2021 was a banner year for cyber attacks. Compared to 2020, last year saw a 50% increase in attacks per week on corporate networks, even as the total cost of managing a cyber attack rose by 10%, according to IBM’s Cost of a Data Breach Report 2021. Add in the ongoing shift to hybrid work at scale and of course, there would be concern about the cyber resilience landscape in 2022.

It begs the question: is the new year destined to see the same risks causing even bigger problems for enterprises? That’s one option, but, thankfully, it’s not the only one. With the right approach, businesses can take proactive steps to reduce their total risk.

Facing Familiar Cyber Resilience Frustrations

Phishing. Ransomware. Business email compromise. The attacks aren’t new, but they’re certainly persistent. Consider phishing, which reached an all-time high in Q3 2021. Despite ongoing efforts to keep users off the hook, phishing attacks continue to wreak havoc on corporate systems.

The move to remote connections, meanwhile, also allowed ransomware to flourish, with each month in 2021 outpacing its 2020 counterpart for the total number of attacks. What’s more, compromises such as the Colonial Pipeline make it clear that even critical infrastructure isn’t safe from potential compromise.

For many enterprises, the result is a kind of defensive deja vu. Familiar frustrations continue to flourish even as the monetary and operational risks of data breaches continue to rise. And while it’s impossible to get rid of every attack vector, there are ways to limit the chance of compromise.

Here are six resolutions that can help boost cyber resilience for a safer 2022.

Make Employees a Priority

Staff plays a critical role in effective cyber resilience. Knowledgeable employees can help spot potential attacks and stop them in their tracks. However, they can also make matters worse by mistake.

Consider that more than 50% of employees want to work from home “all or most of the time” even after pandemic pressures subside. This creates a challenge. While remote work is at least as (if not more) efficient than its in-office counterpart, at-a-distance operations increase the risk of attacks that may go unnoticed and unreported until it’s too late.

As a result, employee education and training are essential to boost baseline cyber resilience. In practice, this means setting up a regular schedule that sees staff trained both in groups and as individuals to recognize, respond to and report suspicious behavior.

Take a Hard Look at Current Networks

The speed of many remote work transitions had left enterprise networks held together with digital duct tape and good luck. Everything works, but for how long?

As a holdover from the initial push of pandemic response, it’s easy to pass over these network configurations in favor of more obvious threats. Consider the widespread use of virtual private networks (VPNs) a stopgap-turned-standard to manage remote connections. While VPNs offer some measure of protection, they also present the dual problem of massively increased attack surfaces combined with overall performance degradation as more high-bandwidth connective and collaborative services are delivered over VPNs.

Although it’s a daunting task to consider moving away from VPNs to more robust security frameworks such as zero trust, taking a hard look at current networks is critical to help spot potential issues before attackers exploit them.

Break Systems to Boost Cyber Resilience

Speaking of less-than-ideal systems, 2022 is a great time to start breaking them to see what happens. Why? Because if IT teams don’t, attackers will. Look at Log4j attacks, which continue to evolve as new vulnerabilities are discovered. Rather than waiting for malicious actors to do the work, it’s worth breaking what you have to see where fixes make sense.

If you have the staff in-house, red team exercises can help pinpoint potential problems. If not — or if you’re looking for an outside viewpoint — professional penetration testing can help shed light on issues that might otherwise hide in plain sight.

By finding out exactly what happens when systems are under attack, enterprises can rebuild better solutions capable of addressing these concerns.

Forsake Low-Value Frameworks

Not every security tool and technology offers equal value.

Consider legacy solutions such as static firewalls and authentication frameworks that rely on single knowledge factors or insecure SMS codes. While these systems provide ease of use, this benefit extends to users and attackers alike. Poorly-chosen passwords can be easily guessed, while SMS codes can be caught en route to users.

Solutions such as next-generation firewalls can help. These are capable of moving past port and protocol inspection to offer deep-packet analysis and application-level evaluation. The adoption of multifactor authentication (MFA) frameworks, meanwhile, can help protect both local and remote office endpoints.

Retake Control of Your Cyber Resilience Narrative

The teamwork nature of threat efforts — from as-a-service malware tools to dark web markets that include ‘customer service’ for would-be threat buyers — often puts them ahead of the curve. The result? Reactivity becomes the cornerstone of infosec. In turn, that puts teams on their back foot when it comes to handling cyber threats.

In 2022, companies can take control by rewriting infosec narratives with a proactive approach to cyber resilience. This starts with prevention. Every attack found and removed before it reaches corporate networks means less work for IT teams and less risk for enterprises. Automation also plays a critical role. By deploying solutions capable of containing and analyzing detected threats by themselves, businesses can gain critical insight into attacker efforts.

Last but not least, examine your approach to incident response (IR). While the ‘response’ aspect of IR is reactive, the narrative surrounding it doesn’t have to be. By shifting the focus from one of inevitability around systems being compromised to one of opportunity — that attacks afford the benefit of incident insight — teams can rewrite their security story.

Shake Up the Status Quo

If it’s not broken, don’t fix it.

While this is great advice for day-to-day, it applies less to cyber resilience. Attackers are betting on the elements of stealth and surprise to obfuscate their efforts. As a result, it’s worth shaking up the security status quo by exploring new tools and technologies such as AI-driven, automated endpoint defense and advanced threat hunting solutions capable of taking the fight to attackers, rather than waiting for them to come to you.

New Year, New You

Don’t let cyber resilience in 2022 stay static. Instead, adopt resilience resolutions that focus on pinpointing potential problems, leaving low-value frameworks behind and creating value with new security narratives.

More from Identity & Access

CISA, NSA Issue New IAM Best Practice Guidelines

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) recently released a new 31-page document outlining best practices for identity and access management (IAM) administrators. As the industry increasingly moves towards cloud and hybrid computing environments, managing the complexities of digital identities can be challenging. Nonetheless, the importance of IAM cannot be overstated in today's world, where data security is more critical than ever. Meanwhile, IAM itself can be a source of vulnerability if not implemented…

4 min read

The Importance of Accessible and Inclusive Cybersecurity

4 min read - As the digital world continues to dominate our personal and work lives, it’s no surprise that cybersecurity has become critical for individuals and organizations. But society is racing toward “digital by default”, which can be a hardship for individuals unable to access digital services. People depend on these digital services for essential online services, including financial, housing, welfare, healthcare and educational services. Inclusive security ensures that such services are as widely accessible as possible and provides digital protections to users…

4 min read

What’s Going On With LastPass, and is it Safe to Use?

4 min read - When it comes to password managers, LastPass has been one of the most prominent players in the market. Since 2008, the company has focused on providing secure and convenient solutions to consumers and businesses. Or so it seemed. LastPass has been in the news recently for all the wrong reasons, with multiple reports of data breaches resulting from failed security measures. To make matters worse, many have viewed LastPass's response to these incidents as less than adequate. The company seemed…

4 min read

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

8 min read - View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

8 min read