Cybersecurity Predictions: What to Look Out for in 2022 and Beyond
In a previous post, we discussed five important cybersecurity lessons we learned in 2021. Growing numbers of endpoints used outside the security perimeter have created significant new risks. Cloud misconfigurations are also a leading source of security threats, and protecting data across the extended environment is increasingly difficult. Users need more effective training so that they understand their cybersecurity responsibilities, and organizations are struggling to hire enough security experts to meet their needs.
So much for the look in the rearview mirror. What do organizations have to look forward to in 2022? Here are four predictions regarding the security landscape in the coming year.
1. Phishing will continue to be the dominant threat.
For the last several years, phishing has been the most prevalent cyberattack organizations face. According to Verizon’s 2021 Data Breach Investigations Report, 43 percent of breaches start with a phishing attack. Security analysts expect it to remain the dominant threat in 2022, although cybercriminals are changing their techniques somewhat. Instead of sending out large numbers of emails to groups of users, they will produce highly targeted attacks for select individuals, making phishing more difficult to detect. Organizations will need to boost their email and endpoint security and provide users with effective cybersecurity training to address this threat.
2. Organizations must monitor, manage and secure the growing IT footprint.
The shift to remote and hybrid work models has meant more endpoints are being used outside the secure perimeter. At the same time, organizations are expanding their Internet of Things (IoT) initiatives, deploying a wide range of sensors and other devices to automate processes and monitor operations. This growing IT footprint means that hackers have an ever-larger attack surface to exploit. Organizations will need to up their game in terms of monitoring, managing and securing all of these devices.
3. Evolving ransomware attacks will require increased vigilance.
Ransomware dominated the security news in 2021, particularly with high-profile incidents such as the Colonial Pipeline attack. In 2022, enterprise organizations should expect ransomware to become more targeted, aimed at healthcare organizations, the oil and gas industry and other organizations that are willing to pay the ransom to avoid disruption. Criminals will also use data exfiltration and other tactics to exact larger payoffs. Small to midsize businesses (SMBs) will face burgeoning numbers of attacks generated by Ransomware-as-a-Service operators, who charge as little as $50 a month for subscription-based exploits.
It's imperative for companies to develop a plan to boost their security posture.
4. Supply chain attacks will give rise to the quadruple extortion model.
Ransomware attackers have been using double extortion — encrypting the victim’s data and threatening to expose sensitive information. Supply chain attacks up the ante with a quadruple extortion threat. In a supply chain attack, cybercriminals exploit a vulnerability in one company’s security to gain access to the networks and data of its business partners. This attack method has become a favorite of groups backed by Russia, China, North Korea and other adversarial governments. In addition to traditional ransomware tactics, the perpetrators can threaten to publicize the breach. If that doesn’t work, they can start spreading the attack among business partners, exfiltrating data and demanding ransoms along the way. A successful supply chain attack can easily compromise hundreds of organizations.
Organizations will need to reexamine their security strategies to ensure that they are protected against these kinds of threats. The experts at GDS can assess your environment, identify gaps and weaknesses, and help you develop a plan for boosting your security posture. We can then employ our fully managed solutions to deliver end-to-end protection. Give us a call to get started.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.