IBM : 5 Predictions for Cybersecurity in 2022

At the start of 2022, many businesses will be breached

As organizations worldwide slow down for the holidays as well as find themselves in work environment transitions - with many returning to pre-pandemic in-office models and others extending their hybrid workforce - distractions will create opportunity for cybercriminals to infiltrate networks without raising suspicions. Well into 2022 we will see breach disclosures and cyberattacks with initial compromise tracking back to early in the year.

We Are Closer to Becoming Our Own Passwords

The surge of cyberattacks coupled with the massive expansion of online accounts is creating a recipe for continuous disruption, if we consider consumers’ current weak password practices. Weak passwords serve as a pathway to breaches which then lead to new compromised passwords for attackers to use to execute another attack, creating a vicious cycle. The maturation of AI and biometric technology will present more and more options for consumers to rely on alternative forms of authentication to access their accounts. We’re already seeing this with Face ID, fingerprints or other forms of biometric authentications becoming a more common option from providers. Realistically consumers can’t rely on remembering or managing 20+ different passwords and many don’t use password managers.  It’ll come down to convenience and as more convenient forms of authentication become more secure, we will see more adoption.

One business's ransomware attack, will become another business's extortion 

Ransomware attacks will become more relentless in their quest to scale up revenue and do so fast. In 2022 we will start seeing more and more triple extortion ransomware, whereby a ransomware attack experienced by one business, becomes an extortion threat for its business partner. Ransomware attackers won’t stop at extorting the victim organization for ransom, they will extort its business partners whose data it holds or business partners who cannot afford the supply chain disruption. 

Supply chain attacks will become a top boardroom concern

In 2021 the world felt the brunt of supply chain bottlenecks due to COVID-19 restrictions, and recognizing this, cybercriminals will seek to capitalize on our heavy reliance on supply chains -- both on a consumer and enterprise level. Supply chains have many blind spots or cracks that attackers can take advantage. Ransomware attacks will be a threat not only to companies as individual entities but to their supply chains as a whole, making these types of  attacks a top concern for the Board.

Zero Tolerance for Trust Will Redefine the State of Security

More and more businesses are realizing that to build customer trust they must establish zero tolerance for trust in their security strategy. In 2022 we will start to see government and private industry scrutinize their trusted relationships more, and re-evaluate the "who, what, why" regarding access to their data. Not only we will start seeing more "auditing' of user access, but application access to data as well.