Light Dark
January 19, 2022 By Jennifer Gregory 5 min read
Zero Trust
Incident Response
Security Services

After the challenging year of 2021, we look forward to what’s next in 2022. Over the past two years, we’ve seen a tremendous shift in how consumers and businesses accomplish tasks with the continued shift to digital and cloud. As a result of disappearing perimeters and increased digital data, cybersecurity attacks have, not surprisingly, increased. How did cybersecurity trends change in 2021, and what will they do in 2022?

In 2022, we will continue to see the cybersecurity landscape evolve. To help you get ready for what’s ahead, we talked to four experts at IBM X-Force to get their predictions about what to expect in 2022 in terms of cybersecurity.

 Nick Rossmann, Former Global Threat Intelligence Lead at IBM X-Force

One Business’s Ransomware Attack Will Become Another Business’s Extortion

Ransomware attacks will become more relentless in their quest to scale up revenue and do so fast. In 2022, we will start seeing more and more triple extortion ransomware, which is when a ransomware attack experienced by one business becomes an extortion threat for its business partner. Ransomware attackers won’t stop at extorting the victim organization for ransom. Instead, they will also extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption.

Supply Chain Attacks Will Become a Top Boardroom Concern

In 2021, the world felt the brunt of supply chain bottlenecks due to COVID-19 restrictions. Cyber criminals recognize this and will seek to capitalize on our heavy reliance on supply chains, both on a consumer and enterprise level. Supply chains have many blind spots or cracks that attackers can take advantage of. Ransomware attacks will be a threat, not only to companies as individual entities but to their supply chains as a whole, making these types of attacks a top concern for the board.

We Are Closer to Becoming Our Own Passwords

The surge of cyberattacks coupled with the massive expansion of online accounts is creating a recipe for continuous disruption if we consider consumers’ current weak password practices. Weak passwords serve as a pathway to breaches, which then lead to new compromised passwords for attackers to use to execute another attack, creating a vicious cycle.

The maturation of artificial intelligence and biometric technology will present more and more options for consumers to rely on alternative forms of authentication to access their accounts. We’re already seeing this with Face ID, fingerprints or other forms of biometric authentication becoming a more common option from providers. Realistically, consumers can’t rely on remembering or managing 20+ different passwords, and many don’t use password managers. It’ll come down to convenience, and as more convenient forms of authentication become more secure, we will see more adoption.

Blockchain Will Become a Cyber Crime Hideout

With enterprises and consumers increasingly relying on blockchain for their supply chain management, digital transactions or even NFTs, we’ll begin to see attackers too turn to its legitimate use to stay under the radar for longer. In 2022, we’ll see blockchain become a more common tool used by cyber criminals to obfuscate their malicious traffic, avoid detection and extend attackers’ stealth, making it increasingly harder for defenders to discern malicious activity on the network.

Hybrid Cloud Will Win Security Points

With attackers’ focus now extending to cloud environments, amid the rise of Linux-based malware and container targeting, we will begin to see more companies opting to spread their data across multiple environments. Recognizing that not all data should reside on-premises or in clouds, businesses will shift more toward a hybrid cloud approach that can allow them to better manage and protect their data, placing proper security controls around critical data.

Charles Henderson, Head of IBM X-Force

Cybersecurity Regulation Will Lead to Bigger Security Budgets

For years, chief information officers and chief information security officers have been advocating for more security resources, often to no avail. But the growing momentum in government around security mandates will force businesses to allocate more resources to security in the coming years. In 2022, we will see security budgets recover and grow, amid businesses’ fear of regulatory fines and setbacks if mandatory security requirements aren’t met.

Regional Regulatory Solutions Will Lead to Global Business Problems

As governments around the world double down on cybersecurity regulations, businesses will need to navigate conflicting government expectations. While security mandates are an important step in creating a baseline cyber resilience standard, the regional nature of regulations will create adherence challenges to global businesses faced with conflicting security requirements. Not only will we begin to see organizations struggle to be compliant, but we will also inadvertently see mandates struggle to be effective.

Zero Tolerance for Trust Will Redefine the State of Security

More and more businesses are realizing that to build customer trust they must establish zero tolerance for trust in their security strategy. In 2022, we will start to see government and private industry scrutinize their trusted relationships more, and re-evaluate the ‘who, what, why’ regarding access to their data. Not only will we start seeing more auditing of user access, but application access to data as well.

Laurance Dine, Global Partner, IBM X-Force Incident Response

Ransomware Syndicate Takedowns Will Shift Attackers’ Target Focus

Law enforcement activation and government actions are putting pressure on ransomware syndicates. With recent ransomware group takedowns and indictments showing the full power and effect that law enforcement can have, in 2022 we will see cyber criminal groups shift more of their targeting to regions that do not have the security resources, defenses and government cyber strategy to stop them, observing an increase in attacks. Conversely, nations such as the US or UK may see a decrease in cyber crime incidents, amid attackers’ fears of drawing attention that places them at the center of law enforcement’s target scope.

High Number of Breaches in Early 2022

Over the holidays, organizations worldwide slowed down and many found themselves in environment transitions, with some returning to pre-pandemic in-office models and others extending their hybrid workforce. These distractions create opportunities for cyber criminals to infiltrate networks without raising suspicions. As 2022 continues on, we will see breach disclosures and cyberattacks with initial compromise tracking back to early in the year.

Limor Kessem, Executive Security Advisor, IBM Security

Cloud-Bound Malware and Attacks Will Proliferate Considerably

Cloud will become the battleground for all types of attacks. With malware developers all racing to program in cross-platform languages, target Linux-based machines and opting for new and less familiar programming languages, the cloud is where everyone is going. It is not new that cyber criminals follow the crowds, but it is going to be more significant than ever in 2022.

Triple Extortion: The DDoS Flavor

Extortion is about pressure, and pressure is about leverage. In 2022, we are bound to see more pressure tactics applied by ransomware gangs, including encryption, data hostage situations and direct denial of service (DDoS) attacks. Any tactic that can paralyze operations will hasten the possibility of payment. But, with government efforts around limiting payment to ransomware gangs, and sanctioning cryptocurrency changes that facilitate it, companies may find themselves in a new situation. Unable to pay the ransom and looking to response operations, this can put disaster recovery – from all aspects – front and center of ransomware incident response.

Sanctioned Nation-States Will Step Up Financial Attacks

With increasing sanctions on adversarial nation-states in 2021, the pressure on economically restricted countries will grow and give rise to more financially motivated attacks by advanced persistent threat groups.

All of the predictions from our experts point to the same theme – the increase in digital transformation and remote/hybrid work has changed both how attacks happen and how organizations can reduce their vulnerabilities. Organizations that continue using the same cybersecurity processes and tools are likely to struggle to keep their organizations. By proactively moving to a zero trust approach, organizations can build a strategy that works for whatever 2022 and the future hold for us.

 |  |  |  |  | 
Jennifer Gregory
Cybersecurity Writer

More from Zero Trust
October 5, 2023

Does your security program suffer from piecemeal detection and response?

4 min read - Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of taking automated responses on the endpoint Anomaly detection in silos (e.g., network separate from identity) If any of these symptoms resonate with your organization, it's…

April 27, 2023

Zero trust data security: It’s time to make the shift

4 min read - How do you secure something that no longer exists? With the rapid expansion of hybrid-remote work, IoT, APIs and applications, any notion of a network perimeter has effectively been eliminated. Plus, any risk inherent to your tech stack components becomes your risk whether you like it or not. Organizations of all sizes are increasingly vulnerable to breaches as their attack surfaces continue to grow and become more difficult — if not impossible — to define. Add geopolitical and economic instability…

April 17, 2023

How zero trust changed the course of cybersecurity

4 min read - For decades, the IT industry relied on perimeter security to safeguard critical digital assets. Firewalls and other network-based tools monitored and validated network access. However, the shift towards digital transformation and hybrid cloud infrastructure has made these traditional security methods inadequate. Clearly, the perimeter no longer exists. Then the pandemic turned the gradual digital transition into a sudden scramble. This left many companies struggling to secure vast networks of remote employees accessing systems. Also, we’ve seen an explosion of apps,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature