Cyber security
2022 cyber security outlook: be aware, be prepared With increased digitisation impacting all aspects of life, cyber attacks will become increasingly ubiquitous and may impact all our activities across the most mission-critical industries, writes David Stroud Another year of landmark cyber attacks on critical infrastructure, gruelling supply chain challenges, and wiser-than-ever cyber criminals has passed, but certainly not without profound impact. Across industries, cyber security experts watched as bad actors grew more intelligent and learned to circumnavigate organisations’ existing protective measures. This sight was perhaps most arresting for mission critical solutions providers in the government, defence, utility, and industrial sectors. As government and business leaders question how to defend their devices, data, and networks against mounting attacks, it’s important to consider the magnitude and scope of attacks will likely only evolve in 2022 – creating a more catastrophic impact from attacks than ever. World Economic Forum’s 2021 Global Risks Report forecasted that 39 per cent of industry leaders fear future cyber security failures will present critical threats to business and society. It is clear connected devices in vitally important industries are vulnerable to attack. It is essential to be prepared for when – not
if – they are compromised. With the alarm sounded in 2021, what should decision makers look out for specifically in 2022? Here are some predictions for the new year in cyber security, along with advice on how to address the ominous threats.
never been greater. Organisations must be proactive in changing their defensive priority from attack detection to outcome prevention.
Scale up or pay up: massive ransom loss for unprotected data As RaaS gangs learn victims are willing to pay staggering sums to maintain operations Attack origins will diversify (and their reputations), ransomware projects Attacks in 2022 will vary in origin – from to cause unparalleled financial losses in insider sources compromised maliciously 2022. Unprotected data shared across the or simply through negligence to supply cloud to both edge devices and networks is chain sources, to shadowy outsider groups ripe for the ransoming. An increased attack funded either privately or by a nation-state surface with more connected devices than looking to maintain plausible deniability for ever has made this valuable data even easier aggressive behaviour. to get, too, especially if hackers can insert In addition to a diversification in attack themselves into such devices somewhere origin, strikes will rise in severity too as along the supply chain. hackers gain a greater understanding of their Reflecting on last year’s destructive leverage and their targets’ vulnerabilities. SolarWinds and Kaseya VSA hacks, As all criminals refine their attack more ransomware groups strategies – from private are expected to exploit ransomware-as-a-service It is clea vulnerabilities in supply (RaaS) outfits to seriously r connec chains. It is crucial that moneyed state-sponsored t across industries, groups – the urgency to in vitall ed devices y impo connected devices E act before they do have ind
rtant ustrie to attac s are vulnera ble k. be prep It is essential to are – not if d for when –t compro hey are mised
Issue 22.1 | HEALTH BUSINESS MAGAZINE
35