In part one of our 2022 cybersecurity predictions series, Devo CSO Gunter Ollmann explained the rise of XDR, the detection-as-code and response-as-code movement, and the growing interest in security tools with built-in, on-demand expertise. In this second installment of our series, I share my take on how the cybersecurity landscape will evolve.
Let’s dive into it:
1. Web3 will attract more users and developers
Web3 is a new term designing a new web infrastructure using blockchain, ledgers and peer-to-peer for resiliency. Those solutions are working at scale already in other areas. Merging them to the Web will change the face of the internet for quite some time. Since one single failing server will not be a problem anymore (exit 404 errors!), and blockchain security can solve the third-party problem of TLS certificates, it will address two of the biggest pain points everybody has with the Web as it stands today.
However, just like any new software stack (even for Polkadot written in Rust) vulnerabilities exist. For 2022, it will not matter too much for the end user yet, however, it will greatly help if the protocols and software stack of this new world are hardened.
2. Security stacks will be tested for their purpose
One big problem that’s well known by everybody in the software security industry is antivirus software does not detect all viruses, EDR can be bypassed, and some SIEMs — although they have all the data — can be hard to use for detecting targeted threats (alert fatigue sounds familiar?), etc.
Recognizing this is a good first step in the right direction.
Testing alerts is one thing, but how about the attack logic (the famous TTPs)? Or one can detect an attack only based on well-known IP addresses or domains that expired some time ago and attackers now are using new ones.
Testing the logic helps teams to breathe because they become aware of what they can improve in their process: is there missing software that’s preventing you from getting the logs you need to achieve better security visibility? Is the team staffed appropriately? How much of the attack has been discovered? Etc.
In 2022, every mature organization will need to be conscious of this problem and start using attack simulation tools to identify and understand their weaknesses — before the attackers do.
As Devo CSO Gunter Ollmann mentioned in part one of this series, the only thing that’s certain in cybersecurity is that the cyberthreat landscape will always continue to change. Hopefully, these insights from our team help your security team prepare for what’s to come. Ultimately, however, they should be prepared to constantly pivot.