House of Lords: ‘Cyber attacks remain one of the biggest threats to UK security’, Aqua offers predictions
December 2021 by Aqua Security
Today, in its latest report, the House of Lords has announced that cyber attacks are among the top extreme risks the UK faces and the country is currently unprepared to assess and tackle future threats. Following its year-long inquiry into the UK’s current risk assessment system, its risk committee concluded that the current setup was “not rigorous enough to justify the confidence placed in it” and that the Covid-19 pandemic had demonstrated the UK’s deficiencies in that regard. It urged that an attack on the country’s critical infrastructure could bring the UK to a halt.
Experts from Aqua Security – a specialist cloud native security provider for the likes of AVIVA, Adobe and Microsoft – have offered the following statements and their predictions for 2022 with regards to future cybersecurity and the evolving threat landscape.
Rani Osnat, SVP Strategy, Aqua Security
“Next year, there will be a continued growth of cloud adoption in general, and more specifically the move to cloud native practices and technologies – such as CI/CD, containers, serverless or Kubernetes. This will replace simply lifting and shifting existing applications. This change is rendering older security tools obsolete and requires born-in-the-cloud tools for everything from app testing to network security, to runtime protection and SIEM.
“User organisations are beginning to better understand the ‘shared security model’ and more specifically, how much of it is their responsibility. This is especially true in the case of multi and hybrid cloud scenarios, which some organisations are adopting, and virtually all organisations are now planning for. What this means is that they simply cannot rely exclusively on defaults or cloud provider tools.
“Unfortunately the ‘shared responsibility’ model is rather simplistic when it comes to real-world implementations. In reality, it’s not so much a ‘shared’ model as it is split, and it doesn’t reduce what organisations need to do security-wise insomuch as requiring them to focus on areas that are different from what they’ve been doing in on-prem environments. The use of dedicated security solutions for cloud native security will continue to grow at the expense of technologies that are being replaced such as traditional firewalls, HIPS solutions.
A new cybersecurity acronym emerges – CNAPP:
“In the wake of these challenges, in 2022, will see an emergence of CNAPPs, or cloud native application protection platforms – an emerging category of security solutions recently defined by Gartner to help identify, assess, prioritize, and adapt to risk in cloud native applications, infrastructure, and configurations. The prevalence of large-scale cloud native deployments is forcing enterprises to combine ‘shift left’ DevSecOps, intelligent automation, CSPM (cloud security posture management) and CWPPs (cloud workload protection platforms) to bring efficiency and speed to cloud native security."
Rory McCune, Cloud Native Security Advocate, Aqua Security
“We’ve seen a lot of activity this year due to incidences and the US executive order. What will be interesting in the coming year, is whether this activity can be translated into long lasting changes. Supply chain security has long been an issue, but it’s fundamentally a hard area to improve on. The sigstore project is very interesting, as it’s taking a new approach to the problem of signing and verification of software packages, and one which puts useability as a core part of the solution – this will improve its chances of success. We’ve seen this pattern repeatedly in IT where solutions which are easy to get started with have much better adoption rates."
Assaf Morag, Lead Data Analyst, Aqua Security
“We will see more attacks that target applications that are built around Kubernetes, such as UIs, monitoring, trying to exploit misconfigurations and vulnerabilities. Based on Team Nautilus’s current research, we may also see more advanced malware capabilities such as rootkits tailored to cloud environments, and techniques that are trying to leverage advanced technologies such eBPF or kernel drivers. There will likely be far more supply chain attacks that target OS packages, code packages and OSS projects, including attempts to target poorly maintained projects and mimicking popular projects.”