As we walk through the doorway of 2022, it's hard not to wish at least some among us had the gift of cosmic foresight. Many (most?) of the questions we thought in 2021 that we'd have answered by this point — chief among them, when will COVID finally leave us alone??? — still seem to elude us.
In keeping with our yearly tradition, we sat down with some experts at Rapid7 and across the industry to get their 2022 cybersecurity predictions. Here's a look at what those in the know — some of them under the guise of clever fortune-teller names — think we'll be talking about in the year to come.
Rob la Mystique (a.k.a. Robert Graham, CEO of Errata Security)
My third eye tells me that ransomware will become state-sponsored. Governments will notice the successful actors in their countries, and rather than shut them down, they'll seek to co-opt their activities. In other words, pirates will be coopted into privateers.
Fahmida Y. Rashid, award-winning infosec journalist
I think we will see some surprising consolidation — some giant merger that's going to dwarf even the ones we've seen so far. There's still going to be insane venture funding rounds (like Transmit Security's Series A) for security startups. But I think my prediction is that we are going to see the pendulum swing back from tools that do one thing well to large suites/integrated platforms that do all kinds of things, so the whole buying landscape is going to get even more murky and confusing.
Tod Beardsley, Director of Research at Rapid7
In 2022, managed service providers (MSPs) will continue to be in the hot seat as intermediary targets for ransomware gangs. The efficacy of hitting MSPs was proven out in 2021, and even small, regional MSPs will need to stay on their toes with patches and two-factor authentication everywhere to avoid getting exploited and phished by attackers who are targeting their downstream customers.
As cryptocurrency valuations continue to separate themselves from any realistic evidence of value, we will see more and more exchanges and clearinghouses get compromised, resulting in heists of millions of dollars' worth of crypto — especially among off-shore exchanges.
Cyber-Zoltar the Blockchain Seer (a.k.a. Philip Amann, Head of Strategy at the European Cybercrime Center)
Ransomware will continue to dominate and proliferate with cybercriminals further moving toward a more calculated target selection. As is evidenced by several high-profile ransomware attacks, this has created a global cybersecurity risk that goes beyond the financial impact of these attacks. This will continue to be supported by a professional underground economy that provides the necessary tools and services.
We also expect investment fraud, BEC and CEO fraud to continue to cause disruptive losses and also a significant increase in mobile malware. The response to these threats will require us to further strengthen collaboration among law enforcement, industry, the CSIRT community, and academia globally with a view to collectively increasing cybersecurity, safety, and resilience.
Bob Rudis, Chief Security Data Scientist at Rapid7
The 2022 US election season will drive multiple (some impactful) cyberattacks on candidate/party technical and campaign logistics infrastructure and data from US-based sources.
Meanwhile, as companies accelerate toward a higher office-vs.-remote work ratio, initial access brokers will take advantage of the mobility (and weaknesses) in BYOD endpoints to gain footholds and refresh credentials and PII data stores. Multiple, major breaches will be reported.
In addition, the adoption of Software Bill of Materials (SBOM) will be astonishingly fast (in the US) toward the latter half of the year, heralding a new era of better third-party risk management and overall organizational safety and resilience.
Erick Galinkin, Principal Artificial Intelligence Researcher at Rapid7
Ransomware will continue to be a huge threat and will draw even more attention in 2022. While we should keep an eye out for potential attempts to disrupt a major US government agency, the revenue lost from ransomware will still be an order of magnitude less than business email compromise.
The media world and the security world will do their gnashing of teeth and rending of garments over deepfakes ahead of the 2022 midterms, but AI-powered disinformation will continue to be a mostly hypothetical threat.
Madame Bell LaPadula (a.k.a. Wendy Nather, Head of Advisory CISOs at Cisco)
On the heels of more visibility in supply chain security, and against the backdrop of steady disruption from ransomware, the security industry will have to face another maturity touchstone. It's not enough simply to provide more transparency and share more data: what else do we owe one another in this broad ecosystem? SBOMs are the new shiny, but we will have to take many more steps together to improve our common, global defense.
Harley Geiger, Senior Director of Public Policy at Rapid7
State and federal agencies will step up their enforcement of existing cybersecurity regulations. This includes the SEC's enforcement of required disclosures related to cybersecurity, DOJ's enforcement of federal contractor cybersecurity requirements, and California's enforcement of the CCPA.
But while regulators may issue new cybersecurity rules for the private sector under existing authorities, Congress will delay creating new federal authorities due to the midterm election year and the recent passage of large spending and incident reporting bills. Divisive items like federal privacy legislation are unlikely to pass. However, there will be plenty of hearings, press releases, and tweets expressing concern for ongoing cybersecurity threats!
More Hacky Holidays blogs
- Rapid7 2021 Wrap-Up: Highlights From a Year of Empowering the Protectors
- Metasploit 2021 Annual Wrap-Up
- 5 Security Projects That Are Giving Back
- Sharing the Gifts of Cybersecurity – Or, a Lesson From My First Year Without Santa
- Hacky Holidays: Celebrating the Best of Security Nation [Video]
- Hacky Holidays From Rapid7! Announcing Our New Festive Blog Series