5 Cybersecurity Predictions for 2022 That Will Save Your Organization Plenty of Grief (and Why Cybersecurity is Like COVID-19)
The COVID-19 virus continues to mutate, giving us variants of concern. Dr Stuart Ray, Vice Chair of Medicine for Data Integrity and Analytics at Johns Hopkins, points out that “New variants of the SARS-CoV-2 virus are detected every week.” Some are more dangerous than others. The memo is clear: There is no going back to life as we knew it before the pandemic. This has turned digital transformation into a top priority for businesses of all size. Without digital, no business has a future. The growing reliance on a digital-centric business model comes with its own consequences: In the last 12 months, it has been the reason for the number of data breaches, in the US alone, to surpass all of 2020 by 27 percent. This is not all. The average cost of a data breach increased during the same period from US$ 3.86 million to US$ 4.24 million. Worldwide, cybercrimes have been estimated to cost US$ 6 trillion in 2021 (compared to US$ 3 trillion in 2015) These developments bring cybersecurity into sharp focus for 2022. Not surprisingly, every CIO and CTO is keenly interested in trying to foresee what 2022 holds for cybersecurity. Here are five predictions I am placing my bets on:
1. More Chief Information Security Officers (CISOs) will sit on corporate boards. Today, CISOs largely present to the board (or an audit committee), with about 75 percent doing so on a quarterly basis. Only 4 percent actually sit on boards. Further, in 2020, only 6 percent of directors added to boards in Europe and 8 percent of those in the US had cybersecurity expertise of any kind. It will be safe to assume that the numbers for other parts of the world are abysmally small. But those statistics are ready for a dramatic upward revision in 2022. If your company is considering having its CISO on the board, you are on the right path. CISOs could also find themselves reporting more closely to the board through a dedicated cybersecurity committee. Gartner predicts that 40 percent of boards will have such a dedicated cybersecurity committee by 2025. The penalty for not doing so is high. As an example, Colonial Pipeline, a major fuel provider in the US, has paid a ransom of $2.3 million in Bitcoins to hackers who made the pipeline inoperable. Even consumers had to pay, indirectly, for the incident: Gas prices in the US surged almost six cents to a gallon following the hack.
2. We will see Smart Malware or the malicious use of Artificial Intelligence (AI) by hackers to evade detection. And why not? If people can use AI for good, criminals will use it for bad. AI can be used to not just evade detection by making attack processes learn from the system they are running on, but also hunt for vulnerabilities in systems and even device methodologies to exploit those vulnerabilities. Further, Machine Learning systems can be compromised by injecting poisoned data — a branch of computer science called adversarial machine learning — resulting in organizations being unable to accurately monitor their operations or take accurate decisions. This would render an organization’s AI systems useless. We already have Deep Learning approaches to password guessing using Generative Adversarial Network (GAN) techniques. We have web penetration testing tools using complex learning methodologies that can be devastating in the hands of hackers. And think of what swarm intelligence can do for botnets tasked with DDoS attacks. This is why cybersecurity experts must up their game considerably to counter AI-based attacks.
3. One way to address the consequences of security breaches is to reduce time to detect. This does not mean organizations must stop investing in intrusion prevention. All it means is that intrusion detection and remediation have to improve several folds. The average time to detect and contain a data breach caused by a malicious attack in 2020 was 315 days. For comparison, system glitch breaches took an average of 244 days to identify and contain while breaches resulting from human errors took 239 days to identify and contain. Time to detect and contain incidents can be brought down significantly by using AI and automation. This is where all the action will be in cybersecurity through 2022. CISOs and CTOs will play cat-and-mouse with dark actors and it will finally boil down to whose AI is more canny, fast and smart.
4. The major short-term concerns will be around mobile security. With a vast amount of our data being on mobile devices, they will become prime targets for ransom. You have a naughty or smutty picture on your phone? Have secret diagrams of equipment, futuristic drug molecules or business plans on your mobile device? Wait until someone finds them and sends you a ransom note. Smartphones are also the key to two-step authentication. So, attacking a smartphone will become necessary to break the multi-factor authentication employed by identity solutions. One of the key vulnerabilities in a mobile phone is the Digital Signal Processor (DSP), a system on a chip that enables diverse functions on your phone. For example, a DSP will compute the bits required for something as fundamental as transmitting a voice signal and then generating the signal. It is used to deliver fast charging, video streaming and in advanced Augmented Reality functions. The DSP chip is a black box. Only the DSP manufacturer knows what happens inside the chip. This makes it a weak point for attackers to exploit. The latest Check Point Mobile Security report for 2021 provides an insight into the size of the problem with mobile security. The report says that 97 percent of organizations faced mobile threats that used multiple attack vectors, 46 percent had at least one employee download a malicious mobile application and at least 40 percent of the world’s mobile devices are inherently vulnerable to cyberattacks.
5. 5G and IOT will offer new opportunities to black hats, gray hats, malicious insiders, and low-level script kiddies putting their skills out to test. A Tesla Model X was famously stolen by a hacker who could rewrite the firmware of its Bluetooth-based key fob. We have all heard of networked security cameras, smart TVs and smart speakers at home getting compromised. Even connected gas stations have been targeted. These are all IoT-related incidents. As we switch from 4G to 5G, attackers will be able to move more swiftly.
Cyber vulnerability is somewhat akin to COVID-19. We must take all the necessary precautions to prevent infection. But in reality, we can’t be sure when we may be exposed to it and affected by it. Therefore, it all depends on the speed with which the infection is detected, assessed and responded to. The bottom line is that spending more on cybersecurity is no guarantee of protection; using smart AI-based solutions that intelligently, dynamically and quickly monitor, assess, adjust and respond to threats is the only real way of protecting modern digital assets.