Summary

Cybersecurity incidents grew at an alarming rate throughout 2021 as all industries became targets of attack. Cybercriminals are exhibiting devious ingenuity and creativity with these attacks both from a technology and business standpoint.

Enterprises must up their game to combat these advanced threats and learn from the attacks of 2021 to help prepare for new attacks in 2022.

Introduction

2021 was a turbulent year when it came to cybersecurity. Cybersecurity attacks assaulted every industry from infrastructure attacks on oil pipelines, water processing plants, and electrical grids to sophisticated surveillance attacks against government agencies and non-government enterprises, to the seemingly never-ending stream of ransomware attacks on both public and private sectors. Attacks were made through a variety of innovative methods targeted at almost every foundational element of technology’s architecture.

As we begin the new year, governments and enterprises alike are appreciating the importance of securing their organization to avoid becoming the next high-profile victim of a cybersecurity attack. In this Research Note, we explore four lessons learned from the security incidents of this last year as well as four key areas enterprises must focus on to improve their security posture in 2022.