5 infosec predictions for 2022

1. Ransomware attacks will continue to increase

Not only will the number of attacks increase, but companies will continue to pay ransom demands. Given ransomware gangs' financial motivations and use of insider threats, current legislation and Biden's cybersecurity executive order are not enough to prevent companies from giving in to ransomware threats. As organizations weigh the risks of meeting attackers' demands, however, it's likely the federal government will make an example out of a company that decides to pay the ransom as a warning to other organizations.

2. The line between cybercrime and nation-state attacks will continue to blur

Threat intelligence companies used to be able to make a reasonable assumption about the source of an attack based on breadcrumbs left behind because threat actors often followed an operational playbook. Given that ransomware gangs often rebrand themselves nowadays and that criminal organizations started using the same tactics, techniques and procedures as nation-states, attack sources are becoming indistinguishable from one another. A single threat actor is typically no longer responsible for an attack but rather an entire group with varied operational styles.

3. The cybersecurity workforce shortage and skills gap won't improve

After the Biden administration's cybersecurity executive order in May 2021, there was hope that increased resources and emphasis placed on the growing threat landscape would help close the cyber skills gap. However, it was far from an immediate fix. Beyond the government, private companies need to invest in hands-on training programs that focus on building transferable technical skills rather than just professional development. This would make security teams more efficient and help them rely less on expensive security products. Organizations based within countries with allocated resources, such as the U.S., won't see this issue get worse. Places without the same funding, however, are going to encounter even more difficulties related to the workforce and skills shortage.

4. OT environments will be subject to the cyber perfect storm

Operational technology (OT) environments will face even greater risks in 2022. Because implementing new technology and infrastructure can disrupt the supply chain, OT security systems are often old and vulnerable to attacks. This perfect storm of outdated technology, combined with a lack of adequate patching, makes OT systems ideal and easy targets for threat actors.

5. COVID-19's impact on phishing and remote security is mere hype

The impact of COVID-19 on remote work and phishing campaigns has been widely publicized over the past two years. But there's always going to be a current event or newsworthy item for threat actors to exploit. Even though remote work was a concern at the onset of the pandemic, organizations and employees have adapted at a rapid pace, leaving many security concerns in the dust.

These predictions are just examples of how the industry will evolve in the coming year. Defenders and threat actors will continue to undergo even more changes in 2022. Keep these predictions top of mind to focus on continued growth in this year.

About the author
Kevin Hanes is CEO of Cybrary, a cybersecurity professional development platform. Before joining Cybrary in June 2021, he spent eight years as COO of Secureworks. Hanes began his career at Dell Technologies in custom software integration and moved into leadership roles with increasing responsibilities and global scope over his 15-year tenure. He has a bachelor's degree from St. Edward's University in Austin and a master's degree from the University of Texas at Austin.