The seeds of rushed implementation of remote working and digital transformation bore fruit in the form of once-in-a-decade breaches like SolarWinds, Colonial Pipeline and others that seemed to occur monthly. Looking ahead helps us anticipate where cyber threat actors will undoubtedly head as they look to take advantage of this paradigm shift. These projections are based on shifts in technology, threat actor habits, culture, and decades of combined experience.
Top cybersecurity trends in 2022 include reinvented ransomware, maturing supply chain attacks, death of cyber insurance, connectivity free zones, Cybersecurity Talent Resources and more.
2022 will prove to be the most challenging year yet with regards to the ongoing cybersecurity talent crunch
Prediction #1: Space Travel
Taking advantage of the huge wave of space tourism, expect phishing attacks and faux websites to crop up across social media and the Internet.
Prediction #2: Cybersecurity Talent Resources
2022 will prove to be the most challenging year yet with regards to the ongoing cybersecurity talent crunch. Some drivers of this supply-demand imbalance include the accelerated adoption of hybrid cloud and digital transformation initiatives, post-pandemic projects ramping up, and budgets becoming available for spend. Security posture improvements will be at the top of the list of desired projects. The imbalance will cause salary spikes across the board for every level of IT security professional.
Prediction #3: 5G in Everything
Consumers and businesses can expect that newer devices will be cellular-enabled, or cellular capable, to provide services outside of local area and Wi-Fi networks. This will allow connectivity using a subscription model and remove the barriers and troubleshooting required for connectivity on home or small business networks.
Expect a tsunami of cyber insurance cancellations and a mad scramble to obtain new coverage, potentially at much higher rates
Prediction #4: Ransomware Reinvented
Organisations should expect ransomware to become personalised and increasingly involve different types of assets, like IoT, as well as company insiders. Targeted disclosure of exfiltrated information may be perpetrated to specific buyers. We may even start to see more flexible terms of payment, as opposed to lump sum payouts. With instalment plans, ransomware operators will decrypt victim assets over time, based on agreed upon payout terms.
Prediction #5: Supply Chain Kinks
Supply chain attacks will further mature in 2022, expand in scope, and increase in sophistication. Expect far more third-party solutions and common development practices to be targeted. Organisations need to include third party supply chain breaches in their incident response plans and plan for a public and private response just in case they become an inadvertent victim for a licensed solution.
Prediction #6: Cyber Insurance Termination
Expect a tsunami of cyber insurance cancellations and a mad scramble to obtain new coverage, potentially at much higher rates. To obtain coverage and ensure the best rates, organisations will need to demonstrate the proper cybersecurity hygiene demanded by cyber insurance underwriters. Failure to have agreed upon cybersecurity controls in place will also be a key argument for insurers to refuse paying out after an incident, or to terminate coverage.
Supply chain attacks will further mature in 2022, expand in scope, and increase in sophistication
Prediction #7: Freedom of Social Networks
Social networks will be under increasing pressure to control the content posted by their users. This is also likely to result in broader powers for the authorities to trace and identify malicious sources. Expect to see tighter controls on the content that is distributed via social platforms, reliable attestation for the source of the material, and potentially access to the data for authorities.
Prediction #8: Softly, Softly
Next year will see the average time from intrusion to detection grow, giving attackers more time to perform reconnaissance and wreak havoc on systems. Expect a lot of careful hackers to find their way into systems and establish long-term residences there.
2022 trends include reinvented ransomware, maturing supply chain attacks, death of cyber insurance, connectivity free zones, talent crunch and more.