Trend Micro has predicted global organizations will emerge more alert and better prepared in 2022 thanks to a comprehensive, proactive, cloud-first approach to mitigating cyber risk.
Research, foresight, and automation are critical for organizations to manage risk and secure their workforce. Trend Micro blocked 40.9 billion email threats, malicious files and malicious URLs for customers in the first half of 2021 alone – a 47% year-over-year increase.
“We have more cybersecurity researchers embedded across the globe than any competitor, and those insights and discoveries are used widely within the industry and power our own product offerings,” said Kevin Simzer, chief operating officer at Trend Micro. “These teams power much of the threat intelligence for which we are renowned.”
Trend Micro researchers predict that threat actors in 2022 will focus ransomware attacks on cloud and datacenter workloads and exposed services to take advantage of the large number of employees continuing to work from home. Vulnerabilities will be weaponized in record time and chained with privilege escalation bugs to drive successful campaigns, according to the report.
“It’s been a tough couple of years for cybersecurity teams, disrupted by work-from-home mandates and challenged as corporate attack surfaces have exploded in size,” said Jon Clay, vice president of threat intelligence for Trend Micro. “However, as hybrid work emerges and more certainty returns day-to-day, security leaders will be able to plot a robust strategy to plug gaps and make the bad guys work much harder.”
IoT systems, global supply chains, cloud environments, and DevOps functions will be in the crosshairs. More sophisticated commodity malware strains will be aimed at SMBs.
However, Trend Micro predicts that many organizations will be ready for the challenge as they build out and implement a strategy to proactively mitigate these emerging risks via:
• Stringent server hardening and application control policies to tackle ransomware
• Risk-based patching and a high-alert focus on spotting security gaps
• Enhanced baseline protection among cloud-centric SMBs
• Network monitoring for greater visibility into IoT environments
• Zero Trust principles to secure international supply chains
• Cloud security focused on DevOps risk and industry best practices
• Extended detection and response (XDR) to identify attacks across entire networks
