Earlier today BeyondTrust released its annual forecast of future cybersecurity trends for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer, Brian Chappell, Chief Security Strategist EMEA/APAC, and James Maude, Lead Cyber Security Researcher, are based on patterns, possible shifts in technology, threat actor habits, culture, and decades of combined experience.
So besides the personal experience of the various report authors, why do we trust 'BeyondTrust' to give us these predictions? For starters they are the worldwide leader in Privileged Access Management (PAM). They're also trusted by 20,000 customers, including 70 percent of the Fortune 500.
Prediction #1 – With the rising popularity of space tourism expect phishing attacks and faux websites to rise up with it.
Prediction #2 - 2022 will prove to be the most challenging year yet with regards to the ongoing cybersecurity talent drought. The imbalance between demand and supply will cause salary spikes across the board for every level of IT security professional.
Prediction #3 - Consumers and businesses can expect that newer devices will be cellular-enabled, or cellular capable, to provide services outside of local area and Wi-Fi networks with country wide 5G.
Prediction #4 - New paradigms to extort money will emerge in 2022. Organizations should expect ransomware to become personalized and increasingly involve different types of assets, like IoT, as well as company insiders.
Prediction #5 - Supply chain attacks will further mature in 2022, expand in scope, and increase in sophistication. Expect far more third-party solutions and common development practices to be targeted.
Prediction #6 - Expect a tsunami of cyber insurance cancellations and a mad scramble to obtain new coverage, potentially at much higher rates. To obtain coverage and ensure the best rates, organizations will need to demonstrate the proper cybersecurity hygiene demanded by cyber insurance underwriters.
Prediction #7 - Expect to see tighter controls on the content that is distributed via social platforms, reliable attestation for the source of the material, and potentially access to the data for authorities.
Prediction #8 - Next year will see the average time from intrusion to detection grow, giving attackers more time to perform reconnaissance and wreak havoc on systems. Expect a lot of careful hackers to find their way into systems and establish long-term residences there.
Prediction #9 - The number of successful attacks will continue to grow, the average cost to the victim organization per successful attack will rise, and the pattern will repeat. With so many new and shiny technologies to choose from, the IT security basics just aren’t exciting.
The final five predictions take a more extended view into the future:
Prediction #10 – We are setting ourselves up for a massive outage or data loss type of event in the next five years.
Prediction #11 - Digital resources when we die will be orphaned and unmanaged, and friends and family members may not even know the passwords to retrieve priceless information. Expect to see new businesses emerge that can access and preserve a person’s digital presence after death.
Prediction #12 - Much like space debris causes issues for new satellites, abandoned IoT projects and unsupported systems will provide ideal targets for attackers, which will only be amplified by faster 5G connectivity.
Prediction #13 - Connectivity free zones will materialize that are intentionally void of cellular and Wi-Fi technology in response to the unwanted changes and the infringement on their longstanding local way of life, such as movie theaters, places of worship, etc.
Prediction #14 – Passwordless seems to finally be gaining some real traction. With fewer access points gated by passwords, attackers will increasingly focus on exploiting users and apps to gain access to data and privileges.