Hyland 160x1200

Hyland 160x1200

Hyland 705x108

Friday, 21 January 2022 10:44

Top three trends security leaders should keep front of mind in 2022

By Trend Micro

GUEST RESEARCH: Australian organisations are no strangers to the consequences of a successful cyberattack. System outages, financial loss, and reputational damage resulting from a ransomware infection or data breach are now part of the weekly news cycle. Today’s security professionals are faced with a daunting set of responsibilities to identify critical threats and limit lasting damage from attacks.

In fact, Trend Micro’s latest global risk report revealed 25% of Australians believe cybersecurity is the biggest business risk today, and 62% claim it has the highest cost impact of any business risk.

Yet major visibility gaps and alert overload are all too common. We’ve seen a significant shift in the way that cybercriminals are undertaking attacks. They are now taking a much more engineered approach, using sophisticated breach-like methods to shut down systems and threaten security teams. The first step towards effectively mitigating cyber risk is understanding the scale, complexity, and specific characteristics of the threat landscape.

The past 18 months have been challenging, but they have provided many lessons for the future. The following trends have emerged from Trend Micro’s annual Cloudsec event, for security teams and business leaders to stay conscious of in the year ahead.

Secure connectivity in the hybrid work environment through identification

The way employees connect to company resources have changed dramatically over the last few years. Cybersecurity demands a proactive, preventive approach and not a reactive one. With increasingly distributed workforces, working from home is becoming a gateway to new forms of data theft and organisations are struggling to adapt. Poor technological infrastructure and inadequate cyber and data security represent a cyber risk to businesses.

The traditional boundaries of the corporate network are no longer sufficient, seeing a rise in identity-based attacks. Trend Micro’s 2021 mid-year security report revealed that business email compromise attacks increased by 4% globally. In Australia alone, Trend Micro blocked over 92 million email threats in the first half of 2021 – a 61% increase year-on-year.

Identity has become the de facto perimeter for organisations today. Identity is the foundation of a zero-trust architecture, as you need to ensure the right people have the right level of access, on the right device, to the right resource, in the right context. A comprehensive, identity-first security strategy can tie the complexities of protecting people and assets together in a seamless experience. Beyond improving business security, there must also be a company-wide cultural shift in attitudes towards cybersecurity. All staff must be made aware of the issues and risks, and receive adequate training in managing sensitive data and any new responsibilities.

Migration to cloud has led to new risks for government agencies

Today’s operational and technological needs have resulted in government agencies moving their data into the cloud. Migration to the cloud will play an integral role in helping the Australian government’s goal to be one of the top three digital governments in the world by 2025. In fact, the government aims to have all NSW government agencies using public cloud for a minimum of 25% of their ICT services by 2023. Unlike previous legacy on-prem arrangements, the migration to cloud has brought about a new set of risks and considerations – and organisations must take serious precautionary measures. A lack of holistic cloud security strategy is detrimental to any agencies – from lack of visibility of data types residing in the cloud, to lack of security controls and absence of monitoring of cloud workloads and applications. Organisations need to have a comprehensive, proactive cyber plan that enables you to protect, detect and respond effectively to any cyber threats.

One of the grand challenges of a cloud strategy is securing the environment. Government agencies can leverage emerging technologies to help secure and innovate operations in an ever-changing cyberthreat landscape. A key approach is to adopt the Zero trust architecture in their security. Organisations keen to embark on their Zero Trust journey must take into consideration the transition process. By working with the right technology partners, organisations are able to implement a robust cloud security strategy, compliant with cybersecurity standards.

Both cyber security and cyber resilience are essential  

Advancing technologies across all industries bring incredible new opportunities and business advantages, but it also brings unprecedented new threats. In today's evolving threat landscape, both cyber security and resilience respectively are methodologies to enable collaboration between IT risks and IT security teams in most organisations today.

The cyber security controls (process and technologies combined) are relevant to keep cybercriminals out as much as possible. However, as the lines between physical and digital disruption are blurred, there is a growing need to shift from a preventative mindset to a resiliency-based approach. Cyber resilience practice and strategy prepares the organisation to withstand or recover quickly when organisational breaches occur.

Cybersecurity and resilience both require an investment in time, resources, and education, but by combining the essentials of cyber security and resilience, security teams can mitigate damages and risks. The key is to ensure your security advisors are experienced across both areas. Regular cyber resilience evaluations are also critical to stay on top of the overall level of cyber resilience, particularly in relation to vulnerabilities identified during routine cyber security operations.

Read 1041 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News