Top 10 Cybersecurity Predictions for 2022

Any successful cybersecurity program is predicated on a thorough risk management approach. The strategic element as of late seems to have been relegated to a fragmented set of tactics and solutions, as companies find themselves in a more reactive than proactive mode when protecting assets. In order to efficiently allocate their security budgets, consolidate existing technologies and harmonize control procedures across a vastly extended network, we will see more companies revisit their risk management program. For instance, legacy mitigation has largely relied on a third-party, risk transfer approach, which means organizations will have to more directly consider downstream impacts that may have intolerable business impacts on their operation. We’re already seeing an increase in the rigor toward vendor management programs to confirm the level of due care, and increase the level of accountability. At Pondurance, we conduct risk assessments based on the NIST Cybersecurity Framework to examine the most critical aspects of your environment. We provide valuable insights into an organization’s cyber-risk levels and recommendations for mitigation.

Organizations will have to learn to mitigate the risk of cyberattacks while juggling the constantly changing demands of both on-site and remote workers. In the wake of the COVID crisis, some companies went from zero to full digital transformation overnight. Other companies are still on that path.

Regardless, now that some employees are returning to the office and others remain at home, companies will need to ensure that workers remain productive and secure in this new hybrid environment. Hybrid work will require a complete overhaul of how we think about security, including the ability to provide employees with easy and secure remote access to businesscritical applications no matter where they are.

Governments around the world will really clamp down on cybercrime. Cybercrime is a global problem, and world leaders want to establish norms when dealing with this type of crime. Expect to see more cybercrime legislation around the globe to put the squeeze on cybercrime syndicates and make it harder for them to evade police action.

This could include new laws that make it easier for police to gain search warrants, as well as more anti-corruption legislation to disrupt the use of cryptocurrency in cybercrime. Though cybercrime syndicates are still emerging, we predict at least one major cyber ring will be shut down this coming year.

In no small part, the current administration is likely to use the power of embargoes and other economic tools to better drive cross border law enforcement.

The Department of Defense (DOD) recently set up a process to ensure that all defense contractors meet certain requirements for handling controlled unclassified information. That process is known as the Cybersecurity Maturity Model Certification (CMMC). It is designed to ensure that defense contractors meet a basic level of cybersecurity hygiene for protecting sensitive information.

It’s fair to predict that not only will DOD suppliers need to meet the cyber hygiene requirements, but that the same kind of compliance will soon be required across all government agencies and their suppliers. Why? Because a government agency breach could have a major impact on the lives of average citizens. The Department of Homeland Security, for example, is already exploring options for creating a cybersecurity standard for contractors. At Pondurance, we know that meeting CMMC requirements can be challenging and as a registered provider organization, we can help prepare for your assessment.

The cloud can be just as insecure as any on-premises data center, especially given misconfigurations and the typical cyber hygiene problems that plague most companies. When moving to the cloud, organizations need to appreciate the fact that they have a shared responsibility to protect their corporate data along with their cloud service providers.

As a result, there will be a greater need for managed detection and response (MDR) to better integrate with the cloud in the future of IT security. Next-gen MDR offers an effective solution for cloud computing security by providing broad threat defense, such as filling detection gaps and automating responses to evolving threats.

MDR can be an extension of your security team or act as your security team. The security operations center that you gain from an MDR is on 24/7 and can act on alerts to ensure that your environments, both cloud and on-premises, are protected from bad actors.

When it comes to cybersecurity, you can’t rely strictly on automation. But a lot of companies do. They believe that humans can be removed from the cyber equation and replaced with AI and automation technology. While there’s no doubt that automation is getting better, it is unlikely to reach a level of maturity to truly remove humans in anyone’s lifetime that is reading this.

Of course, automation is necessary for managing certain processes and correlating disparate events. But to find and mitigate nefarious attacks, human involvement is just as critical as the latest and greatest security tools. Cybercriminals are humans and you need human defenders to combat human attackers.

Companies should never forget about the importance of the human element in detecting and deterring threat actors. In the coming year, human intervention can be the difference between swift containment and grave consequences.

Natural disasters like hurricanes, wildfires, earthquakes and floods are increasing in size and frequency. And when natural disasters strike, communities and organizations are the most vulnerable. Cybercriminals understand this—and they will make it a priority to take advantage of environmental events to create more havoc by targeting physical infrastructure like electric grids, fuel pipelines and water systems with ransomware attacks.

Businesses, state and local governments must respond to this growing threat by better preparing their defenses and regularly running disaster drills and simulations to counter these threats. The more they practice, the better their response will be.

At Pondurance, we joined forces with the Indiana National Guard who conducted a drill at Muscatatuck Urban Training Center in Indiana, to test preparedness and bolster defenses. This drill involved a simulated earthquake followed by a cyberattack, with bad actors swooping in amid the chaos and attacking the water system to try to shut it down as the National Guard deployed its defense tools to protect networks, people and property. We also participated in a workshop for water and wastewater utilities in a red team / blue team cyber simulation event in another effort to bolster defenses by sharing knowledge.

Cyber liability insurance is a type of insurance designed to cover losses and penalties associated with a data breach or other cyberattack. But this kind of insurance will become harder to get. Why? Because for the first time, ransomware has hit a level where the payouts by insurance companies are now exceeding the premiums being paid. That means large insurance providers could limit the amount of business they book and be very selective when it comes to underwriting new cyber policies.

Some cyber insurance providers are even excluding ransomware coverage when they renew customers. Businesses will have to up their investments in cyber tools, processes and staffing to prove to insurance providers they are a worthwhile risk.

Nation-state attackers will target the U.S. economy and financial institutions with disinformation, much like they have targeted our political institutions. These nation states could spread misinformation about the viability of our banking system, thus stoking panic among consumers and causing a run on our banks. These campaigns will be small in nature, but they could add up to make people lose confidence in our financial systems.

The search for cyber talent will continue to be front and center. The cybersecurity industry is currently short about 3 million qualified workers, according to the latest (ISC)2 Cybersecurity Workforce Study, and this shortfall is tipping the balance in favor of the bad guys.² To help level the playing field, we will start to see more educational programs geared toward cyber, including the rise of trade schools with specialized degrees, as well as more high school programs that are focused on cyber skills.

Companies will realize that they can hire talent directly from high schools and trade schools, and that cyber workers of the future don’t necessarily need a four- year college degree to enter the field.

This should help with the shortage of skilled workers needed but will take some time!