The pandemic and changing working dynamics brought in a massive digital transformation and an unfortunate rise in cybercrimes for many companies and people.
Remesh Ramachandran a CISO and Security Researcher wrote on the Entrepreneur Asia Pacific – “2021 saw some of the most significant cyberattacks on digital systems the world has ever seen, such as the Colonial Pipeline ransomware attack, wherein the company had to shut its entire operations to contain the breach. Given the upsurge of similar ransomware attacks and data breaches, which have caused havoc to businesses worldwide, cybersecurity risk management has to take precedence in 2022 and be among the topmost priorities for organizations to ensure business continuity in the event of a cyber incidence.”
So with these attack changes in 2022, how are security leaders from Elevate, Fortinet and RCS Secure conquering their top challenges in the new year?
Top Cyber Security Predictions for 2022 (Ramachandran, 2022)
Enterprise level security from home: With the pandemic altering the work lifestyle to a great extent and organizations implementing work from home policies, organisations hurried to build the necessary technology infrastructure to keep the clock ticking. But the challenge before IT departments and CISOs is to bring the newly acquired devices and infrastructure into the security perimeter.
Cybersecurity insurance: Cybersecurity insurance helps cover the monetary losses and penalties associated with a cyber-attack or data breach. With the number of ransomware attacks attaining a new high, it would become even more challenging for businesses to get cyber insurance. The insurance premiums are likely to increase, and insurance companies will also have their say in determining certain security requirements to apply for cybersecurity insurance. Hence, businesses will need to ensure they have a robust cybersecurity posture to keep insurance premiums relatively lower.
AL/ML role in cyber fraud prevention: According to a report released by SEON, a cyber security and fraud prevention firm, online e-commerce businesses experience an average of 206,000 cyber-attacks and data breaches a month. As online e-commerce sales continue to rise, so are the attempts by threat actors to infiltrate e-commerce businesses’ information assets and get their hands on the PII (Personally Identifiable Information) of millions of e-commerce users. AI/ML will play a huge role in cybersecurity as they will help analyse historical data and provide the best possible solutions for cybersecurity risk management and fraud prevention.
Increased mobile attacks: With the increased usage of mobile applications and mobile payment platforms, mobile malware attacks are expected to increase in 2022. While Mobile Device Management (MDM) solutions allow businesses to gain control over all mobile phones in the network, it can also be a significant liability. Cybercriminals have started focusing on attacking these MDM solutions to easily gain control over all mobile devices managed by the MDM solution.
Rise of automotive hacking: Driverless automated cars are anticipated to be the future of the automobile industry. However, it may bring a new set of cyber challenges and threats. About 25% of all passenger cars are expected to be connected vehicles (these are vehicles capable of connecting with other vehicles over the internet or some other form of network) by 2023. These connection capabilities could pave the way for more vulnerabilities to be exploited by threat actors. To give an example, in April 2021, cybersecurity researchers hacked a Tesla through a remote hack using only a drone carrying a Wi-Fi dongle, which allowed them to open the car’s doors. Automakers, especially those venturing into driverless capabilities, will need to take robust measures to ensure no vulnerability remains unpatched, as this could essentially lead to fatal consequences.
Increase in cloud services and cloud security threats: Remote working is likely to continue for the better part of 2022, and as such, the adoption of cloud services is bound to rise. Businesses, especially SMEs that depend on on-premise environments for their business operations, are expected to shift to Cloud-based services to sustain themselves. This again would mean an increased attack surface for threat actors to exploit. As cloud-native technologies (Kubernetes) and containers become mainstream, CISOs will have to shift their focus from virtual machines to containerization, as the security aspects are different for both. Other crucial cloud security threats to look out for in 2022 include data breaches, misconfigurations, cloud account hijacking, insider threats, etc.
The rise of ransomware: The number of ransomware attacks continues to soar; in the first three quarters of 2021, the number of ransomware attacks recorded stood at about 495 million – a 148% year-to-date rise. What’s worse is that cybercriminals have started outsourcing ransomware operations. For instance, the ransomware as a Service (RAAS) model allows affiliates to utilize successful ransomware tools and utilities to carry out attacks. The affiliate owner earns a percentage of each successful ransomware payment. Conti, Avaddon, and REvil remain the top three ransomware groups targeting organisations around the globe. This trend is likely to continue in 2022, and it may not be surprising to see the number of ransomware attacks touching new heights.
Enterprises need to take note of these cybersecurity predictions for 2022 and beyond to develop stronger cyber resilience and ensure a safe digital environment for their potential customers, clientele, and employees.
Ramachandran, R., 2022. Top Cyber Security Predictions For 2022. [online] Entrepreneur. Available at: