As the pandemic continues, organizations around the world are working hard to adapt to the “new normal.” This article highlights the key trends that we will face in 2022 and beyond.
- Ransomware will be an even more devastating threat in 2022.
Ransomware attacks more than doubled in 2021 compared to 2020, with healthcare and utilities the most commonly targeted sectors. Moreover, attacks are getting more expensive, with the average ransomware payment leaping from US$312,000 in 2020 to $570,000 in 2021. By 2031, there will be a new assault every 2 seconds and ransomware costs will reach $265 billion per year.
In short, private and public organizations are losing this battle, even though spending on security and risk management is expected to be over $150 billion in 2021. Therefore, it’s important to assume that your company will be targeted with ransomware in 2022 and take steps to mitigate the risk by enhancing your ransomware attack prevention, detection, mitigation, response and recovery measures.
- Cloud adoption will continue, expanding the need for solid security controls.
The shift to remote work during the pandemic caused cloud technologies to used more and more often in the business world: 83% of organizations report that their cloud spend exceeds $1.2 million per year and 36% say it exceeds $12 million, both of which are large increases over last year.
Cloud computing comes with security challenges. According to the 2021 Netwrix Cloud Data Security Report, organizations storing data in the cloud experienced an average of 2.8 security incidents in the past year, including phishing (40%), ransomware (24%) and accidental data leakage (17%). Gartner states that through 2025, virtually all cloud security failures will be the customer’s fault.
Many organizations have less experience with security in the cloud than on premises, but the underlying strategies remain the same: Understand your risks and implement proven security best practices.
- Zero Trust is gaining traction rapidly.
The Zero Trust security model is gaining steam across both the public and private sectors. In 2021, the White House encouraged all security leaders to adopt Zero Trust strategies. By 2024, the worldwide Zero Trust industry is predicted to expand to US$38.6 billion, up 20% from 2019.
This expansion is fueled by a number of causes. Credential theft and insider attacks are major cyberattack vectors, and the extra verification and authentication measures advised by Zero Trust can help organizations combat both.
We should also mention ZTNA — a substitute for cloud VPN that replaces excessive trust in physical networks with adaptive, identity-aware, application-oriented precision access. While just 7% of organizations are using ZTNA for most of their remote access needs, 62% say they’re using it for specific use cases or applications and are expanding or planning to expand it use. We can expect that 2022 will be the year in which VPN replacement reaches critical mass.
Conclusion
The growing number of sophisticated cyberattacks and the shift to the modern hybrid workforce have made traditional approaches to cybersecurity woefully insufficient. Organizations should focus on identifying and mitigating their most pressing cybersecurity risks and planning for transformational changes to the IT ecosystem.
