31 December 2021

2021: A Cyber Year To Remember

Emil Sayegh

Looking back on the events of 2021, it’s evident that cybersecurity was a key concern for businesses, organizations, and governments across the entire globe. It is helpful to look back and chronicle the key cybersecurity incidents that shaped the year. Here are a few:

• December 2020 – SolarWinds

• February – Florida Water System

• March – Microsoft Exchange

• March – CNA Financial

• April – LinkedIn

• May – Colonial Pipeline

• May – Ireland Health Service Executive

• May – JBS Meat Supplier

• July – Kaseya

• July – Tokyo 2020 Olympics


• July – Peloton

• August – T-Mobile 

Here are the most momentous cybersecurity events that took place last year.
A New President

We started the year with an executive change and the arrival of the Biden presidency. The new administration had not yet implemented meaningful cybersecurity legislation despite the numerous industry pleas and hence the private sector continued to deal with outdated regulations. Cybersecurity experts were hopeful about Biden’s cybersecurity agenda, but it was clear that there was still a lot of work left to do.

A Freak “Superstorm” Weather Incident

A powerful winter storm struck the southern United States. The superstorm cut power and electricity to millions of residents and halted transportation across the region. Major metropolitan areas were crippled by blizzards and record-breaking low temperatures. Millions of people were unprepared and lost access to the basics of life and business. A lot of technology took it on the nose, exposing a lack of resilience and recovery measures.

“Superstonks,” Crypto, and Discord

The public flocked towards novel sources of investment information and alternative vehicles. In an attempt to buck the influence of major investment groups, the market exploded, and private investors were able to leverage control over the financial outlook of companies. This is a fascinating realm of social and forum-based financial advisory that is also filled with bots, trolls, and many kinds of imposters.

NFTs: The Art of Blockchain

In the art world, a new form of digital art known as NFTs (non-fungible tokens) started to gain popularity. NFTs are created by attaching unique attributes to each token, which can be used to represent anything from physical artwork to digital assets. The popularity of NFTs is due in part to their security and blockchain-based ledger features. However, there is also the issue of NFTs being used as currency for the unscrupulous, and bad cyber-actors.

Peloton Breach Revealed a Coming IoT Data Winter

A major cybersecurity incident in the household IoT space highlighted how many connected devices are vulnerable to attacks by cybercriminals. The Peloton breach revealed that millions of smart devices were incredibly vulnerable to attack, even in smaller networks. The crossover appeal of everyday devices and IoT is a ripe field for market appeal, but also for cyber threats. Many companies don't have the experience to fully protect and minimize the risks of delivering online devices.

The DoD’s Slingshot Past JEDI to Multi-Cloud

The DoD recently released an updated multi-cloud strategy that could both boost innovation and save costs. The new, open process includes four distinct components: private community clouds, multi-cloud, hybrid cloud services, and commercial cloud services providers. The journey towards this new initiative was filled with legal and political drama, though the ultimate result codifies the multi-cloud, multi-source strategy.
When Cyber War Becomes War

The line between cyber incidents and acts of war is blurry at best. It's not always clear when a cyberattack has escalated to the point where kinetic response is perhaps warranted. However, as we come to the end of 2021, it’s clear that cybersecurity is more important than ever before. President Biden even told U.S. intelligence officials that he thinks a cyber-breach could lead to a “shooting war” with a major global power. We must protect critical industries and information. We must take cyberwarfare seriously and protect our nation, companies, and data.

Readying For Regulation Response to Cyber Incidents

A new regulatory climate is changing the game for nation-states, companies, and individuals alike. Emerging and evolving requirements will be a significant effort for many to implement, but necessary to protect data integrity across jurisdictions. The need for highly innovative cybersecurity solutions that can meet these requirements presents incredible opportunities for technology companies.

Cloud Container Challenges Emerging

While cloud-based containers have many benefits, including portability and efficiency, they also pose unique security challenges. Cybersecurity teams need to design specific security measures for cloud-based containers to protect them from cyberattacks. As adoption continues to grow, the challenges in security are mounting. Organizations must introspectively review their technology stacks for security concerns, component weaknesses, and trusted components. They must focus on the fundamental security platform of meeting security standards, securing that security baseline and assuring that they remain at secure levels throughout application and system life cycles.

Cyber Threats Turn Assets into Liabilities

Organizations are beginning to realize that all software services may not be up to their own security needs and standards. What was thought to be purchased as safe and secure software services are now emerging with gaps in cybersecurity that turn into risk liabilities. A recent privacy ruling against the teleconferencing platform Zoom showed how the activities of a service could expose the client organization to unwarranted risks. Cybercriminals are becoming more sophisticated, and businesses need to up their game if they want to stay protected.

Shutting This Year Down and Moving Forward

You hear it everywhere - Cybersecurity is an ever-changing landscape. It's difficult to stay on top of the latest trends and developments, but one thing that seems certain for 2022 is that it will be even more essential than ever before to keep your guard up. We'll have new cybersecurity regulations further in place by then, which means there’s a higher likelihood of compliance issues with these rules. With all this talk about privacy violations and data breaches, people may start taking their information more seriously again. And as we move into an era where everything can be hacked - from cars to microwaves - it might seem like our world has become less secure overall. But don't get discouraged - there are many good sides and great security practices where we stand in this age.

Oh, and please stay tuned for the upcoming 2022 year's predictions. While I am no Nostradamus, I think you will find them beneficial.

No comments: