Chris Berry, CTO and GM of security solutions at PDI Software, says in 2022 we will continue to see the proliferation of ransomware hitting all sizes of businesses.聽
鈥淗owever, we鈥檒l also see an escalation of the ransomware attack model with extortionware,鈥 he says. 鈥淲ith more businesses maintaining secure backups to avoid paying a ransom to unlock encrypted data, cybercriminals are now threatening to publicly expose sensitive data.
鈥淒oing so can cause significant business risk, especially when the blast radius extends to customer, partner, or vendor data. That鈥檚 why it鈥檚 so important to make sure you鈥檙e preventing threats by securing your perimeter. But you also need the capabilities to detect potential threats and respond in real time if you suspect you鈥檝e been breached.聽
鈥淯nfortunately, a large number of businesses still aren鈥檛 adequately protected against today鈥檚 sophisticated threat landscape.鈥澛
Richard Walters, CTO at Censornet, adds: 鈥淩ansomware has shifted from聽targeting聽large organisations to mid-market organisations over recent years. This is a clear signal that ransomware will continue to permeate聽our society.聽
鈥淭he next cause for concern will be when ransoms are聽demanded to keep 鈥極perational Technology鈥 (OT) operational 鈥 a hospital medicine dispensing machine or a power plant, for example.鈥
Agility will be key to countering growing zero-day exploits and ransomware attacks, argues Andy Green, CISO at Gemserv.
鈥2021 saw almost double the number of zero-day exploits compared to 2020, and the highest number ever on record,鈥 he says.
鈥淎nother trend that is almost certain to continue is the evolution and prevalence of ransomware attacks. 2021 saw exponential growth in ransomware and this is set to continue well into 2022.聽
鈥淢ulti-staged attack chains will become more prevalent in the delivery of ransomware, for example phishing attacks, leading to malware loaders, to secondary loaders and information stealers and onto ransomware.聽
鈥淚n the face of this increased number of infections and ransoms, we can expect to see cyber insurance premiums continue to surge 鈥 we saw increases of over 50% last year as insurers seek to keep pace with the claims.聽
鈥淥verall, the key maxim in security for 2022 will be agility. Ensuring agile security strategies are in place that allow for your organisation to adapt and respond to the uncertain year ahead will be paramount.鈥澛
Brian Murphy, CEO and founder of ReliaQuest, warns of the cybersecurity skills gap.
鈥淚f this past year taught us anything, it鈥檚 that cyber attacks are only increasing, so it鈥檚 paramount that organisations have the best talent to prevent and address these breaches when they occur.聽
鈥淚n 2022, the industry will need to make substantial progress in addressing the cybersecurity skills gap as efforts thus far haven鈥檛 shown the progress we need to properly address increasing threats.聽
鈥淲hile it鈥檚 great to see the efforts of the private sector prioritise training in cyber skills, and making cyber awareness training accessible to everyone, I hope, and expect, the industry will direct more of its efforts into tackling the broader skills transfer issue.聽
鈥淭here are plenty of people ready to raise their hand and help with this ongoing problem, but we need to better equip them with the right skills. I hope to see more companies in the new year investing in meaningful skills initiatives, like Microsoft鈥檚 work with community colleges and ReliaQuest鈥檚 work with 3DE high schoolers.鈥
Zoom CISO Jason Lee says more companies will drive to adopt the Zero Trust security model as a result of the shift to hybrid working.聽
鈥淐onversations around protecting the hybrid workforce from risk will lead security professionals to adopt modern tools and technologies, like multi-factor authentication and the Zero Trust approach to security. I believe that companies need these tools to make sure their employees can get work done as safely as possible from wherever they are – commuting, traveling, or working from home – and that all of their endpoints are secured with continual checks in place.鈥
He adds: 鈥淭he security hiring boom will continue. We know that cybersecurity professionals are a hot commodity across industries, due to more available jobs than trained applicants.
鈥淎t Zoom, we expect to continue to hire highly-qualified security professionals throughout 2022. I believe we鈥檒l see the cybersecurity talent pool grow as more professionals choose to enter the field due to increased demand and in many cases, the ability to work from anywhere.鈥
Steve Harrington, MD of EMEA at Aryaka, adds: 鈥淎s we head into 2022, cybersecurity cannot be thought of without considering the wider network. Even more so, enterprise leaders need the reassurance of a secure network, while they come to grips with a majority workforce that is outside the traditional office.聽
鈥淗ybrid workplace environments demand the right kind of connectivity and security technologies so employees can remain productive and able to collaborate. This is already disrupting聽 the status quo of legacy telco managed technologies and complex do-it-yourself solutions.
鈥Although it is promising to see EU ministers and large investments being used to alleviate the pains of dispersed and changing work environments, there is clearly still a long way to go.鈥