Acmetek - Blog

FEBRUARY 22, 2022

2022 Cybersecurity Predictions

Cyber security is a rapidly evolving field. It can be challenging to know what will happen tomorrow, even more so next year. In the past two years, virtually all of us have experimented with telecommuting, making the home office a constant. As a result, companies closed their offices and asked their staff to work from home. While technological advancements have helped enable employees to perform their tasks anywhere and anytime, it is also causing a significant upheaval in the security and threat landscape.

They have become one of the main threats as cybercriminals search for ever more efficient ways to make a profit. These criminals are increasingly devious, even when ransom demands explode. They now have access to inexpensive hacking tools and have a wider choice of options regarding their attack mode and targets. For example, nobody saw the SolarWinds attack coming in December 2020. Similarly, the Apache Log4j error surprised many people in December 2021, on the eve of the holiday season.

To what extent will ransomware assert itself as the preferred method of attack? In the 2021 State of Ransomware Survey and Report, 64% of participants admitted having been the victim of a ransomware attack in the past 12 months. Even more troubling, 83% of attacked companies felt pressured to pay the ransom to restore their data. The good news is that 72% have seen their cybersecurity budget increase as a result of these threats, and 93% are earmarking a specific portion of it for fighting ransomware.

As a consolation, it is possible to take stock of the recent past to find out what to prepare for. Acmetek has thought long and hard to develop its cybersecurity forecast for 2022. Here are 8 of them for the next 12 months

2022 CyberSecurity Predictions

VMC certificates will improve the email marketing

Faced with fierce competition, marketers can now count on new technologies to succeed. In addition to this trend, we believe that VMC certificates will become increasingly important in image and trust in companies' marketing arsenal.

Developed as part of the BIMI project, these certificates validate the authenticity and compliance of a message with the DMARC protocol by displaying the verified logo of the company in the recipient's email, even before the recipient opens the message.

With this innovation, marketers are doing a double job: they optimize their branding and boost their open rates (up to 10%) while demonstrating their seriousness on personal data protection and IT security issues.

Trust and the validation of identities will improve business processes.

In all sectors of activity, companies have embarked on major digital transformation projects, and the trend is accelerating. According to research, the global digital transformation market is expected to register an average annual growth rate (CAGR) of 24% between 2021 and 2028.

With the spread of digital signatures, the stakes are increasing considerably. We anticipate increased workflows associated with digital signatures in sectors as diverse as financial services, real estate, health, and education. Electronic signatures are also proving particularly useful for integrating teleworkers and supporting them in their missions with the advent of hybrid work.

Identity and trust are pillars of IoT and other emerging technologies. Trust is now more important than ever for the IoT and other application areas with a powerful data component. Patient health monitors, industrial control devices, home security systems, sensors onboard vehicles all of these critical use cases must be able to rely on the integrity of their data in real-time. Under these conditions, the accelerated adoption of 5G is expected to converge with IoT applications, translating into a surge in attacks. Faced with these challenges, PKI remains a robust and proven method for ensuring trust within IoT environments.

Threats will still continue.

Last year, the pandemic situation was directly related to the security threat. But when the pandemic seems to decrease the threats gradually, it has generated a rise. Contactless payments in airports, shops, restaurants, and other public spaces are more vulnerable to cyber-attacks. As for electronic identification, particularly in the context of driving licenses and medical records, will undoubtedly open a new front for hackers.

Organizations will be keen to establish a safety culture.

The management teams will encourage the emergence of a culture of cybersecurity within their organization. The increase in employee awareness initiatives evidences this. The objective here is to help managers test their decision-making skills in a significant cybersecurity crisis. Because there is no doubt that cybercriminals will continue to innovate and develop ever more complex and insidious threats, to cope, leaders will need to make firm commitments and establish effective communication at all levels.

Automation will strengthen cybersecurity.

As business continuity and profitability dominate the agenda for companies, the effectiveness of security technologies will become crucial for them. Thus, the year 2022 will give pride of place to technologies that will increase productivity, propelling automation to security. According to a recent DigiCert survey, companies are aware of this because 91% plan to automate PKI certificates' management. At the same time, AI and ML will remain strategic drivers of this automation.

Challenges of cloud sovereignty will create new security requirements.

With the emergence of multi-cloud, traditional perimeter-based security approaches are reaching their limits. Thus, cybersecurity challenges are expected to become even more complex - especially as companies deploy cloud solutions increasingly subject to local regulations and jurisdiction. In these circumstances, sovereignty checks are primarily intended to protect sensitive and private data and ensure that their owners retain control of their data in the cloud.

Post-quantum computing will shift the lines in terms of security.

According to a DigiCert survey, 71% of IT decision-makers believe quantum computers will overcome existing encryption algorithms by 2025. Therefore, security services will have no choice but to rethink their security around post-quantum cryptography, the only way to consolidate their defenses and reduce the risk of compromise. The year 2022 should mark a significant turning point in PQC, with the expected announcement from NIST as to the standard that will succeed the RSA and ECC encryption algorithms in 2022.

Supply chain, ransomware, cyberterrorism threats will intensify.

Vulnerabilities multiply as the complexity of the supply chain increases. Under these conditions, the increased complexity of development and supply chain processes extends the attack surface. But solutions do exist. Raising awareness of the dangers of sharing keys, inspecting the code at every development phase, and preventing any tampering after signing are all measures for code protection.

Conclusion:

Cyberterrorism will still be emulated. Following the attacks on Colonial Pipeline and the Oldsmar wastewater treatment facility in Florida, we have seen the potential of cyberterrorists. This clearly shows that the threats continue to grow and reminds us how the imagination of attackers knows almost no limits.

Ransomware will gain further ground. Health, technology, automotive, NBA in 2021, no sector has escaped ransomware. Moreover, like the cyberterrorism threat, this type of attack often receives significant media coverage, encouraging notoriety hungry cybercriminals. According to our forecasts, ransomware will therefore continue its irresistible rise, driven by the democratization of cryptocurrencies and the difficulty of tracking ransom payments outside the banking system.

USA Office
6735 Salt Cedar Way,
Building 1, Suite 379,  Frisco,
TX75034.
707 Alexander Rd,
Princeton,
New Jersey 08540

© 2021 Acmetek All Right Reserved. Legal | Terms of Use | Privacy Policy

apac Office
Ace Krishna Prime,
304, Road No.1,
Lakshmi Nagar Colony,
Kothapet, Hyderabad-500035,
India.
INC 5000
Newsletter sign up
Signup to receive cybersecurity updates
>