Predicting the future is a tricky thing. But, reviewing the past and developing educated thoughts based on information isn’t. That’s the approach we’re taking this year and we outline our thoughts on cybersecurity trends for 2022. Because, let’s be honest, after the last two years, nothing is off the table!
Continuing Ransomware Attacks
The global ransomware attack volume jumped significantly in 2021. To be more precise, there was a 151% increase in attacks for the first six months of 2021, compared to that same time frame in 2020. That is one heck of an increase! Partly due to more people working from home, partly due to a lack of focus on internal IT systems, and partly due to hackers seizing the opportunity in front of them.
But, regardless of the reason, ransomware attacks happened, and they will continue to happen.
You see, as the cybersecurity focus switched to those working from home, IT professional’s time was also spent there. Which meant that some basic cyber hygiene “in office” work, like updates and patches, weren’t always handled in a timely manner. This opened some avenues for hackers that they happily exploited. Which then caused cybersecurity teams to pivot, which opened avenues elsewhere. It was kind of a constant state of catch-up situation. Knowing this, we anticipate ransomware attacks to continue into 2022, as IT professionals continue to shore up resources, and try to get ahead of a constantly evolving workplace.
As an organization, your best bet is to revisit basic cyber hygiene protocols and make sure those are in place.
Stressed IT Professionals
All of those ransomware attacks, along with on-going IT issues to tackle, have been creating a massive amount of stress, and burn-out for IT professionals. They have been adapting to a changing IT landscape for the last two years, and they are tired. Couple that with the increasing number of open cybersecurity positions, and a widening gap of available cybersecurity professionals, and you’ve got a bleak situation.
The odds of this situation changing in the coming months is slim, which means organizations need to help their internal IT teams. Support them by training the remaining team on cybersecurity best practices. Hire support for the IT team if/as possible. Make cybersecurity a full-company initiative.
With internal employees stressed out, many organizations have, and will continue, to look to augment their IT team by working with outside cybersecurity professionals. The trend of outsourcing cybersecurity began in 2020 when organizations needed to switch to a remote workforce but didn’t have the parameters in place to do so properly.
We anticipate this trend to continue. This will not only help their internal IT teams, but it will also help deepen the “cybersecurity bench”. An outsourced IT company brings multiple people, backgrounds and specialties to the table, which means your organization has a better chance at maintaining cyber hygiene and protecting itself if a cyber-attack does occur.
Increases In Cybersecurity Spending
This ties in with increasing your IT chops by layering in an outsourced IT partner, but there are other factors at play here. The supply chain has been shaken up and hasn’t really gotten back to where it should be. This impacts multiple organizations, across a variety of industries. Knowing this, companies plan to spend more to support their cybersecurity needs and protect their supply chain.
This increase will likely come in the form of external support, additional training, and a consolidation of, and enhancement of tools. Over the last two years, organizations have learned the benefits of SaaS (software as a service) tools and see the opportunity that goes along with consolidating these tools to a smaller number of providers. This type of streamlined approach will require an investment up-front but will provide more flexibility and the ability to optimize as the company grows.
Cyber Hygiene At Home
With the ever-changing environment that we live in, cyber hygiene at home will continue to be at the forefront. Many organizations will continue to have employees working from home for the foreseeable future. This will prompt the continued focus on how to protect employees and business information and data, while those employees are at home.
Regular patches and updates, installing antivirus software and securing at-home Wi-Fi will be necessary for all remote-work employees. Cybersecurity training will also go a long way towards protecting your company. Host monthly training sessions that cover basic cyber hygiene tips, as well as more advanced topics:
- The importance of strong passwords
- When, and how, to download upgrades & updates (hint, as soon as possible)
- The importance of being suspicious of attachments
- Avoiding clicking on links in email
- Using public Wi-Fi with extreme caution (or better yet, not at all)
- The organization’s cybersecurity policy
On-going training with employees, especially if they are working remotely, is one of your best avenues in the fight against cyber criminals.
The landscape of cybersecurity is constantly changing. We encourage you to keep these trends in mind as you make, and build out, your cybersecurity plans for 2022.