2021 saw some of the largest and most influential cyber attacks to date. Leaders in cybersecurity have faced numerous challenges this year and are likely to experience unprecedented obstacles in the years to come.
Here are five cybersecurity predictions for 2022 and beyond:
1. Ransomware incidents will double, if not triple
Instead of working on their ransomware backup strategy, companies should focus on their cyber hygiene and endpoint detection and response strategy. Instead of focusing on the symptoms, companies should focus on the root causes.
As ransomware attacks increase, more companies are paying the ransom to retrieve precious data. Paying the ransom is not just a monetary decision – it is now an ethical dilemma where moral considerations are pitched against practicality. At the micro level, companies are not prepared for an attack and will likely conduct a cost-benefit analysis to decide whether they will pay. However, at the macro level, companies paying ransomware exacerbate and accelerate the problem by incentivizing future attacks. Until the incentive structure at the micro versus macro level aligns, companies will remain in a vicious ransomware cycle.
2. A pure OT attack is on the horizon
Moving forward, more and more supply chains will fall victim to ransomware attacks. Attackers will also likely target managed security providers and law firms, enabling them to attack the hundreds of clients they’re serving at the same time. Organizations regularly rely on third-party vendors to complement their business; however, many do not have uniform cybersecurity policies and practices. Many OT sites even have third party vendors regularly conducting maintenance via remote access technology, which creates exploitable weaknesses in the operations chain. As manufacturing supply chains become increasingly automated and rely heavily on remote access, leaders must focus on building out a multi-layer cybersecurity strategy that leads with cyber hygiene.
Securing remote access by implementing good cyber hygiene practices and processes is one of the most effective ways to ensure manufacturing organizations can protect themselves from future attacks. Many manufacturers lack visibility into their own IT and OT networks, meaning they cannot identify the remote access points in need of protection. These gaps in visibility are often tied to a commonly held yet false belief that investing in cybersecurity is too costly, will disrupt operations and can potentially delay product shipment within the supply chain.
As hackers become more sophisticated in their attacks, prevention should remain the priority for manufacturers. By creating a culture of cybersecurity and implementing the right policies (e.g., the principle of least privilege), manufacturing organizations can improve their standing within cyberspace. These policies should also include establishing a supply chain management program to ensure uniform cybersecurity practices with all contractors and third-party vendors.
3. Medical ecosystems will be a major target
As the pandemic increased pressure on healthcare, potential attackers identified the high ransomware value that healthcare systems can offer. Healthcare organizations have seen a material uptick in attacks, from hospitals to doctor’s offices and blood banks. That said, the attacks are unlikely to be carried out on actual medical systems or devices. Rather, attackers tend to target hospital billing systems, patient records and ERPs.
To protect their vulnerable IT systems, healthcare organizations should buy and deploy a strong identity-management solution that supports multi-factor authentication, segments their network to mitigate expansion opportunities post-breach and stays on top of upkeeping key systems, patching vulnerabilities where needed.
4. Hybrid work will further decrease organizations’ security
As more companies adopt a hybrid approach, technical security will increase while personal security will decrease. Since employees are working remotely, employee/employer relationships are turning transactional and devoid of trust. This may cause weaker employee buy-in to internal security training programs as employees experience a lack of ownership and personal responsibility in helping to secure their organizations. Especially as Gen Z enters the workforce, the increasingly common belief that governments should take primary responsibility for protecting data and a lack of company loyalty will negatively impact already existing privacy issues.
5. The role of the CISO will bring new challenges
Someone transitioning into the role of a deputy CISO in 2022 will need to understand all the skills and qualifications required. The domains typically overseen by CISOs – from security operations and identity management to risk and governance and regulatory and compliance issues – are now coupled with a wider range of responsibilities.
Companies have finally started putting more investment into security and risk management programs, meaning CISOs are now a part of the executive team and more frequently reporting on progress to other leaders. Since security issues are reaching the board level and many organizations still experience the same fundamental problems they faced five years ago, CFOs may soon demand a return on security investments. CISOs need to measure their current level of maturity, and identify their target level, and calculate a methodology to calculate how their policies, programs, and activities enable them to meet the company’s bottom line. As cybersecurity becomes more widely accepted across the executive and board level, CISOs will face a more complex range of responsibilities and pressure to protect their company from emerging threats.