The Solar Winds hack demonstrated supply chain exposures; the attempted poisoning of a Tampa suburb’s water supply highlighted public utilities at risk; and the Colonial Winds ransomware attack signaled cyber extortionist rings continuing to run rampant.
On the privacy front, California beefed up its consumer data privacy regulations even as Facebook and Apple publicly feuded over how each of these tech giants abuse of consumer privacy and loosey handle sensitive data.
Meanwhile, President Biden issued a cybersecurity executive order finally putting the federal government’s regulatory stamp on foundational cyber hygiene practices many organizations should have already been doing, yet continue to gift short shrift.
Last Watchdog sought commentary from technology thought leaders about lessons learned in 2021– and any guidance they might have to offer heading into 2022. More than two dozen experts participated. This is the second of two roundups highlighting what they had to say.
As the world has adopted the use of APIs to create more revenue streams, the focus on protecting them is going to be vital. APIs power the world’s economy and contain the crown jewels of business data for many organizations.
In 2022 we’re going to see the rise of API abuse. Most B2B partners assume API machine calls are authenticated and safe. But today, the majority of Internet traffic is based, not within APIs in websites or mobile apps, but within business-to-business APIs that are largely undefended. Ignoring API protection has become perilous.
- Edward Roberts, Neosec