01/27/22

Cybersecurity Trends to Watch for in 2022

The past year brought various cybersecurity developments across industry lines. Moving into 2022, these trends have continued to evolve—presenting new and expanding cyber threats for many organizations.

As such, it’s vital for organizations to stay informed on these developments and adjust their cybersecurity practices accordingly. Here are some key cyber trends to watch for in 2022:

  • Elevated ransomware risks—Ransomware attacks have skyrocketed over the past few years. Such a rise is likely tied to cybercriminals becoming increasingly sophisticated and developing more avenues for launching these attacks (e.g., ransomware-as-a-service and remote desk protocol). According to NetDiligence’s annual cyber claims study, ransomware attacks were the largest driver of cyber insurance claims over the last five years; the average ransom demand rose to $247,000 and the median incident cost reached $352,000. Moving forward, organizations can’t afford to ignore ransomware risks. In particular, these types of attacks should be addressed during employee training and in workplace cybersecurity policies.
  • Further foreign threats—In recent years, organizations have encountered a surge in state-sponsored attacks. Although such an attack could victimize any industry, the health care, energy and education sectors are more likely to be targeted due to the nature of their operations. Looking ahead, foreign attackers’ tactics are expected to become more aggressive. With this in mind, organizations need to be aware of the potential for future targeted attacks or other cyber-related losses stemming from political conflicts. Depending on their operations, organizations should evaluate their likelihood of being involved in incidents with state-sponsored threats and adjust their cybersecurity measures as needed.
  • Greater emphasis on supply chain safeguards—Several large-scale supply chain cyberattacks took place throughout 2021, impacting major organizations, including Microsoft, Colonial Pipeline and Kaseya. The collective fallout from these incidents has motivated organizations to review their supply chain cybersecurity risks and take steps to minimize their exposures. These steps might include incorporating cybersecurity expectations into vendor contracts, minimizing third parties’ access to organizational data and monitoring suppliers’ compliance with supply chain risk management procedures.
  • Increased cyber skills gap challenges—Widespread worker shortages are anticipated to contribute to the labor market’s already significant cyber skills gap. According to the Information Systems Security Association, there are nearly 4 million unfilled cybersecurity positions worldwide. This means that it may become more difficult for organizations to secure qualified IT professionals, potentially threatening their security capabilities. Additionally, employees of all positions may require further training to ensure proper protection against evolving cyberthreats.

For additional risk management guidance, contact us today.