Top 10 cyber security trends and practices for 2022

2021 was a challenging year in the cybersecurity industry as the attack surface continues to grow, we take a look at 10 different cyber trends for 2022

With cybercriminals showing no signs of slowing down in their efforts to breach the networks of all kinds of businesses, 2022 is bound to be another eventful and challenging year from a security perspective. We take a look at 10 different cyber security trends for 2022. 
 

10.  Cyber hygiene 

Cyber hygiene refers to regular habits and practices regarding technology use, such as avoiding unprotected WiFi networks and implementing safeguards like a VPN or multi-factor authentication. 

Cyber hygiene helps reduce those vulnerabilities by identifying risks and deploying mechanisms and strategies to reduce or resolve them. By practicing cyber hygiene, organisations strengthen their security posture and can more effectively defend themselves against devastating breaches.
 

9. Growth in connected devices (IoT) and 5G network breaches

With the growing adoption of 5G technology that requires complex infrastructure overhaul, the adoption of software-based services and the continued connection to the Internet of literally “anything”, the perfect attack surface is being created for threat actors.

Service providers and IoT solution providers need to prepare themselves for any security gaps by adopting a zero-trust architecture.

 

8. Third party exposure 

Third party risk is the potential threat presented to organisations’ employee and customer data, financial information and operations from the organisation’s supply chain and other outside parties that provide products and/or services and have access to privileged systems. 

According to a 2021 workforce trends report, over 50% of businesses are more willing to hire freelancers as a result of the shift to remote work caused by COVID-19. The cybersecurity firm CyberArk reports that 96% of organisations grant these external parties access to critical systems, providing a potentially unprotected access route to their data for hackers to exploit.

 

7.  Shortage of cyber skills 

The move to remote work in response to the COVID-19 pandemic increased the workloads for skilled IT professionals, and combined with the rising rate of ransomware attacks, many security pros are suffering from burnout. 

The UK’s cyber skills shortage has surged by more than a third in the past 12 months, according to a report by global recruitment firm Harvey Nash. The study, which analysed the current state of the digital jobs shortage, found that cybersecurity is the most sought-after tech skill in the UK. Nearly half (43%) of the 823 UK digital leaders surveyed admitted they had a shortage in this area.
 

6. Social engineering

Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. 

It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.  In cybercrime, these “human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems. Attacks can happen online, in-person, and via other interactions.

 

5.  A focus on data protection 

All data that relates to an identifiable individual that business stores or handles need to be properly protected. Data protection is not just a legal necessity, but it is also crucial to protecting and maintaining a business.

2021 saw a coordinated effort by government agencies from different countries working together to combat known cybercrime groups who try to gain personal data. 
 

4. Increased digital supply chain risk

The growing connectivity of a supply chain also opens the door to increased cyber and data privacy risks. These risks arise because increasing interconnection means a growing attack surface and additional vulnerabilities that adverse actors can exploit.

According to the a ENISA report - Threat Landscape for Supply Chain Attacks, which analysed 24 recent attacks, strong security protection is no longer enough for organisations when attackers have already shifted their attention to suppliers.

 

3. Businesses will focus on employee security awareness training

As cyber risks continue to rise in the ever-changing digital landscape, cyber security training is the most effective way of educating employees on the risks they should avoid and the steps they should take if they are unsure about what to do in certain scenarios.

According to the IBM Cyber Security Intelligence Index Report, 95% of cyber security breaches are primarily caused by human error. Also, the Cost of a Data Breach Report 2020 by IBM stated that the average cost of cyber security breaches caused by human error stood at US$3.33mn.
 

2. Cloud security 

Cloud solutions have become essential for businesses with hybrid workforces looking to ensure that their employees can access vital resources from anywhere. 96% of cybersecurity professionals are already at least moderately concerned about public cloud security, according to the 2021 Cloud Security Report from (ISC).

New developments in cloud security include the adoption of “Zero Trust” cloud security architecture. Zero Trust systems are designed to function as though the network has already been compromised, implementing required verifications at every step and with every sign-in instead of granting sustained access to recognised devices or devices within the network perimeter. This style of security gained popularity in 2021 and is likely to see widespread adoption in the coming year.
 

1. Rise in ransomware 

Ransomware is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access. The European Union Agency for Cybersecurity has recently released information showing a 150% rise in ransomware in 2021 and expects that trend to continue in 2022. 

Ransomware has only become more sophisticated and more widely available over time. In fact, cybercriminals can now subscribe to “Ransomware-as-a-Service” providers, which allow users to deploy pre-developed ransomware tools to execute attacks in exchange for a percentage of all successful ransom payments. 

 

Share

Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security