Cybersecurity Trends and Drivers in 2022 After a record-breaking year of cyberattacks, it's more vital than ever that business and organizations develop solid plans for prevention, detection and response.
By John Morris
Opinions expressed by Entrepreneur contributors are their own.
Last year came to a tumultuous end with the discovery of a serious vulnerability in Apache Log4j that can be exploited with minimal effort. It was also marked by the shutdown of the Colonial Pipeline due to a ransomware attack, and the realization that SolarWinds code was infected with malware that spread to thousands of customers and government agencies.
As bad as this sounds, it's likely to get worse. The profitability of cybercrime keeps growing — as does the sophistication of the attackers, who are often sponsored by nations with significant resources — and the organizations with the most to lose are often those without the resources or expertise to adequately protect themselves, such as medium-sized businesses, governments and healthcare providers.
So, what does 2022 have in store for us regarding cybersecurity, and what can we do to prepare?
Increased attack vectors
The proliferation of endpoints is opening up new avenues of attack. Endpoints include anything that communicates back and forth with a network. Laptops, tablets, smartphones and wearable devices are all susceptible endpoints, along with IoT devices like security cameras, connected home appliances, voice assistants and many other items that consumers and businesses might not consider vulnerable. What's worse, many of these use the same hardware to enable connectivity, so a vulnerability could have far-reaching effects. We are likely to see increasing attacks on IoT devices as a way to gain entry to networks, mine cryptocurrency or steal data. According to Threatpost, the first six months of 2021 saw more than 100 percent growth in cyberattacks against IoT devices, and this rate will only increase in 2022.
Related: Protect Your Business by Becoming a Cybersecurity Analyst
AI-related attacks
AI and machine learning systems are ripe for both being attacked and being used to conduct attacks. Many organizations use these technologies to crunch massive amounts of data (the prime target for most hackers), and the same capabilities that power speech recognition, autonomous vehicles and online shopping can massively scale automated cyberattacks.
We expect attacks on AI systems, which could take the form of subverting physical assets (such as drones and self-driving vehicles), to have disastrous results. There may also be increased use of such systems for political purposes, such as disseminating misinformation, invading privacy or sowing discord.
Increased adoption of zero-trust architecture
The days of "trust but verify" are over. In today's distributed work and cloud computing environments, the network no longer stops at the office walls… it's everywhere. "Zero trust" refers to the practice of authenticating, authorizing and continuously validating network users before giving them access to applications and data. Strong identity management, endpoint protection, encryption and continuous monitoring form the foundation of a zero-trust environment.
The pandemic introduced new opportunities for malicious actors to access networks as employees rapidly shifted to working from home and IT departments struggled to make network resources available outside the office walls. Adopting a zero-trust framework is a journey, and there is no single solution, but organizations must move quickly to implement access control policies, authentication and least-privileged environments that will protect valuable data assets.
Related: How to Protect Your Business From Cyber Attacks
Elevation of cybersecurity to the executive level
According to an October 2021 UncommonX report, 60% of midsize organizations reported suffering a ransomware attack over the course of the previous 18 months prior to its publication. The even more staggering finding was that even after these devastating attacks, 70% of these organizations had not prioritized cybersecurity, and only 35% had conducted a risk assessment in the past year. Additionally, many lacked a chief information security officer (CISO) or otherwise dedicated person whose responsibility is security/cybersecurity, even though phishing and ransomware attempts had been on the rise. As a result, IT bears most of the responsibility, even when they might not have the capability to effectively manage it.
Cybersecurity is a business decision at its core because it involves an assessment of risk and an investment in people and technology to mitigate that risk. For this reason alone, it should be elevated to the C-suite or board level as a strategic partner. Company leaders should be evaluating cybersecurity initiatives as they would other investments — asking if an incident or breach is worth the risk to business operations, reputation and customer trust? Some organizations may be willing to accept those risks, but the decision should be made at the highest levels and then supported with the appropriate level of investment.
Guarding against insider threat
The Great Resignation or "big quit" of 2021 has highlighted the fact that employees are fundamentally reassessing their jobs, levels of satisfaction and feelings about employers. Outgoing staff members can pose a high risk of insider threat because they already have access to sensitive data such as customer lists, trade secrets and financial information. They may also be more amenable to selling that information if approached, or to allowing unauthorized access to the network or premises.
Related: Identify and Stop Rogue Employees Before They Become a Security Threat
Moving forward
One of the best outcomes of 2021 being such a challenging year would be to see more organizations prepare for the inevitable. Many perhaps think that they aren't interesting enough to be hacked, or that their data wouldn't be valuable to anyone else. They don't realize that today's cybercriminals are highly opportunistic: If data isn't valuable enough to sell, it can be held for ransom because the business needs it to continue operations. So, with that in mind, every organization should be developing solid plans for prevention, detection and response.