Five Biggest Cybersecurity Trends in 2022

Hackers never take a year off, so we can expect 2022 will be full of cyberattacks, vulnerabilities, and panics caused by new forms of cybercrime. The best way to protect organizations is to learn from last year’s cybersecurity problems and guard against the newest techniques hackers are expected to employ this year.

Taking a look back, in 2021, the SolarWinds hack caused the US government and Fortune 500 businesses angst, with possible Russian or Chinese cyberattackers managing to penetrate the Department of Defence, Homeland Security and NASA. Twitch’s data dump also proved that even the most secure operations are vulnerable to unforeseen errors. 

To that end, here are some of the biggest trends to expect in 2022:

Ransomware

As the Kaseya ransomware attack illustrated, in a connected world a falt in the system exploited by ransomware can affect thousands, if not millions of systems. According to the UK National Cyber Security Centre, there were more cyber attacks in the first quarter of 2021 than there were in the entirety of 2019, and 61% of technology experts surveyed by PwC expect that to rise in 2022. 

Securing the Industrial Internet of Things

Bringing the entire supply chain online can enable optimizations and improvements, but it also opens up the network to far more vulnerabilities. As most IoT devices do not receive regular firmware updates, they have become primary targets for hackers looking for entry. 

Even though there have been steps taken to address these vulnerabilities, such as the European Commission’s new cybersecurity rules for wireless devices, the market immaturity and complexity of updating and securing an entire network guarantees that there will be more risks exploited through IIoT in 2022. 

Adoption of AI-powered cybersecurity 

To prevent cyberattacks, experts are calling for the deployment and usage of AI-powered cybersecurity services. Instead of software alerting a cybersecurity administration to a possible attack, AI-powered solutions would be constantly screening more data than humanly possible to catch suspicious behavior and act on it. 

AIongside watching the network for any possible attackers, AI-powered cybersecurity may also be able to prevent human errors from occurring internally.

See Also: Continuous Intelligence Insights

Chokepoints introduced by reliance on cloud

When Amazon Web Services went down on December 7, it exposed the fact that the internet, in general, relies too much on one cloud provider to essentially keep the lights on. AWS and other cloud providers have had a good run of form for the past decade, but with AWS faltering twice since the Dec 7 incident, 2022 might serve as a reminder that cloud computing is not a perfect, zero-fault solution. 

We cannot expect organizations to completely shift away from single cloud operations, which means that businesses must be prepared to work around cloud disruptions, even without all of the available information, according to Mandiant. 

Regulatory catch up 

Governments have already ratcheted up regulatory scrutiny of cyberattacks, with more scrutiny of records and standards for organizations that partner with government departments and fines for failure to disclose attacks. In 2022, there will be further formalization of these standards, with a ‘cybersecurity floor’ that businesses will be forced to reach if they want to avoid scrutiny and potentially work with the government. 

<p><a href="https://resources.snowflake.com/snowflake-videos/the-airline-industry-and-data-jetblue?wvideo=ny3f0f5ulg"><img src="https://embed-fastly.wistia.com/deliveries/c2fe1c9b3f22b67251d144e633e34e4076bac869.jpg?image_play_button_size=2x&amp;image_crop_resized=960x540&amp;image_play_button=1&amp;image_play_button_color=11567fe0" width="400" height="225" style="width: 400px; height: 225px;"></a></p><p><a href="https://resources.snowflake.com/snowflake-videos/the-airline-industry-and-data-jetblue?wvideo=ny3f0f5ulg">The Airline Industry and Data - JetBlue</a></p>

We may also see governments, especially the US, be proactive in their disciplinary stance towards private companies. This could be in the form of fines for cybersecurity negligence even if spotted before an attack occurs.