Neal’s Hot Take: Revisiting 2022 Prediction #1
Breaking down prediction 1: 2022 will be the year of “COVID security cleanup.”
Back in December, the executive team at Query.AI came up with six cybersecurity predictions for 2022 (check out the blog here). We’re not even three months into the year, and we’ve already experienced unforeseen events that have drastically changed the threat landscape and shifted cybersecurity priorities.
With this in mind, we thought we’d revisit our predictions throughout the year and see where things stand. In this post, we’re focused on our first prediction, “2022 will be the year of ‘COVID security cleanup.’” Here’s what we wrote back in December:
“When COVID-19 forced organizations to transform their business models practically overnight, companies did what they had to do to keep the lights on and their employees connected in a remote world. They deployed a voluminous number of new technologies in a sprint to sustain operations, and, in many cases, moved so quickly that they were unable to properly address security concerns. This has left CISOs stuck mopping up a big mess: plugging all the security holes introduced by organizations’ rush to digitally transform. Even with CISOs focused on COVID security cleanup, they can only move so fast, and we’re likely going to see significant fallout over the coming years (e.g., security incidents caused by cloud misconfigurations, excessive access rights and shadow IT).
That said, it’s not all bad news for CISOs. A side effect of this situation will be that more CEOs and Boards will begin to see cybersecurity as a business problem – and CISOs may finally get their long-awaited and deserved seat at the boardroom table.”
Well, the Russia/Ukraine conflict has thrown a wrench in the first part of this one, but bolstered the second. Let’s take a closer look at each.
While many security teams went into 2022 with a priority to clean up pandemic-related technical debt and security gaps, it quickly got bumped down their to-do lists when Russia infiltrated Ukraine. Over the last few weeks, companies have had to quickly shift gears to shore up their defenses against nation-state attacks and other cybersecurity threats resulting from this conflict.
This change in focus is understandable – and, in many cases, necessary. However, we can’t lose sight of the fact that the security vulnerabilities introduced by companies’ rush to the cloud may be the very opening that nation-state adversaries use to get onto corporate networks. So, rather than putting COVID security cleanup off for another day, we should think about security processes, protocols, and strategies we can implement that achieve both goals: mitigating successful nation-states attacks and bolstering your post-COVID cybersecurity posture.
For example, following are three areas to get you started:
- Attempt to verify your external attack surface through vulnerability scanning and asset inventories.
- Have your team increase the frequency they hunt for known, highly active, threat actors and campaigns.
- Increase the execution of tabletop exercises, even at some of the highest levels of leadership.
Reinforcing Security’s Role in the Business
The second half of our prediction talks about how the issues stemming from the global pandemic will cause more CEOs and Boards to begin to see cybersecurity as a business problem and invite CISOs to participate in Boardroom discussions. At the start of the pandemic, the million-dollar question became: “How do we ensure secure business operations in the new remote-work model?” This is an issue companies still deal with today. In doing so, it has become crystal clear to executives and Board members that downtime, data loss, data corruption, and network compromise resulting from bad cyber hygiene in this new operations model could have far reaching and damaging business consequences, including customer loss, a damaged reputation, and a hit on the bottom line.
Similarly, today, executives and Boards of Directors are racing to put plans in place to ensure business continuity amidst the Russia/Ukraine conflict – and they’re realizing that, given the element of cyber warfare, it’s impossible to have that conversation without the involvement of the security team.
Together, the global pandemic and the Russia/Ukraine conflict have taught us that we’re not dealing with the “business continuity” of yesterday – which was largely focused on maintaining operations through natural disasters. There are a variety of new and unexpected events that businesses need to prepare for – events and circumstances that have solidified the intertwining of business and security and proven the fact that cybersecurity is a business problem.
Stay tuned for another 2022 prediction analysis next quarter!