As we enter 2022 the world continues to be at risk from cybersecurity incidents, both from rogue actors and from some nation states. The central themes that are likely to emerge as the year progresses have been identified and reviewed by David Carroll, MD of Nominet Cyber.
Carroll has outlined to Digital Journal about what we could expect in the world of cyber security in 2022 when it comes to government cyber action, protecting critical national infrastructure, setting policy for ransomware, and related areas.
Carroll begins by seeing the charge against cyber-threats as being coordinated at the nation state level, a trend that was embedded in 2021. According to Carroll: “Governments around the world will continue to take a more active role in cyber defence during 2022.”
The requirement for state regulation and defence has arisen due to the scale and fall-out from man cyberattacks. Here Carroll notes: “Economic losses are mounting, supply chain attacks have compromised entire nations, and ransomware now poses a significant threat to national security.”
He adds further that there are other triggers springing governments into action: “With cyber now presenting a risk to lives as well as to economies, we are potentially reaching a tipping point where governments will increasingly step in to correct any perceived market failures.”
Carroll concludes that we should expect more rules to be in place, noting: “We will hear more discussion about cyber regulation next year, although it is probably too early to predict that new laws will change the way we protect citizens and conduct business.”
As an example, Carroll thinks: “A ban on ransomware payments may be introduced, challenging though that would be to realise. There will also be increased diplomatic pressure to establish cyber norms and make it harder for cyber criminals to move money.”
Carroll also predicts that: “Takedowns will become more common, as international cyber task forces co-operate, pooling intelligence and coordinating response. The current approach of the US Government towards Russia and China is unlikely to wane. Expect to see further export restrictions in areas that could be used by adversaries to gain an advantage in cyberspace.”
Carroll also thinks that the burden of security needs to be passed on by key public services to governments. Here the analyst says: “2022 will be the year when a realisation takes hold that it is unreasonable to expect operators of critical national infrastructure and providers of essential public services to exclusively own national security risk. Hospitals should be focused on keeping people alive and healthy, not combatting international ransomware gangs, and that will be the turn of the tide in the year to come.”