2022 is all set to be another eventful and somewhat terrifying year, for the entire world, from the growth and security point of view. The new variant of COVID-19 is showing no signs of slowing down, raising complications on subjects like digital transformation and cybersecurity threats. Again, companies are compelled to think over remote work infrastructure, VPNs and hybrid workforce. They need to reformulate security strategies to prevent hackers from leveraging new vulnerabilities and protect their critical IT resources.
Let’s have a look at some predictions to consider in 2022.
- Ransomware will remain a pressing challenge
Ransomware has become one of the most daunting cyber-attacks that will continue to increase over time. For instance, as per a recent study, ransomware activities was 10.7 times higher in June 2021 than in June 2020. The growing popularity of ransomware-as-a-service is helping less-skilled individuals/threat actors to commit such attacks. If we talk about India, a survey showed that nearly 68% of organizations were hit by ransomware in the last 12 months.
- Cloud security cannot be overlooked
Particularly, when most organizations are working with hybrid and remote workplace strategies, cloud security solutions have become increasingly important. But, this reliance has also created numerous challenges for security leaders to cope with. Cloud Security Posture Management (CPSM) is expected to become a top priority for businesses of all sizes to help identify and overcome misconfiguration issues and compliance risks in the cloud.
- Shortage of cybersecurity talent will continue to expand
In 2022, the cybersecurity industry is likely to witness the scarcity of the right talent as individuals may leave their current jobs for new opportunities to inflate their skills and potentially have the choice to work from anywhere. This, along with growing instances of ransomware, data breaches and malware attacks, may increase the number of unfilled cybersecurity jobs in the entire world.
- Targeted attacks on supply chains will increase
Cyberattacks targeting software supply chains have gained immense prevalence in the last couple of years as they can take down an entire organization, resulting in massive business disruptions. Attack on SolarWinds shows that security leaders need to be more proactive in securing themselves against third-party risks. This is high time for businesses to consider developing strategies that review the third-party security posture and rank them according to the risk level.
Roadmap to Address Gaps
A perfect plan rarely exists, but the future, in terms of cyber security can be predicted to some extent after analysing past events. Creating a resilient future requires businesses to identify and fix security gaps in their IT infrastructure, which include:
- Keeping cyber security on the priority list while making business decisions.
- Implementing Zero-Trust Architecture becomes crucial particularly in the current times where remote working is the new normal.
- Encryption of data will be the mantra for organizations to ensure the confidentiality and security of critical data.
- Owing to the shortage of skills, the retention of security professionals becomes essential for organizations.
- Multi-factor Authentication, combined with Single Sign-On (SSO), will reduce the instances of credential compromise and privilege escalation.
- Most of the applications have third-party integrations with libraries and frameworks, and hence regular security audits of such integrations become important.
- VAPT exercises must be done after regular intervals to determine and fix vulnerabilities that could lead to a potential security breach.
Towards The End
Cyber security is not a one-time process, instead, it requires continual participation and monitoring. Adhering to the basics like using complicated passwords, providing security training to your workforce, reviewing privileges regularly, preparing an incident response plan, etc. will help in mitigating the risks if a breach occurs. We can make 2022 a secured and the safest year by making and following a well-structured roadmap.
- Global Threat Landscape Report August 2021, Fortinet
- The State of Ransomware 2021 Report, Sophos