Steve Durbin is Chief Executive of Information Security Forum. He is a frequent speaker on the Board’s role in cybersecurity and technology.
With the world embracing hyper-connectivity, businesses intensifying their digitization efforts and consumers entering a new realm of augmented reality like the metaverse, it’s not hard to imagine cybercrime becoming more insidious.
Cybercrime breaks new records every year, and 2022, in all likelihood, won’t be any different. In 2022, organizations must stay vigilant against these four pervasive cyber threats:
Ransomware will increasingly hold businesses hostage as organizations of all sizes, governments, critical infrastructure and supply chains become more frequently targeted by organized crime syndicates and state-sponsored cybercriminals. The inability to put fuel in your car from last year’s Colonial Pipeline attack, the sudden crunch in food supply from the world’s largest meat producer JBS, large electrical outages and even death are consequences of our new reliance on digitization.
Edge Computing And 5G
Edge computing (as opposed to centralized computing) is increasingly becoming a popular and attractive architectural choice for many businesses. Cloud computing and the move to push the processing of data closer to users where it’s needed can deliver higher levels of agility and effectiveness. However, this also expands the attack surface as it creates numerous points of failure across the organization.
The emergence of 5G (higher internet through-put and pervasive connectivity) will lead to the massive adoption of IoT (Internet of Things), IIoT (Industrial Internet of Things), internet-enabled OT (Operational Technology) devices and millions of IoT-enabled services (like connected cars, medical devices, public services, etc.). This in turn will create tens of billions of hackable devices or entry points for attackers to exploit.
The Never Normal
The “never normal” is really about organizations finding themselves in a new and constantly shifting world, having to revisit established technologies, policies and procedures around emerging cyber risks and elastic changes in the threat surface. Security teams will need to take a much more holistic view on how a business manages and uses information, designing security from the ground up and making real-time changes in their strategy as the threat surface evolves. Vulnerabilities like log4j or Solarwinds should force organizations into reassessing their security processes and security policies immediately. Security teams that fail to take heed to such cybersecurity warnings can subject their organizations to terrible consequences.
The Emerging Digital Divide
The growth in e-commerce, remote working, online services and virtual human interactions will widen the digital gap and worsen societal fractures. From a security standpoint, different parts of the world are at different stages of digital maturity and therefore a vanilla-flavored security approach to managing global corporate assets may no longer work. Cybersecurity design must take into account the differences in skills and capabilities, infrastructure, geopolitics and regulations, as these can not only impede the progress of digital inclusivity but also leave gaping holes in a company’s overall cybersecurity posture.