A Cybersecurity Ventures report states that cybercrime will cost the world $10.5 trillion annually by 2025. Closer to home, what will cybersecurity look like in 2022? We’ve asked around and compiled a list of trends we can expect to see next year.
Infosecurity Europe’s CISO community says that, “use of deep fake tech, social engineering to target CNI, and exploiting third parties will all rise in 2022”.
As cyber criminals become increasingly savvy with their methods of attack, consumers and businesses will need to stay one step ahead. Online research and education, alongside security software and updates, are key to staying safe.
New ways to monetise attacks
Believe it or not, disruption is only one objective for ransomware, malware and phishing attacks. In fact, there’s also a lot of money to be made in cybercrime.
“Criminals are busy exploring alternative means of monetisation,” says Rik Ferguson, Vice President of Security Research, Trend Micro. “The act of encrypting data and denying the owner access to it is actually a minor way of making money. Criminals will focus on their secondary and tertiary means of extorting money – for example threatening to release data for public exposure, contacting people who are a part of the data set and trying to exploit them, or piling denial of service attacks on top of encryption”.
With this in mind, we might expect to see new data protection measures coming into play. Big businesses in particular will need to ramp up their cybersecurity software to detect and prevent any attacks.
Moving targets
Another trend that experts expect to see next year is targeting of victims through third party relationships. Apparently, this will be particularly threatening for companies who use third party providers to manage their customer data.
Paul McKay, Principal Analyst at Forrester says, “we’ll see organisations transfer third-party risks by embedding policies in contracts stipulating that the partner assumes the risk of an intruder jumping from its environment to the organisation’s.”
This may lead to new contracts and even legislation around third party data protection. Every company should take measures to safeguard their client data (and indeed their own business data). But this will become even more important if experts’ predictions materialise and we see more cybercrime targeting companies who use third parties.
An even bigger threat to companies will be from their own employees. Increasingly, experts say, companies may unknowingly hire candidates who have been planted by cybercriminals to target critical national infrastructure.
Threats on mobile
Most of us have our mobile phones with us almost all the time. But, according to experts, the future of cybersecurity depends on safe and responsible mobile phone use.
An article by Forbes explains that, “mobile security threats encompass a variety of security threats that affect mobile devices. They include: app-based threats (malicious apps), web-based threats (phishing), network threats (free Wi-Fi), physical threats (no PIN or biometric authentication). To prevent these threats, you need to introduce additional levels of security to increase the overall security of your devices”.
The Forbes article also includes a list of tips to stay safe when using your mobile. A few of their tips include;
- avoid using free WiFi on your mobile phone
- never create passwords or accounts whilst using free Wifi on any device
- always lock your phone with a password
- only download apps from official stores like the IOS app store and Android’s Google Play store
There are plenty of other measures that individuals can take to protect themselves and their employers when using their mobile phone.
It also helps if companies invest in cybersecurity training and awareness for their staff. Some companies are even posting a ‘cybersecurity manager’ to act as a champion and advisor to employees.
Senior level involvement
Independent researcher David Edwards believes that cybersecurity will attract more senior leadership attention in the coming year. He says: “I think we’ll see an increase in boards taking more interest in cyber risk as spend increase”.
We may also see more government involvement as cybercrime continues to threaten large businesses and organisations in the public sector. The NCSC website already has many tips on their website for public sector employees to help them stay safe online. Public sector organisations are also encouraged by the NCSC to undertake cybersecurity drills to plan, deliver and review their response to cybercrime attacks.
Infosec conference – 2022
The conference programme at Infosecurity Europe 2022 will feature presentations, talks and workshops from some of the industry’s thought leaders. It’s a chance to connect with other professionals and get support and advice about how to keep your organisation safe online.
Infosecurity Europe will run from Tuesday 21 to Thursday 23 June 2022 at ExCeL London. Full details about the exhibition and conference programme will be released on the website in the coming months.
About Origin Comms
As digitally dependent devices grow exponentially, the cybersecurity stakes have never been higher. That’s why it’s essential that you have the information to protect your business from cybersecurity threats that exist now, and prepare for possible threats in the future.
At Origin Communications, everyone in our team is senior director level. We have decades worth of experience in the cybersecurity industry, working with some of the biggest companies in this space. We are proud to have continuously provided PR and digital marketing support to the Infosecurity Europe team – Europe’s number one cybersecurity event.
Get in touch to discuss your cybersecurity PR needs or to find out more about the Infosec conference 2022.