips With a Remote First World
With the upsurge in employees working from home, businesses need to spend time maximising the security of remote access. Consideration needs to be applied to the security of the users’ devices, how, and what they are granted authorised access to on corporate systems, and how to protect that data once access is permitted. Undertaking a review in these areas will result in the identification of security risks within the remote working environment and provide the right insight needed to formulate effective access control processes and digital and physical data asset usage policies. This review will likely uncover areas of endpoint and identity that need attention and can be the starting point of your journey to Zero-Trust.
3. Consolidate Security Products
Another core theme across the industry is organisations working towards consolidation of security tools they use in a bid to combat sprawl. Not only does this increase return on investment but it also increases productivity when selecting tools that work effectively together. Secure Service Edge is an example where this architectural convergence is coming to the fore, resulting in vendor consolidation across Secure Web Gateway, zero trust network access and Cloud Services Access Broker. Firms can do this by establishing a target security architecture for this new age and adopting guiding principles for the acquisition of new products. That means assessing what security tools are in use throughout the environment, what data they’re protecting, and whether existing or potential tools add transparency over security events or increase complexity in the environment and create silos.
4. Your Identity Strategy has Never Been so Critical
With cyber criminals becoming more sophisticated at social engineering, impersonation, and manipulation, it’s becoming more difficult to verify that someone is who they say they are. Identity is very much the new perimeter. Organisations need to invest in identity and access management to authenticate authorised users and determine who has access to privileged information, particularly for those who are working from home or via cloud services. MFA must be ubiquitous. In addition to identifying users, the expansion of cloud-enabled digital environments will call for organisations to also get to grips with Machine Identities. Machine Identity Management establishes and manages the trust in the identities of machines such as virtual machines, containers and IoT devices.
5. Test Your Security Posture with Breach & Attack Simulations
In many cases, you don’t know if your defences can stand up to a cyber attacker until you’ve been attacked. Using a combination of penetration testing, breach and attack simulations (BAS), and defensive posture assessments is essential for measuring your overall security readiness and assessing your ability to stave off external threats. Many organisations are now conducting breach and attack simulations rather than solely penetration testing as it allows them to comprehensively identify how effective their existing security controls are and help them identify blind spots so that they can prioritise future technology investments. In that regard, research indicates that the automated BAS market will grow at a CAGR of 33.55% between 2021-2028.
6. Containment & Response with XDR & MDR
While prevention is important, it’s also necessary to recognise that you can’t always keep out sophisticated cyber threats, particularly if you’re targeted by experienced attackers or an Advanced Persistent Threat (APT) group. For this reason, Extended Detection and Response (XDR) solutions that provide visibility, advanced threat detection and containment across endpoint, network and cloud within a consolidated platform will become essential to managing threats across all attack vectors. First-class incident response expertise are critical for containing security incidents in the shortest time possible. By enlisting the help of a Managed Detection & Response (MDR) service, you can work alongside an external team of cyber security experts who can advise you on how to keep your network secure and respond to security incidents in real-time to mitigate the damage.
7. Privacy Laws Will Expand
Another key trend that organisations need to be prepared for is the extension of data privacy laws as data protection regulations are implemented in different nations across the world. Within the last 12 months, Brazil has introduced their General Data Protection Law (GDPL) and China has adopted their Personal Information Protection Law (PIPL). In an environment with more data privacy regulations than ever before, global or multinational corporations should ensure practices like GDPR extend across the business as a whole in readiness, and then, adjust their best practices to cater to local requirements. With more regulations, organisations will need an automated privacy management program to keep up with increasing internal and local requirements and ensure consistent compliance.
If you have concerns around any of the seven areas highlighted in the above blog or would like to discuss any of these areas in further detail please contact us to arrange a meeting with some of our expert team.