Cybersecurity risk management remains a struggle for many organizations, and security teams are struggling to keep up with the threat landscape as it evolves.
Even worse, cyberattacks are growing more sophisticated. For example, the Log4j security vulnerability in late 2021 affected million of companies, including Amazon and Cisco.
The evolution of these cyber risks has a substantial impact on cybersecurity trends, and it's critical for organizations to adapt quickly to respond to the latest threas, according to Vulcan Cyber's Cyber Risk in 2022: a 360° View report.
The report, developed by the Vulcan Cyber in-house research team, Voyager18, highlights the biggest developments and underlying narratives to cyber risk in 2022, and suggests ways to improve and maintain security posture as we enter 2023. Vulcan Cyber and the Voyager18 team worked with Gartner Pulse, tapping into its social research platform of CIOs, CISOs, and other tech leaders to develop a clear view of the factors that are most important to the industry.
According to the report, some of the leading cyber risks and cybersecurity trends in 2022 include:
1. Malware on the rise
Malware attacks continue to plague businesses across industries. Malware, including spyware and ransomware, represent the highest cost of damage for organizations, followed by data breaches.
2. Rise of ransomware attacks
Ransomware shows no sign of going away. In recent years, ransomware has grown into the most common and visible threat. Security teams seemed to be getting better at defending against ransomware attacks.
3. Zero-day attacks
The good news is that the number of zero day attacks is significantly lower than the 80 zero-day exploits recorded in 2021, and almost 40% of all zero-day exploits recorded over the last decade, Dark Reading reports.
4. Remote code execution
These attacks can lead to malware execution that provides the attacker with complete control over the compromised machine.
5. Attack surface expansion
With hybrid working models on the rise, the attack surface is increasing daily. It is, therefore, no surprise that remote attacks have grown more prevalent and severe.
6. Digital supply-chain risks
Going forward, it is important for security teams and risk management leaders to strategize and prioritize digital supply-chain risk. This approach will help drive software partners across the supply chain to demonstrate security best practices.
7. Cybersecurity mesh
As cyber risks evolve, cybersecurity mesh architecture will help CISOs respond better to future security and cyber risk management challenges.
8. Zero trust
Security teams must implement zero trust measures to ensure the organization’s workforce does not become an attack surface of its own.
“In cybersecurity, we all have a common goal,” said Yaniv Bar-Dayan, CEO of Vulcan Cyber. “Unfortunately, so do malicious actors. This report is meant to help establish best practices for protecting our networks by putting the trends and vulnerabilities into actionable context for practitioners. The more common ground we can establish and maintain in the way of best practices for vulnerability management and overall cybersecurity, the better protected we are.”