What will be the main cybersecurity challenges for 2022? Predictions from Open Systems suggests the main topics that are in store for cybersecurity industry in 2022 and beyond.
From the survey it is apparent:
Attackers will start to embrace AI to evade detection
Artificial intelligence and machine learning took the security market by storm in the past 5 years. 2022 will see models within security software further attacked using adversarial techniques and those outputs put to use in malware that rewrites itself to evade.
On the general security front, ransomware will remain a perennial problem in infosec. This type of malicious action and it has implications across organisations of any size. For smaller businesses, the challenges around information security can sometimes feel insurmountable, but the reality is that ‘the basics’ go a very long way.
Overcoming some of these challenges rests of personnel having a good understanding of what potentially complex and realistic phishing attempts may look like, knowing what to do upon receiving a suspicious email, as well as ensuring that permissions are as restrictive as possible within the organisation, could help prevent an attack from being successful. It can also ensure that any successful attack would be manageable.
Traditional security vendors will start getting into CryptoSecurity
According to Techopedia: “Cryptosecurity is a component of communications security that deals with the creation and application of measures leading to secure ciphers and codes, which are used to protect encryption systems.”
Reviewing code, smart contracts, and more standardization of crypto project security assessments is becoming more common. However, given that 2021 saw some massive “hacks” due to poor logic or flaws in various crypto codebases,this evolving area will remain one of concern.
There will be further SolarWinds-style attacks in 2022
This prediction presents troubling news for business. The reason why a repeat of a SolarWinds style attack may occur is as bad actors target IT resellers and technology service providers as a way to access the IT systems of their downstream customers.
The primary methods the bad actors will employ include stealing login credentials through simple – but effective – tactics like password spraying and phishing, and adding malicious code to the resellers and service providers’ software to create backdoors that provide access to downstream customers’ systems.