Top companies lose $2.9 million to cybercrime every minute, and pay $25 per minute due to cybersecurity breaches, according to RiskIQ. DDOS attacks on websites are expected to grow to 15.4 million by 2023, more than double the 7.9 million in 2018, according to Cisco.
All this indicates why cybersecurity protection is important. In fact, Google recently acquired an Israeli cybersecurity company for $500 million to increase its own safety, according to The Street.
One of the best ways to protect against cybercriminals is by identifying trends before they happen. Relying on a variety of sources, here is a look at what is likely to be the top 4 trends in cybersecurity for 2022.
4 Top Cybersecurity Trends for 2022
While malware, ransomware, data breaches, phishing, and compromised passwords will continue to be entry points for attackers, some computer security trends are on the horizon that companies and individuals need to prepare for.
1. New Targets for Attack
Banks, e-commerce, and databases will continue to be attacked, but experts expect a few new targets in 2022.
- Critical infrastructure – Major critical systems such as the Colonial Pipeline (which was hacked in May 2021) will continue to attract the attention of cyberattackers, according to Toolbox.com. These targets are particularly lucrative targets for ransomware and other attacks due to their role in the provision of basic services.
- Digital assets – Cryptocurrencies and non-fungible tokens, or NFTs, will become greater targets of attack as their use continues to grow, according to ZDNet.
- Higher education – Cybercriminals are targeting students due partly to the growth of online learning. Compromises of student data are considered to be the most prevalent cybersecurity trend in higher education, the Stefanini Group says.
- Online gambling – Sports betting is being legalized in more states, which most certainly will bring more phishing scams targeting online gamblers, especially those who are new to online betting, according to an Experian study cited on BusinessWire.
- Supply chain – The pandemic has already exposed vulnerabilities in the supply chain, and the likelihood of cyberattacks is growing, the Stefanini Group says. Ransomware attacks are seen as possible in the coming year.
2. New Types of Attacks
Phishing attacks have been around a long time, and they’ll likely remain the favorite tactic of cybercriminals. Social engineering is the top cause of breaches, and a report from Verizon says 85% of attacks involved a human element, such as responding to a scam email or clicking on a link.
But these attacks are getting more sophisticated. The phishing emails and malicious URLs are more specific, personalized, and geo-targeted. In particular, due to remote work, cybercrime has gone up 600%, according to PurpleSec. Expect these types of attacks to grow in 2022.
Also, more attackers are focusing on mobile users, exploiting their vulnerabilities to access other platforms. Because mobile users access banking, communication, hotel reservations, and shopping, cybercriminals view them as an easy target.
3. New Tactics in Security
Because more workers are connecting remotely, the risks of breaches are growing. A survey by HP indicated that 70% of workers have used their work devices for personal tasks, and 69% use their personal devices for work. Also 30% allowed other people to use their work device. According to IBM, remote work has increased the average cost of a data breach by $137,000.
Remote workers will continue to be targeted by data thieves looking for a way into larger companies. More companies are likely to adopt what’s called the “assume breach” mindset. That means not trusting anything on or off the company network. That refocusing will encourage businesses to emphasize compliance with security policies, including how to spot a phishing attempt or how to respond to ransomware.
To combat attacks, more companies also will be looking at security linked to artificial intelligence. Machine learning is more proactive and doesn’t rely so heavily on workers. It makes robust cybersecurity protocols easier to employ and more effective. It also can anticipate and respond to attacks quickly.
4. New Regulations to Come
Governments will continue to attempt to tighten cybersecurity. By the end of 2023, modern privacy laws will cover the personal digital information of 75% of the world’s population, according to Gartner. Also, 30% of the world’s governments are expected to pass legislation to regulate ransomware payments, fines, and negotiations by the end of 2025. This will require businesses to adapt and deploy new security.
Among the expected regulations in 2022, according to Security Magazine:
- Organizations will have to demonstrate a high level of cybersecurity to obtain cyberinsurance coverage. This could be a challenge, as more than 77% of organizations do not have a cybersecurity incident response plan, according to Cybint.
- New cryptocurrency regulation in several countries will discourage ransomware by most groups save the bigger gangs who typically target larger organizations. A study by Symantec caught a huge 163% spike in cryptojacking, which is the unauthorized use of a computer to mine cryptocurrency.
- Ransomware cost an estimated $6 trillion in 2021, according to PurpleSec. disclosure laws are likely to get pushback for private companies. To counter this, the list of organizations that should not be paid ransom will likely increase greatly.
- SEC penalties for lack of transparency will extend beyond incident disclosure to include basic vulnerabilities.
Grow Your Cybersecurity Career at Purdue Global
Purdue University Global offers flexible online programs in IT and cybersecurity. You can study on your own time, on any connected device, and continue to work while you go to school. Request more information today.