Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityTechnologies & SolutionsSecurity Leadership and ManagementLogical SecuritySecurity & Business Resilience

4 critical security strategies to prevent cyberattacks in 2022

By Tyler Farrar
cyber security
March 1, 2022

The growing threat of cyber adversaries loomed over organizations throughout 2021, and it shows no signs of slowing down as we enter March 2022. 

As teams continue to work from home or test out hybrid work models, their security frameworks have often been insufficiently protected against sophisticated cyberattacks. Nation-states, organized crime syndicates and other cybercriminals have capitalized on this opportunity, using a variety of methods to exploit weaknesses in organizational systems. This resulted in 61% of organizations that fell victim to a ransomware attack in the last two years being forced to pay the ransom, and by October 2021, publicly reported data breaches had already surpassed the total for 2020.

2022 presents an opportunity for businesses to take an active role in protecting their sensitive data and preventing hackers from turning them into the latest headline for all the wrong reasons. Read below to see how organizations can best prepare themselves for the future threats that may come this year and beyond.

Quality leadership

While it’s no secret that quality leadership is critical to running a successful business, ineffective leadership can greatly increase the risk of cyberattacks. With the rise of breaches that security professionals can expect to continue into 2022, an effective defense starts with strong leaders. It’s imperative that leaders adapt to new work dynamics significantly faster than they’ve historically had to, particularly when it comes to how cyber adversaries will plan to manipulate them.

Security professionals will be put under more pressure in this cybersecurity climate. In this scenario, defenders' networks, which are already riddled with holes and missing capabilities for digital adversaries to exploit, will fall short of meeting the fundamentals of relevance. Leaders that focus on the “why” rather than the “how,” and reflect on their talents to lead, retain and recruit their employees will come out on top.

A stressed and inefficient security operations center (SOC) makes a company a target, resulting in the loss of brilliant employees in an already competitive industry — and the potential loss of business due to data breach-related reputational harm. Instead, SOC leadership should keep a close eye on employee morale and job satisfaction.

From a technical and human standpoint, the challenge now is: how quickly can the defending company respond to such frequent and rapid attacks — and enhance corporate culture in the process? Cybercriminals are increasingly targeting businesses that are undergoing major financial events, such as acquisitions and mergers, because security teams are likely to be unstable, stressed and managing integrations during this time. In addition, C-suite executives must guarantee that they are not the weak link in the cybersecurity chain, as they are also among the biggest targets for attackers.

This cybercrime tidal wave will not be going away any time soon. Still, if SOC employees focus on knowing the adversary and hire leaders who focus on fostering a positive culture that improves morale, a better defense outcome can be achieved.

Constant visibility and improvement

For businesses, ransomware is an end problem. It's not a question of being hit by a cyberattack and then wondering, “What do we do now?” because it's far too late by then. Rather, the question should be, “How do we make ourselves less of a target to begin with?” The essence of the issue is that businesses have a false sense of security, believing that they are immune since they've implemented a new compliance tool or moved to the cloud. It's not as straightforward as that. Cybersecurity isn't a one-and-done exercise. Too many businesses still have the idea that they can get away with ignoring the fundamentals of basic cyber hygiene.

Having visibility across enterprise systems is the first step. Simply said, if security professionals don’t have a full view of their assets, they cannot protect them. This knowledge will aid teams in gaining a clear grasp of normal user account and device behavior, allowing them to recognize anomalies more easily when they occur. Furthermore, distributed workforces and a work-from-anywhere culture have resulted in less visibility, control and knowledge of abnormal user behaviors.

The combination of scattered workforces and more employees utilizing personal devices for work will continue to increase the danger of “Bring Your Own Device” (BYOD) security concerns, resulting in larger attack surfaces and greater vulnerability to security threats.

Controlling access points

What do ransomware, phishing, advanced persistent threats (APTs) and other similar threats have in common? Access. Organizations should expect all of these attack tactics to develop in 2022, but initial access brokers (IABs) are a critical area to watch out for that is oftentimes overlooked.

Initial access brokers are criminal individuals or organizations that resell credentials on the dark web. Buyers can then utilize the information to do more damage to a business while remaining unnoticed.

This information will continue being used by nation-state entities in particular to carry out ongoing and persistent access attacks. They will keep developing exploits in the hopes of launching a full-fledged cyberwar in the future, similar to trench digging in conventional warfare.

Controlling access points and reducing overall dwell time are critical to thwarting today's most common attack methods. One of the simplest avenues for businesses to do so is to prevent compromised credentials incidents, which account for 61% of breaches today, and to monitor user behavior. This gives the context needed to rebuild confidence and defend user accounts in real time, thereby stopping fraudulent access in its tracks.

Collaborative efforts

With worldwide ransomware payments expected to reach $265 billion by 2031, hackers now have the resources they need to collaborate in new and improved ways to breach organizational frameworks all over the world.

As 2022 progresses, it's encouraging to see businesses prioritize cybersecurity. In order to combat the growing threat that cybercriminals pose to industries of all sizes and types, 2022 will be a test of how successfully everyone can work together, prioritizing collaboration over competition. Given cybercriminals have demonstrated that they are well-coordinated, the only way they can be defeated is for security teams to be equally as coordinated in their defensive efforts.

The fact that governments are now mobilizing and acting against cyber threats is another sign of the importance of teamwork. Previously, it was up to each company to fend for itself, which inevitably exacerbated the asymmetry between well-funded attackers and individual defenders and resulted in costly breaches. Governments are taking a stand and pushing comprehensive, joint efforts in the battle against cybercrime, as evidenced by initiatives like California's Cal-Secure plan. Government support is critical as cyberattacks can have disastrous implications for both the public and private sectors.

As cyberattacks grow in sophistication and harm by the year, it’s no longer an option for organizations to stand by and hope for the best. They must remain vigilant and always be prepared for what may come their way because recent history has already shown that any organization, no matter how large, may very well be the next victim. Investing in best practices as well as in the continued development of cybersecurity professionals can ensure that the only direction cybercrime trends move in 2022 is downward.

KEYWORDS: access control Bring Your Own Device (BYOD) Chief Information Security Officer (CISO) cyber attack cyber security research public private partnerships ransomware

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Tyler Farrar is the Chief Information Security Officer (CISO) at Exabeam.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Red laptop

Cybersecurity leaders discuss Oracle’s second recent hack

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • online shopping cyber security

    Top 3 online retail fraud methods and how to prevent them in 2022

    See More
  • email-warning-freepik1170x658.jpg

    1 in 4 employees who fell victim to cyberattacks lost their jobs

    See More
  • globe internet

    4 cybersecurity strategies for resilience in global crises

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing