Outlook 2022: Simon Eyre, Drawbridge

Simon Eyre is CISO of Drawbridge, a cybersecurity software provider.

Simon Eyre

What are your expectations for 2022?

The monetization of cyber-attacks will continue to drive attack execution in 2022. We’ll see additional data exfiltration and data leak threats as more sophisticated ransomware attacks garner sharp scrutiny from governments and concern from businesses. Aside from the reputational damage such attacks can create, businesses now realize these escalating incidents can also significantly impact privacy/and or intellectual property and have a cascading effect on their broader client and partner ecosystems. As we have seen recently through the Kaseya attack in 2021, vendor and supply chain attacks are increasing which will likely continue into 2022. Supply chain attacks are of particular concern because no organization exists in a vacuum and the financial services industry is a large consumer of outsourced technology.

What are your customer’s pain points and how have they changed from 1 year ago?

In 2021, there was a significant increase in attacks on Vendors/Suppliers to businesses, with very public knock-on effects to that business-to-business model. The lack of personal interaction was undoubtedly a source of that increase. People breaking protocol and doing everything over email (and suffering from impersonation attacks) was very real. Technical controls that worked well in the office environment did not always translate to successful controls in a remote working environment. Now that organizations are introducing permanent remote work and hybrid policies, cybersecurity in remote working environments is critical.

What trends are getting underway that people may not know about but will be important?

Despite governing bodies taking a proactive approach to ransomware attacks, Ransomware as a Service is coming back full force. Ransomware attacks over the last year resulted in some of the highest pay-outs recorded, and we have seen an influx of publicly known attacks. Further, we have seen signs of the attackers facing litigation and coming to justice. Notably, the US Government put up a $10m reward for locating the leaders of the REvil ransomware operators and have managed to reclaim multiple payments and arrests – particularly against the attackers of the Kaseya platform. As a result, we have seen numerous ransomware operators relaunch themselves to escape the increased pressure they’re facing. Throughout 2021 we have seen a bold increase in government action and a substantial shift against paying out ransoms. In many cases, Financial Institutions may face legal action for supporting terrorist affiliated organizations.