Great eXpeltations 2022: Cybersecurity trends and predictions

· 2 MIN READ · DAVE MERKEL · JAN 27, 2022 · TAGS: Cloud security / Company news / MDR

We love data at Expel. We’re all about analyzing what we’ve done and learning from what others are doing to provide better security.

We also like to talk about what we do. Transparency is the name of the game here — in fact, it’s one of our core values. So we want to share what we’ve been up to with you.

Introducing… Great eXpeltations 2022: Cybersecurity trends and predictions, the inaugural annual report sharing data from our security operations center (SOC) on the biggest cybersecurity threats, practical recommendations on how to handle them, and predictions for what to expect in the year ahead.

(Cue the party horns!)

Here’s why I think you should read the report and what you’ll get out of it. Don’t have time to watch? Skip below for the TL;DR (or too long, didn’t watch in this case… TL;DW?).


Our SOC leaders who wrote this report are operators, in the trenches every day protecting our customers. The report covers the top threats and attack trends they saw in 2021. Since our customers are wide and varied, we think there’s something useful in this report for everyone, whatever your org’s size, industry, or stage of the security journey.

Our team dives deep into these top attack trends:

  • Business email compromise (BEC) targeting emails and application data (public enemy #1, according to our SOC)
  • Ransomware (need we say more?)
  • Supply chain attacks (think: Kaseya)
  • Cryptojacking (hot take: the free Red Team the Internet needed in 2021. Curious?)

For each trend, they’ll take you through what they saw in 2021, how to detect that threat and protect your org, and what to expect for 2022. Our Execuwonks (aka Expel execs) also share some thoughts and predictions for cybersecurity this year, because we would’ve felt a little left out if we didn’t get to put our names in there somewhere…

And for those of you who want more than a TL;DR (or TL;DW) of what’s in the report, here are few highlights:

  • BEC: Half of the incidents our SOC responded to in 2021 were BEC attempts. It’s no joke. Attackers learned quickly after orgs increased their security as many of us became remote workers in 2020, and they’re evolving their tactics. Ninety percent of the BEC attempts we responded to all occurred in Microsoft O365 (yep – they targeted end-users).
  • Ransomware: We may not need to say more but here it goes – they’re once again coming for end-users. Eighty-three percent of ransomware incidents our SOC responded to used a “self-installation” technique to gain initial entry.
  • Supply chain targeting: Asset management is the key here. Our SOC saw popular open source repositories being targeted, and those compromised resulted in the deployment of coin miners.
  • Cryptojacking: In 2021, we saw new vulnerabilities being exploited on a massive scale. But attackers using cryptojacking spent their time looking for old vulnerabilities people forgot to patch. What’s more, our SOC saw that attackers are increasingly targeting web apps.

We hope the data and insights in Great eXpeltations can help as your team creates your strategy for managing risk this year.

Our motto for the last year has been “lock arms, up the mountain.” It’s a reminder that we can get through anything together if we work together. So let’s face this year together.

Check out the full report here, and give us your thoughts.

As I said in the video, we think we’re pretty good at what we do, but we know we’re not perfect. So we love feedback because it helps us get better. When you read the report, let us know what resonates with you (or what doesn’t). Let us know what you’re seeing in your environment. We really believe that security is better when we collaborate to protect each other.

With that… lock arms, up the mountain.

Check out Great eXpeltations 2022