9 cyber security predictions for 2022 – IT Governance UK Blog
Everybody wants to know what the future holds. Those who are a step ahead of the rest can foresee challenges and avoid falling into pitfalls, or they can spot opportunities and ride to success.
This is as true in the cyber security landscape as it is in any other. But predictions are difficult. After all, who at the start of 2020 could have foreseen what the next two years would be like? (Except maybe Time Magazine.)
Granted, vaccine rollouts have helped control the pandemic, with restrictions easing in much of the world. But there remains great uncertainty about how we’ll come out of the crisis and what business challenges await us.
To help you understand what might be in store in 2022, we’ve collected nine forecasts from cyber security experts.
1. Cyber insurance will become more popular and more comprehensive
Over the past few years, organisations across the globe have come to understand just how pervasive cyber threats are.
This is not just a result of the pandemic but also the increase in cyber attacks and security incidents caused by employees failing to follow policies and processes.
It’s led to a growing trend for organisations to purchase cyber insurance, which Forbes contributor Emil Sayegh believes will continue in 2022.
“Faced with a costly environment of escalating risks, the cyber insurance industry has seen many challenges in the past year,” he said.
“Even though many businesses are required to carry cyber insurance, these conditions are leading to companies no longer purchasing extensive policies. This market squeeze will certainly affect the cyber insurance industry itself.
“We are going to see this happen, but we will also see a resurgence of cyber insurance as companies become more aware of the risks associated with data breaches and standardize on what it takes to attain coverage.”
We’ve already seen insurers adjust their policies, tightening the definition of ‘cyber attacks’ and reducing the circumstances under which pay-outs are necessary.
Sayegh believes that, in response, organisations will purchase more extensive policies to protect them from a wider array of threats.
2. Cyber insurance premiums will increase
That’s not the only way the cyber insurance industry will change this year, according to Liz Miller, an analyst at Constellation Research.
Miller says that the increased demand for cyber insurance and the rise in high-profile data breaches will lead to premiums “shooting up”.
“[Cyber insurance is] much more expensive these days as costs surge, and are most likely to continue soaring,” she predicts.
“Insurances are like double-edged swords: while they do provide security coverage and have become a ‘must-have’ for organizations, they have also alerted the attackers to asking for even more ransom in the attacks, knowing it’s all covered.”
Panel discussion: How to prevent and respond to the most successful vulnerabilities exploited by attackers
Join our experts for this webinar, where we analyse attacks such as Log4j, and provide insight into how cyber criminals deploy attacks.
This 45-minute presentation will help you understand the most successful vulnerabilities exploited by attackers.
We’ll also provide tips on the approaches you can take to handle vulnerabilities and the measures you implement to reduce risks.
The presentation is on 24 February 2022, from 3pm.
3. Software supply chain attacks will become widespread
Supply chain security has come under greater scrutiny in recent years, as organisations recognise the damage that can result from third-party breaches.
Disruption within the supply chain can result in delays and an inability to provide services. Plus, in several high-profile cases, criminal hackers have been able to exploit vulnerabilities and target organisations through the supply chain.
Justin Fier, the director of cyber intelligence and analytics at Darktrace, believes this will become a major problem in 2022.
“One area of focus is the need to enhance software supply chain security. There are many aspects included that most would consider industry best practice of a robust DevSecOps program, but one area that will see increased scrutiny is providing the purchaser, the government in this example, a software bill of materials,” he writes.
“This would be a complete list of all software components leveraged within the software solution, along with where it comes from.
“The expectation is that everything that is used within or can affect your software, such as open source, is understood, versions tracked, scrutinized for security issues and risks, assessed for vulnerabilities, and monitored, just as you do with any in-house developed code.
“This will impact organizations that both consume and those that deliver software services.
“Considering this can be very manual and time-consuming, we could expect that Third-Party Risk Management teams will likely play a key role in developing programs to track and assess software supply chain security, especially considering they are usually the front line team who also receives inbound security questionnaires from their business partners.”
4. The ‘Great Resignation’ will increase insider threats
One of the more unexpected side-effects of the pandemic has been that people are quitting their jobs in record numbers.
‘The Great Resignation’ began in the US, with employees posting online about unfair work expectations at a time when social distancing restrictions were being ignored by many.
The trend later spread to the UK, with the Office for National Statistics reporting that 979,000 people left their jobs between July and September 2021.
One of the driving forces of ‘The Great Resignation’ is people’s sense of resentment in the workplace. Toby Lewis, the head of threat analysis at Darktrace, believes this increases the risk of employees acting maliciously against their employer.
“We can expect to see disgruntled employees steal information or employees unintentionally taking information with them to their next job. We have also seen criminal groups attempt to recruit insiders by offering a large sum of money or a portion of the ransom,” he writes.
“Whether intentional or unintentional, insiders will become a growing priority for businesses in 2022. With more organizations relying on cloud communication and collaboration applications, these threats become even more difficult to detect across sprawling digital infrastructures.
“With employees working remotely, enforcing the return of equipment and data will become even more difficult.”
5. Criminal hackers will target mobile devices
Kaspersky’s cyber security predictions for 2022 focuses on APTs (advanced persistent threats), which are stealth attacks typically performed by nation states or state-sponsored groups. Among its APT forecasts is an increase in attacks targeting mobile device.
“Mobile devices have always been a tidbit for attackers, with smartphones travelling along with their owners everywhere, and each potential target acting as a storage for a huge amount of valuable information” Kaspersky said.
It said that iOS users need to be especially careful. The researchers saw a significant increase in attacks targeting the iOS platform, and it expects that trend to continue in 2022.
6. There will be an increase in nation-state attacks
The possibility of state-sponsored cyber attacks will already be on people’ minds, thanks to the growing tensions between Russia and Ukraine.
Russian actors have previously targeted Ukraine, while pro-Ukrainian ‘hacktivists’ recently struck back with a cyber attack on Belarusian railway lines in an effort to keep Russian forces out of the country.
But this isn’t the only conflict that could be played out in cyberspace, with China, the US, North Korea and Israel having all been associated with state-sponsored attacks in recent years.
John Bambenek, the principal threat researcher at Netenrich, believes we could see further nation-state attacks in 2022.
“Recent years have seen cyberattacks large and small conducted by state and non-state actors alike. State actors organize and fund these operations to achieve geopolitical objectives and seek to avoid attribution wherever possible,” he said.
“Non-state actors, however, often seek notoriety in addition to the typical monetary rewards. Both actors are part of a larger, more nebulous ecosystem of brokers that provides information, access, and financial channels for those willing to pay.
“Rising geopolitical tensions, increased access to cryptocurrencies and dark money, and general instability due to the pandemic will contribute to a continued rise in cyber threats in 2022 for nearly every industry.”
7. Password-less authentication will fail without multifactor authentication
Last year, Windows revealed plans to remove passwords from its operating system. It is instead giving users the ability to log in using biometric authentication, a hardware token or an email with an OTP (one-time password).
When confirming the decision, Microsoft said: “Nobody likes passwords. They’re inconvenient. They’re a prime target for attacks.”
That might be true, but according to WatchGuard Technologies, the alternative isn’t viable. The security company doesn’t doubt that the move will be popular with users. However, it believes it will be equally popular with criminal hackers, who will find ways to exploit the system.
“Though we commend Microsoft for making this bold move, we believe all single-factor authentication mechanisms are the wrong choice and repeat password mistakes of old,” WatchGuard wrote.
“Biometrics are not a magic pill that’s impossible to defeat – in fact, researchers and attackers have repeatedly defeated various biometric mechanisms.
“Sure, the technology is getting better, but attack techniques evolve too (especially in a world of social media, photogrammetry and 3D printing).
“In general, hardware tokens are strong single factor option too, but the RSA breach proved that they are not undefeatable either. And frankly, cleartext emails with an OTP are simply a bad idea.”
WatchGuard states that Microsoft’s decision is a sideways step, introducing other technologies that are commonly associated with multifactor authentication while weakening their integrity by removing the need for a password.
“In our opinion, Microsoft (and others) could have truly solved this problem by making MFA mandatory and easy in Windows,” WatchGuard writes.
“You can still use [the alternatives] as one easy factor of authentication, but organizations should force users to pair it with another, like a push approval to your mobile phone that’s sent over an encrypted channel (no text or clear email).”
8. Remote work will affect organisations’ security
Even with COVID-19 restrictions easing, many organisations are continuing to give employees the opportunity to work from home. Although you’d expect organisations to have by now found a way to balance convenience with security, it’s proving a challenging task.
Moreover, Andrew Howard, CEO of Kudelski Security, believes employees are not doing their part.
“As more companies adopt a hybrid approach, technical security will increase while personal security will decrease,” he writes.
“Since employees are working remotely, employee/employer relationships are turning transactional and devoid of trust. This may cause weaker employee buy-in to internal security training programs as employees experience a lack of ownership and personal responsibility in helping to secure their organizations.
“Especially as Gen Z enters the workforce, the increasingly common belief that governments should take primary responsibility for protecting data and a lack of company loyalty will negatively impact already existing privacy issues.”
9. Ransomware attacks will slow
We’ll end our list on a positive note, with SecurityWeek’s editor-at-large, Ryan Naraine, predicting that we’ll see fewer ransomware attacks in 2022.
“Major ransomware outbreaks will slowly subside as companies beef up defenses and counter-operations by global law enforcement disrupt and (partially) disable the high-profile gangs,” he writes.
“In 2022, security leaders will continue to prioritize the basics (properly tested backups, patching, multi-factor authentication and secure cloud deployments) to reduce exposure to ransomware extortion, making it more of a nuisance than a national security threat.
“We will see a blurring of the lines between ransomware and nation-state data theft and espionage campaigns (see prediction on Iran and North Korea below).”
Plan for success in 2022
If there’s one thing that each of these experts’ predictions has in common, it’s that organisations must adapt to the ever-evolving cyber threat landscape if they are to survive and thrive in 2022.
Whether you’re concerned about ransomware, remote working, insider threats or any other risk, you must take the time to review your security measures and determine whether they are fit for the current environment.
This might mean testing your infrastructure to identify vulnerabilities, updating your documentation to bolster your GDPR compliance, or improving your employees’ security and data protection awareness with staff awareness training.
No matter what you’re looking to improve this year, IT Governance is here to help. Our products and resources are created by experts and designed for organisations of any size.
Whatever 2022 has in store, you can at least control your cyber risks.