Seven trends in digital security for 2022
With advanced tools, a more significant number of attacks like ransomware, cybercriminals will continue to increase their pressure on companies from different sectors, impacting supply chains and suppliers over the next year. A situation that foresees an increase in budgets for cybersecurity and a commitment to technological solutions such as Machine Learning or Artificial Intelligence. But, with the challenge of facing the lack of qualified and specialized personnel in cybersecurity. According to Factum IT experts, these are the most relevant cybersecurity trends that are expected for next year.
1. Large number and sophistication of attacks
The time required to carry out cyber attacks will be reduced due to advanced software. The preferred targets will continue to be critical sectors, such as industry, transport, health, education, and government.
The gateways will also multiply, and it will be more common to see attacks originating from the mobile devices of customers and employees and through service provider companies, especially those related to cloud services. And the main actors of cybercrime will continue to be criminal groups, lone wolves, hacktivists, and the Nation States.
Similarly, security will still not be a significant component of technological innovation; Therefore, new attack vectors are expected to be experimented with through new insecure technologies.
2. Ransomware, the leading cause for security breach
This variant of attack has become an emerging business for cybercriminals. Therefore, the presence and sophistication of their attacks will be further highlighted, coupled with the concept of ransom as a Service, which will begin to appear. Businesses and individuals should expect further personalization of ransom, involving more and more assets from essential sectors.
“The impact of ransom on a company can lead it to disappear or suffer severe economic, operational or reputational damage. Like any other threat, it must be studied in each particular case, depending on each sector, the specific business, the size of the company, and its technological complexity. Generic measures have limited effectiveness”, explains José Antonio Castro, director of the strategy at Factum IT.
In 2022, there will be a more significant trend towards the design of adequate protection, monitoring, response, and restoration against ransom the analysis and implementation of appropriate solutions for each company.
3. Shift your focus on supply chains
More and more companies are involved in the processes and activities that make up the value chain, forming an essential part of their activity. Therefore, during 2022 we will see an increase in the impacts caused by security incidents in companies’ supply chains and suppliers. Whether due to their direct or indirect operational implications or because they are used as a blind entry point for attacks, it is foreseeable that attacks on cybersecurity service providers may occur.
Risk management in the supply chain will become a crucial aspect in companies. For this reason, we will see an increase in the information required from third parties and a greater professionalization of risk management processes, supported by sectoral increases in regulation in this area.
4. Need cybersecurity budget
Cybersecurity has been placed on companies’ radar, and a high percentage of them will invest more in cybersecurity in 2022, even with double-digit increases.
It is foreseeable that many companies have risk decision-making tools based on data and indicators that measure their efficiency and effectiveness. Similarly, adopting a holistic approach to risk management will be more common, and an increase in specialized advice in this area is expected, as well as an increase in technical cybersecurity engineering services, which allow the design, implementation, configuration, and operation of the appropriate security solutions.
5. Companies will be Looking for cybersecurity talent
2022 will be a challenging year for the search for cybersecurity talent. The accelerated digital transformation and the massive adoption of the Cloud, or the maintenance of teleworking, are tremendous post-pandemic digital challenges. The availability of a larger budget to protect companies will put pressure on the job market specialized in cybersecurity. An increase in managed cybersecurity services is expected, as well as an increase in the use of tools that allow IT, professionals, to reconvert to cybersecurity (upskilling and reskilling). Companies’ talent retention strategies will play a determining role, as well as the ability to offer cybersecurity professionals a structured and ambitious project that allows them to develop personally and professionally.
6. Machine Learning and Artificial Intelligence will be the next step
The use of Machine Learning and Artificial Intelligence will be a double-edged sword. On the one hand, their use will intensify in 2022 to defend organizations, and they will become essential technologies to provide advanced monitoring capabilities, improve network security and reduce response times in the event of an attack.
On the other hand, cybercriminals will also increase the use of these technologies to carry out their attacks, which will be much more advanced and will allow them to find weak points in IT and security systems much faster.
For this reason, a leap forward in the capabilities of security operations centers is expected in 2022, whether they are their own, hybrid or as a managed service, extending coverage and improving attack detection with Machine Learning and AI. For this reason, the number of companies that contract Managed Detection and Response (MDR) services, which provide tools and capabilities, will increase significantly.
7. The human factor will once again be decisive
The human factor will continue to be the weakest link in cyber vulnerabilities, something particularly critical in a remote work environment, which has opened new avenues for more sophisticated attacks. For this reason, during the following year, there will be an increase in aggression, whose entry vector is the company’s own employees.
Education and training of employees and customers and the digital society in general on cybersecurity best practices will increase. Governments, companies, and individuals will make an effort to spread the risks and prevention in cybersecurity. More online training will be used, and companies will begin to make cybersecurity training mandatory for their employees and carry out attack simulation exercises.
More In Technology