a hand on a laptop keyboard mousepad, logging in with username and password

Cybersecurity – How to stay ahead in 2022

Staying ahead with cybersecurity in 2022 is as great a priority as it has ever been. With new penalties in place for data breaches, security is critical to business survival. The challenges of the pandemic and resultant shift towards hybrid working have given security leaders much to consider as they adjust policies and protocols for this new environment.

To learn how to keep pace with increasingly advanced threats, we held a Twitter Q&A session hosted by one of our #KingstonCognate influencers, Prof. Sally Eaves. She was also joined by our community of experts, giving us some valuable insights and predictions for the coming year.

Evolving cyberthreat: The how, why and where

With the global switch to remote working and the rapid expansion of user devices for each network, came a threat landscape that vastly widened overnight. In addition, cyberthreat expansion and the associated risk has the potential to exploit newfound vulnerabilities along myriad new attack vectors:

Prof. Sally Eaves (@sallyeaves) also observes “Cybersecurity as a service is rising too - for example $250 Attackers are for Hire Per Job (& Up!) Denial of Service circa $311 per month. The list goes on - the growth of the cybercrime economy is significant.”

Along with increasing threats, attack frequency and sophistication are also on the rise. But why the change? “Ransomware, identity theft, social engineering and critical infrastructure failures are cybercrimes suitable for the digital era as human behaviour and interaction are increasingly influenced by technology” says Giuliano Liguori (@ingliguori).

Perhaps the most striking difference is that the company size is no longer important. In the good old days past, big fish such as enterprise networks were the target. Now everybody is a potential victim.

In Bill Mew’s (@BillMew) view “It is an ongoing cybersecurity arms race with both sides using AI and other advanced tech. As fast as the white hats use it to find and patch vulnerabilities, the black hats use it to find and exploit them”.

What is keeping CISOs up at night?

a man using his laptop and phone at work in the office at night

According to Prof. Sally Eaves, threat actors are changing tactics which is a major cause for concern. Take ransomware for example, “I predict that rather than holding a company's data hostage via encryption they may actually threaten to expose data and make customers choose between paying a ransom or facing regulatory fines. I think shifts like these are especially interesting – it is so true that expression, the only constant is change.”

CISOs are also faced with the challenge of measuring human risk. Unfortunately, risk management is less simple to quantify when it comes to the effects of awareness, training and culture spend vs physical equipment.

And with cybersecurity attacks against firmware outpacing investments to stop them, budget and resources for threat protection are additional areas of concern. “CISOs who know they genuinely lack resources to do the job properly would worry lots about what might be happening without them being aware. Others might worry about ‘social’ hacks of individuals that turn someone into a threat from within.” says Rafael Bloom (@RafiBloom73).

Ultimately, cyber resilience is underpinned by education, which will enable us to keep up with the pace of change. However, often the budget to adequately educate users is never anywhere near where it needs to be, or anywhere near as refined and role specific as the threats demand. In Ellie Hurst’s (@Advent_IM_Comms) experience “Tech always gets the lion's share, yet we know breach is so often caused by behaviour.”

Essential first steps towards better cybersecurity

According to Prof. Sally Eaves, getting the basics right is an essential move, requiring you to “audit where you are, improve visibility, reduce data noise and complexity, improve attack response resiliency. After all, 98% of attacks are negated via good cyber hygiene”.

Bill Mew adds that as well as good cyber hygiene, starting with the basics should encompass “1. Training and awareness - especially on phishing. 2. MFA (multi-factor authentication). 3. Cyber essentials like patching, anti-virus and firewalls.”

Sarah Janes (@SarahkJanes) reminds us that “more support is needed from central sources. It is not just about money but providing skilled people to facilitate the changes needed and work with businesses on a 1-1 basis.”

Regular updates and patches, together with password complexity guidelines and blocking unnecessary firewall ports, can all help strengthen security. In addition, Neil Cattermull (@NeilCattermull) believes that data mapping and monitoring plays a major role. He suggests that a regular delete of un-necessary stored data, data minimisation followed by access limitation, and a clear data retention policy can help businesses better protect their sensitive information. “Today, you must assume that every data touch point needs securing. The time you don’t is when you get hacked!”

No matter where you are on your entire cybersecurity journey, Kate Sukhanova (@ThisIsKateS) suggests every business should “make systems and products secure by design, rather than treating cybersecurity as an afterthought.” And since the digital ecosystem of SMEs is a growing target of cyber-attacks, “to create an ecosystem that is more resilient, collaboration and partnerships are essential” adds Giuliano Liguori.

The role of endpoint cybersecurity

Securing endpoints plays a very important role in cybersecurity health of any organisation. As a starting point, a focus on data loss prevention is critical, looking at the data that exists locally with your employees. Encrypted USBs can be very effective here, helping ensure that sensitive data can be stored and transferred securely.

Roland Broch (@rolandbroch) recommends that “all endpoint devices should ideally correspond to a defined security level and comply with the company's compliance requirements.” Since an endpoint can be any device that connects with IT from outside its firewall, every point is a potential point for attack - and therefore needs to be secured and managed. Elena Carstoiu (@elenacarstoiu) highlights that this is especially critical “in a business world that allows BYOD at work with the very same devices one uses with random Wi-Fi networks and in various usage scenarios.” Endpoint detection and response (EDR) is a growing field, with endpoint security solutions in great demand, likely driven by the expansion of traditional centrally managed enterprise networks. However, when the cyber ‘weakest link’ is the user operating the endpoints, how do you get the balance right when it comes to control? “Lock it down too much and it is a barrier to productivity, leave it too open and it is a hacker’s invitation!” says Nigel Tozer (@NigelTozer).

So, what is the answer?

Kate Sukhanova thinks “encryption should be the default - but it must be combined with zero trust as it offers little defence against social engineering on its own.” New technology is also playing its part, with “operating systems like Android and iOS now building in an endpoint protection like biometric ID, password management, together with support for multi factor authentication” observes Rafael Bloom. Some endpoint protection platforms use sophisticated methods such as machine learning to automate investigations.

With all of this taken into account, is there a finish line? Perhaps not, according to Prof. Sally Eaves who thinks there is a heightened risk that may continue to grow. “Alongside endpoint choice, flexible working and apps everywhere means once traditional trust boundaries using perimeter security simply no longer exist.”

Endpoints are not “yours” anymore, with Bill Mew in agreement believing that “there is no silver bullet or absolute guarantee (even the NSA got hacked)”. He concludes that rather, a combination of risk awareness, cyber hygiene and intelligent use of tech and methodologies like zero trust, SASE and EDR solutions will be your best bet in protecting your ever-evolving endpoint security landscape.

At Kingston Technology, we consider ourselves trusted advisors in the encrypted USB space. We know that planning the right solution requires an understanding of security goals. Our Kingston Ask an Expert team can help you mitigate risk with our encrypted USB solutions. Kingston Is With You, no matter what you do, working to support your business needs. While 2022 may be full of unexpected challenges and opportunities for organisations, we are confident that our solutions can support businesses in any of their technology challenges.

#KingstonIsWithYou

Ask an Expert

Ask an Expert

Planning the right solution requires an understanding of your project’s security goals. Let Kingston’s experts guide you.

Ask an Expert

Related Articles