5 cybersecurity takeaways from 2022
Last week we revisited some of the most significant data breaches of the year. This week, we are taking one last look at some of the other cybersecurity trends that shaped 2022.
“Data breaches grab the headlines, but cybersecurity is about so much more than that – it’s about human relationships, staffing, new programs, protocols, best practices, innovation, and teamwork. We are always talking about the `next big thing’ in cybersecurity, but for now, the weak links continue to be humans. Still, the flip side is that cybersecurity’s most effective tool also happens to be humans. With cybersecurity, we are our worst enemy but also the greatest hope,” explains Trent Foster, a cybersecurity expert in Miami.
Looking at headlines, surveys, and research that emerged in 2022, we focused on five of the biggest takeaways in cybersecurity.
“It’s important to look back when we can because where we’ve been determines where we go,” Foster notes. Here are five of some of the most significant developments in cybersecurity in 2022:
The government has continued to promote zero-trust by formulating more best practices and protocols that companies are adopting with increased zeal, although sometimes the interpretation differs. The government isn’t just advising the private sector to get on board the zero-trust train; they are also ensuring their own house is in order, with various agencies vowing to adopt zero-trust.
The Department of Defense, for instance, laid out metrics and deadlines for the department to achieve full zero trust adoption by 2027. According to National Defense Magazine, Cybersecurity experts said the government and private sector should work together to leverage resources to enter the new regime successfully.
“Cyber-physical threats to critical infrastructure are one of our biggest national security challenges that we’re facing today, and the landscape that we’re dealing with has gotten more complex,” said Nitin Natarajan, deputy director at the Cybersecurity and Infrastructure Security Agency, during a MeriTalk event in October.
Zero-trust spending grew in 2022, and that is expected to continue into 2023.
2. Passwordless Authentication
Companies like Google, Apple, and Microsoft pledged to expand passwordless authentication offerings, influencing the trend to take off in 2022.
“When you can enter something besides a password to authenticate, you are adding a much more robust security regimen, and passwordless authentication can reduce costs and security risks for any organization, which is always a big win,” advises Foster. Passwordless authentication can include anything from biometrics to QR codes.
3. Cybersecurity Mesh Architecture (CSMA)
Technology research firm Gartner first proposed this framework, and it gathered proponents in 2022. CSMA is a collaborative approach that builds interconnectivity and communications between various cybersecurity products to enhance effectiveness.
“The whole concept behind CSMA is that it prevents hackers from exploiting different parts of a network,” Foster says, adding that it redefines the enter cybersecurity perimeter.
MSPs were big winners in 2022. Korn-Ferry, a technology consulting firm, reports that the shortage of IT talent costs companies 8.5 trillion dollars a year. It is estimated that the demand for IT specialists will increase by 22 percent through 2030, which is much faster than any other occupation. The Bureau of Labor Statistics estimates that by 2026, the shortage of technical talent will exceed 1.2M.
“This is where MSPs can help. Companies either have thin IT staff or none; MSPs can come in and fill that void. Although the talent shortage is hurting MSPs a lot, an MSP is still equipped to spread themselves out over multiple clients,” Foster explains.
5. Supply Chain Attacks
We heard about it over and over in 2022. Research shows 82 percent of CEOs believe their company is vulnerable to a supply chain attack. And statistics show a startling 98 percent of organizations have been negatively impacted by a cybersecurity breach that occurred in their supply chain, according to a new supply chain cybersecurity risk report.
“Supply chain attacks became a buzzword in 2022 because other aspects of cybersecurity have improved, so hackers have seen an opportunity to disrupt other areas of the ecosystem,” Foster says.
What will be the big 5 cybersecurity takeaways in 2023? We’ll have to wait a year to find out!
Photo: Skorzewiak / Shutterstock