IRVINE, Calif. — Netwrix recently released some key cybersecurity trends that will affect organizations in 2022.
With cyberattacks — especially ransomware — on the rise, IT teams and security professionals must be on alert as never before. Below, Ilia Sotnikov, vice president of user experience and security strategist at Netwrix, shares six predictions regarding cybersecurity.
- Legislation will increase as security incidents at private companies affect national security. The impact of ransomware and other cyberattacks is no longer limited to just the victim company anymore; attacks are now affecting entire regions. For instance, attacks on companies that supply food or fuel have led to empty shelves in supermarkets and long queues at gas stations. Therefore, we can expect that security requirements for private organizations in critical sectors to become tougher. In particular, notification rules will be affected, as governments need more visibility into the specifics of cyberattacks in order to improve legislation. In some cases, governments may opt to use proverbial carrots as well as sticks, such as tax breaks that reward organizations for investing in cyber defenses.
- Cyber insurance costs will increase, and policies will mandate higher security standards. With insurance payouts becoming both more frequent and more costly, the cost of cyber insurance has already skyrocketed: Prices rose 96% in the U.S. and 73% in the U.K. for the third quarter of 2021 compared to the same quarter in 2020. We expect continued increases in 2022. Moreover, insurance policies will require implementation of critical controls that reduce the risk of cybersecurity incidents. With attacks becoming increasingly common, insurance companies will pay in exceptional cases only.
- More attacks will target managed service providers (MSPs) as a path to infiltrate large enterprises or government agencies. Attackers have seized upon a very effective strategy for getting access to large organizations — through the relatively weaker IT infrastructures of small to medium-sized businesses (SMBs) that provide them with services. Accordingly, MSPs will need to increase both the breadth and depth of their security measures, since many SMBs rely upon them for their security.
- Quantum computing will begin to disrupt encryption. Most cryptographic algorithms today rely on the premise that there’s no processor sufficiently powerful to crack them in a reasonable timeframe — but quantum computing will allow such a processor to exist. While this technology is still far from any practical application, concern is growing. For example, the U.S. has announced export controls on eight Chinese quantum computing companies because of worries about China's ability to break encryption. As the technology matures, we can expect more widespread adoption of post-quantum encryption standards.
- Companies will need to address challenges in machine learning (ML). Well over half (59%) of large enterprises today are already using data science (DS) and ML. However, these techniques bring risks as well as benefits. ML algorithms are especially vulnerable in the learning phase because bad actors can poison the input in order to subvert the results, which can break critical processes and even put lives in danger in cases such as health care or traffic lights in a smart city. Organizations using ML must understand these threats and redouble their efforts to defend against them.
- Attackers will use residential home networks as their infrastructure. A home network is much easier to infect with malicious software than a professionally secured enterprise IT environment. With processing power and bandwidth connectivity in residences increasing, home networks will become more attractive to bad actors. For example, by infecting many devices, they will be able to change IP addresses or even domain names dynamically during malware campaigns, thwarting common defenses like IP blocking and DNS filtering. IT teams should keep this new threat vector in mind when reviewing their security strategies and incident response plans. Moreover, the IT industry should seek to increase user awareness and best practices adoption to reduce the number of easy victims.
“Prioritization is the only way for organizations to manage the risk of cyberattacks in this new era of advanced technologies that can be used for both good and evil,” Sotnikov said. “Simply put, organizations need to focus on securing their most important and valuable assets from the most likely incidents and update their policies regularly. It is increasingly obvious that cyber insurance is not a lifebuoy. Risk assessment is first and foremost our own responsibility.”