Subscribe

Six cyber security trends to be aware of in 2022

The upcoming year will be about increases: in legislation, security standards, ransomware attacks and technology risks.

Johannesburg, 26 Jan 2022

Netwrix, a cyber security vendor that makes data security easy, today released key cyber security trends that will affect organisations in 2022.

With cyber attacks – especially ransomware – on the rise, IT teams and security professionals must be on the alert as never before. Here are six specific predictions from Ilia Sotnikov, cyber security expert and VP of User Experience & Security Strategist at Netwrix:

1. Legislation will increase as security incidents at private companies affect national security. The impact of ransomware and other cyber attacks is no longer limited to just the victim company anymore; attacks are now affecting entire regions. For instance, attacks on companies that supply food or fuel have led to empty shelves in supermarkets and long queues at gas stations. Therefore, we can expect that security requirements for private organisations in critical sectors will become tougher. In particular, notification rules will be affected, as governments need more visibility into the specifics of cyber attacks in order to improve legislation. In some cases, governments may opt to use proverbial carrots as well as sticks, such as tax breaks that reward organisations for investing in cyber defences.

2. Cyber insurance costs will increase and policies will mandate higher security standards. With insurance payouts becoming both more frequent and more costly, the cost of cyber insurance has already skyrocketed: prices rose 96% in the US and 73% in the UK for the third quarter of 2021 compared to the same quarter last year. We expect continued increases in 2022. Moreover, insurance policies will require implementation of critical controls that reduce the risk of cyber security incidents. With attacks becoming increasingly common, insurance companies will pay in exceptional cases only.

3. More attacks will target MSPs as a path to infiltrate large enterprises or government agencies. Attackers have seized on a very effective strategy for getting access to large organisations – through the relatively weaker IT infrastructures of SMEs that provide them with services. Accordingly, managed service providers (MSPs) will need to increase both the breadth and depth of their security measures, since many SMEs rely on them in their security.

4. Quantum computing will begin to disrupt encryption. Most cryptographic algorithms today rely on the premise that there’s no processor sufficiently powerful to crack them in a reasonable timeframe – but quantum computing will allow such a processor to exist. While this technology is still far from any practical application, concern is growing. For example, the US has announced export controls on eight Chinese quantum computing companies because of worries about China's ability to break encryption. As the technology matures, we can expect more widespread adoption of post-quantum encryption standards.

5. Companies will need to address challenges in machine learning. Well over half (59%) of large enterprises today are already using data science (DS) and machine learning (ML). However, these techniques bring risks as well as benefits. ML algorithms are especially vulnerable in the learning phase because bad actors can poison the input in order to subvert the results, which can break critical processes and even put lives in danger in cases such as healthcare or traffic lights in a smart city. Organisations using ML must understand these threats and redouble their efforts to defend against them.

6. Attackers will use residential home networks as their infrastructure. A home network is much easier to infect with malicious software than a professionally secured enterprise IT environment. With processing power and bandwidth connectivity in residences increasing, home networks will become more attractive to bad actors. For example, by infecting many devices, they will be able to change IP addresses or even domain names dynamically during malware campaigns, thwarting common defences like IP blocking and DNS filtering. IT teams should keep this new threat vector in mind when reviewing their security strategies and incident response plans. Moreover, the IT industry should seek to increase user awareness and best practice adoption to reduce the number of easy victims.

Prioritisation is the only way for organisations to manage the risk of cyber attacks in this new era of advanced technologies that can be used for both good and evil. Simply put, organisations need to focus on securing their most important and valuable assets from the most likely incidents, and update their policies regularly. It is increasingly obvious that cyber insurance is not a life buoy. Risk assessment is first and foremost our own responsibility. Ilia Sotnikov, VP of User Experience & Security Strategist at Netwrix

Source: https://www.netwrix.com/six_cybersecurity_trends_to_be_aware_of_in_2022.html

Share

Netwrix Corporation

Netwrix makes data security easy thereby simplifying how professionals can control sensitive, regulated and business-critical data, regardless of where it resides. More than 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.

Founded in 2006, Netwrix has earned more than 150 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S.

For more information, visit www.netwrix.com.

Private Protocol

Private Protocol is a specialized IT security distributor offering next generation solutions and has a distributed partner channel covering Africa and the Indian Ocean Islands. Private Protocol provides product bundles and strategies to assist organizations with both international and government data security ACTS and regulations. Areas covered range from mobile, data collaboration, secure messaging, O365 security, on-premises and cloud security, data classification, data discovery, file security, vulnerability management and threat assessment and zero trust security. Private Protocol also offers technical services to assist resellers and customers with their projects. For more information, visit: www.privateprotocol.com.

Marketing Contact:

Nicki Munnik
Private Protocol
nickim@privateprotocol.com

Editorial contacts