Cybersecurity Predictions for 2022 (Part 2!)

  • We’ve collected predictions from industry experts on what 2022 could bring to cybersecurity.
  • In 2021 we continued to see an increased pressure on cybersecurity for businesses, hackers taking advantage of the remote shift in the way we work.
  • Explore top predictions from Nuspire’s J.R. Cunningham, The Open Group’s Jim Hietala and more.

Explore part 2 of our cybersecurity predictions for 2022, with comments from a range of industry experts…

Explore part 1 of our cybersecurity predictions for 2022 here.


Our Industry Experts:

  • Dr. Andrea Cullen – Co-founder of CAPSLOCK
  • Ted Birkhahn – Head of HPL Cyber
  • Matt Morris – Managing Director of 1898 & Co.
  • Rory Duncan – Security Go To Market Leader UK at NTT
  • Stephan Jou – CTO Security Analytics, Interset at CyberRes, a Micro Focus Line of Business
  • Keith Glancey – Director of Technology Western Europe at Infoblox
  • Pritesh Parekh – VP of Engineering and Chief Trust & Security Officer at Delphix
  • Jim Hietala – Vice President of Business Development and Security at The Open Group
  • Fabien Rech – EMEA Vice President at McAfee Enterprise
  • Kai Waehner – Field CTO and Global Technology Advisor at Confluent
  • Tal Mozes – Co-Founder and CEO of Mitiga
  • Chip Epps – VP of Product at OPSWAT
  • Brad Hibbert – Chief Operating Officer and Chief Strategy Officer at Prevalent
  • Magni Sigurðsson – Senior Manager of Detection Technologies at Cyren
  • Lila Kee – General Manager, Americas & Chief Product Officer at GlobalSign
  • Mathieu Gorge – Author of “The Cyber-Elephant in the Boardroom” and CEO of VigiTrust
  • Ilia Sotnikov – VP of User Experience & Security Strategist at Netwrix
  • Bruce Snell – Security Strategy and Transformation at NTT Ltd.
  • Tim Prendergast – CEO at strongDM
  • Marco Bellin – Founder and CEO of Datacappy
  • Craig Ramsay – Senior Solution Architect at Omada
  • Tilo Weigandt – Co-Founder of Vaultree
  • Maxim Dressler – Co-Founder of Vaultre
  • Ryan Lasmaili – Co-Founder of Vaultree
  • Kevin Curran – Co-Founder and Advisor of Vaultree
  • Theo Wills – Senior Director of Privacy at Kuma LLC
  • Ajay Unni – CEO at StickmanCyber
  • Josh Moulin – Senior Vice President at Center for Internet Security
  • Curtis Dukes – Executive Vice President & General Manager at Security Best Practices
  • Joel Burleson-Davis – CTO of SecureLink
  • Nick Santora – CEO of Curricula
  • Nigel Thorpe – SecureAge
  • Ben Goodman – CEO of CyRisk
  • Avital Sincai – COO at Cydome
  • J.R. Cunningham – CSO at Nuspire
  • Jose Carlos Najera Flores – Subject Matter Expert of Vulnerability Management at Syntax
  • Steve Tcherchian – Chief Product Officer at XYPRO
  • Gareth Wharton – Cyber CEO at Hiscox
  • Bryan Hornung – CEO/Founder at Xact IT Solutions
  • Ted Wagner – CISO, SAP NS2


For any questions, comments or features, please contact us directly.




Dr. Andrea Cullen, Co-founder of CAPSLOCK




“A major prediction I have for cyber security in 2022 is a much-needed increase in diversity. As with many industries, cyber suffers from a stark lack of diversity in many forms, including gender, ethnicity, and neurodiversity. Starting to remedy this problem would help to close the UK cyber skills gap.”

“So how do we make it happen? Education is key. The ongoing effects of the pandemic mean that a huge amount of UK workers need to re-skill. Training bootcamps such as CAPSLOCK offer people the chance to re-skill in cyber security and launch a career, bringing vital new talent into the industry. If we’re going to encourage more people to consider a career in cyber, we have to begin dismantling the barriers which have made cyber an exclusive club for so long. Organisations like Women in CyberSecurity UK are encouraging more women into the field, and events such as InfoSecurity Magazine’s Women in Cybersecurity networking celebration are making the women already in the industry more visible. You can’t be what you can’t see, so increased visibility of underrepresented groups will increase diversity overall.”

“The way I see it, the more our cyber workforce reflects the diversity of our society, the better our cyber solutions will be. Diversity of thought naturally leads to diversity of approach, allowing cyber problems to be tackled in different ways. We need people of all genders, ethnic backgrounds and walks of life to enter the cyber industry. There are huge amounts of untapped talent in these demographics, and the cyber landscape for 2022 and beyond will be much improved if we can make the industry more inclusive and accessible.”


Ted Birkhahn, Head of HPL Cyber




The speed at which companies will be forced to respond to affected stakeholders during a cyberattack will continue to hasten. This will place increased pressure on communications teams to prepare, gather information and orchestrate a meaningful response without exacerbating the crisis at hand.”

Negotiations with threat actors will weigh heavily on communications teams who are torn between their conflicting responsibilities to be as transparent as possible with stakeholders while managing their responsibility to protect the company’s reputation.”

Companies will invest in redundancy — i.e. back-up communications tools and platforms that arm their teams with the ability to communicate when their primary platforms, such as email or instant messaging, are down during a cyberattack.”

More open communication surrounding cybersecurity. Increased adoption of digital tools for remote work, shopping, streaming and learning means a greater likelihood of cyber threats, but it also means more opportunity for cyber education and awareness.”


For any questions, comments or features, please contact us directly.




Matt Morris, Managing Director of 1898 & Co.




Cyber criminals will effectively incapacitate a globally visible company via cyber sabotage in 2022: “It may result from a targeted attack perpetrated by a sophisticated threat player or as collateral damage from ransomware or malware attacks. These players live to weaponise operational technology at an accelerating pace. The shift of focus from IT to OT targets signifies a shift from primarily data protection to something far more consequential, such as the disruption of an entity like a power generation plant or the overarching critical function of such organisations.”


Rory Duncan, Security Go To Market Leader UK at NTT




“This year, as we’ve started to recover from the pandemic, demonstrating effective cyber-resilience has become more crucial than ever. This will continue to be a priority for organisations as we move into 2022, as the shift towards permanent hybrid working models for many enterprises will put continued pressure on their ability to detect threats. It’s essential that businesses leaders prioritise security, especially as the trusted perimeter expands to encompass remote users.”

“As businesses consider their 2022 hybrid workplace strategies, they need to revisit and re-evaluate security from the ground up and assess where they may have unwittingly created gaps in their security armour. 80.7% of IT leaders have said it’s more difficult to spot IT security or business risk when employees are working remotely, so ensuring visibility by developing a multi-pronged approach to re-imagining enterprise security will be fundamental in 2022.”

“The ability to respond quickly and effectively across the distributed IT environment will be paramount next year. The number of cyber-attacks in the headlines is only rising and it’s no longer a case of “if” but “when” an attack will occur. Ultimately, your business will be more exposed if it doesn’t have the right security measures and response capability in place.”


For any questions, comments or features, please contact us directly.




Stephan Jou, CTO Security Analytics, Interset at CyberRes, a Micro Focus Line of Business




“All indications are that AI technologies will be increasingly prevalent in cybersecurity. This includes everything from the increasing adoption of technologies like UEBA by enterprises, surveys that show investment in AI by SOC teams, and the adoption of ML and other AI methods by SIEM, IAM and other systems.”

“However, the types of AI that will be adopted in 2022 will be focused on specific, battle-tested techniques such as statistical learning, anomaly detection, and (in a more limited capacity) NLP. Certain areas of AI research, such as large language models (like GPT-3), will not be heavily adopted in 2022 for cybersecurity. This is because there is not yet a good use case match within cybersecurity for those technologies, and also because the computationally expensive and non-transparent nature of these approaches do not lend themselves well to the SOC needs at present.”


Keith Glancey, Director of Technology Western Europe at Infoblox




“Cybercrime is getting organised. Gone are the days of lone hackers operating from back bedrooms. Cybercriminals are banding together to form businesses, using the dark web to recruit new “talent” and advertise “jobs” they’re looking to fulfil. With bigger businesses behind attacks, the stakes are significantly higher for organisations under fire. It’s not just businesses, either – we’re seeing an increasing number of nation state-led attacks from major players like Russia, China and the US. Their target? Personal data.”

“This systematic approach to cybercrime is a continuation of a broader trend towards “as-a-service” business models. Cybercrime-as-a-Service (CaaS) brings together malware developers, hackers, and other threat actors selling out or loaning their hacking tools and services to people on the dark web. Ultimately, CaaS makes these tools and services accessible to anyone who wants to launch a cyberattack, even those without the technical knowledge to do so.”


For any questions, comments or features, please contact us directly.




Pritesh Parekh, VP of Engineering and Chief Trust & Security Officer at Delphix




“With intense scrutiny on how businesses prepare for and respond to breaches next year, it’s clear that security and compliance concerns will be the key determinant for any interactions with third parties – whether customers, partners, or vendors.”

“Following the pandemic, digital guides every third party interaction – potentially exposing data as soon it moves outside of the business’s digital walls. Endpoints have become beyond critical when it comes to securing data, but you can’t always control your endpoints if they exist within another organisation, right? The answer is, you must, meaning that technology vendors who don’t rise to the occasion and implement the same standards as their enterprise customers will lose business, big time.”


Jim Hietala, Vice President of Business Development and Security at The Open Group




“2021 saw the emergence of Zero Trust security architecture as the forward-looking security architecture, and as a consequence, we also saw vendors using and abusing Zero Trust in their messaging.”

“In 2022, we expect to see Zero Trust move from concept to practical implementation, with the availability of more vendor-neutral industry standards and best practices, including reference models and architectures that will help end users to build viable, multi-vendor security architectures based on Zero Trust principles. Open standards will be key to this development.”


For any questions, comments or features, please contact us directly.




Fabien Rech, EMEA Vice President at McAfee Enterprise




“Our reliance on API-based services is rising, as they quickly become the foundations of most modern applications. This is only set to rise further in 2022, as global use of the internet, 5G, and connected devices continues to boom – this year alone, we saw a 57% increase in online activity.”

“Often business-critical data and capabilities lie behind these APIs, and cybercriminals have been quick to take note of this and exploit the increase in API usage. However, attacks targeting APIs go undetected in many cases, as they are generally considered trusted paths and lack the same level of governance and security controls.”

“It’s therefore critical that enterprises make API security a priority next year. Organisations must ensure they have visibility of all application usage across their systems, with the ability to look at consumed APIs. Adopting a Zero Trust mindset will support this. It allows enterprises to maintain control over access to the network and all its instances, including applications and APIs, and restrict them if necessary.”

“Shoring up on API security is particularly crucial amidst the current supply chain crisis, as APIs are often used as an entry vector for wider supply chain attacks due to their interconnected nature. Next year, supply chains will continue to be a prime target for hackers, and so enterprises should look one step ahead and use threat intelligence solutions to predict and prevent API attacks before they take place.”


Kai Waehner, Field CTO and Global Technology Advisor at Confluent




“Cyber threats are not new. However, our more and more connected world increases the risks. Successful ransomware attacks across the globe enforce enterprises to take action by implementing situational awareness and threat intelligence in real-time at scale to act proactively against cyberattacks.”


For any questions, comments or features, please contact us directly.




Tal Mozes, Co-Founder and CEO of Mitiga




DarkCloud is coming. Get ready for a stormy 2022: “The Darknet – which originally described computers on ARPANET that were hidden and programmed to receive messages, but did not respond to or acknowledge anything – is going to be succeeded by the DarkCloud. Criminals will use an invisible cloud to attack organisations in 2022, taking full advantage of the cloud’s capabilities for on demand scale and ubiquitous accessibility. Ransomware and malware are already available as a service, and will use cloud native technologies to attack cloud infrastructure at scale.”

“Not to mention that the industry has complained for years about the lack of talent in cybersecurity, and yet it’s not valuing new graduates and bootcamp students. Entry level jobs require three to five years of experience, leaving many students who learned how to pen test and hack with time on their hands and no job opportunities. Unless the industry finds ways to train and mentor these eager students — and helps them transition successfully into the field, they’ll find the cybercriminal industry all too ready to take them in.”


Chip Epps, VP of Product at OPSWAT




The “digital genome” will emerge and expand: “Going into the new year, we may see an emergence of a “digital genome” (i.e. digital DNA) to better track associated certified “cyber-engineered” modifications.”

“Cyber-attack groups and specific bad actors often reuse code components and various TTPs based on their historical success, or simply as a matter of expediency, and with that comes their unique signature – like a sequence in their DNA. This could be a simple algorithm unique to an attack group, or a clone of elements from previous successful attacks they are familiar with. The practice of threat intel sharing has been very successful as the industry quickly realised that combating cyber threats is a global issue.”

“As hashes are specific to files and have served the community well in managing distinct threats and threat families, there will be a need to bring this concept to a higher level. This means doing more to associate malware to its source or creator – like the sequencing of a gene – to help organisations more quickly remediate vulnerabilities and risks. With the idea of a “digital genome,” malware researchers and reverse engineers can identify these distinctions and apply rule-based languages like YARA to detect these malware authors within specific metadata and behavioural indicators.”

“Ransomware will become the top tactic used in software supply chain attacks and third-party data breaches in 2022.”


For any questions, comments or features, please contact us directly.




Brad Hibbert, Chief Operating Officer and Chief Strategy Officer at Prevalent




Ransomware will become the top tactic used in software supply chain attacks and third-party data breaches in 2022: “After a banner year of high-profile ransomware attacks originating from third-party suppliers (for example Kaseya and others), 2022 will only see more as cybercriminals continue to perfect their attack methods, increase their sophistication and follow the money. Top targets will include third parties that supply goods and services to the automotive, mid-sized banking, and retailing industries due to the criticality of the data and systems they have access to.”

“Organisations would do well to implement proactive event risk assessment cadences and deploy continuous cyber and breach monitoring to get an early-warning picture of potential attacks against their third party ecosystems.”

Bonus stretch prediction: “Despite increases in ransomware attacks against healthcare organisations, cybercriminals will gain a conscience in 2022 and cease targeting hospitals due to the risk of the loss of innocent life. After all, there is honor among thieves.”


Magni Sigurðsson, Senior Manager of Detection Technologies at Cyren




Watch out for QR code attacks: “Cyber crime has long operated as a dark mirror to the legitimate business world, and threat actors have always been adept at incorporating technological trends into their attacks.”

“The latest example is the resurgence of the QR code. This often-overlooked technology has been around for decades, but has returned to prominence over the last two years due to the COVID-19 pandemic. The scannable software is well-suited to delivering information in a COVID-safe fashion at set locations, and we have seen an increase in its use online as well.
Unsurprisingly, the cyber criminal community wasted little time taking advantage of this trend, evidenced by the increased number of attacks exploiting QR codes. As the software becomes more mainstream in marketing and sales activity over the next year, we anticipate attacks that utilise the tool to follow suit.”

“QR code attacks are the latest example of attackers adapting their techniques to mirror popular technology trends, as well as finding new ways to evade security measures.”

“As QR codes gain in popular use over the next year, we can anticipate more attacks exploiting the medium. We have already seen QR attacks across multiple industries, and threat actors are also likely to begin using these techniques to target businesses as well as individual consumers. The use of QR codes ties into the wider movement towards mobile attacks, and we anticipate an increased use in SMS phishing as threat actors seek to evade desktop-based security.”

“It’s important for organisations to factor this growing trend into their security strategies.”


For any questions, comments or features, please contact us directly.




Lila Kee, General Manager, Americas & Chief Product Officer at GlobalSign




2022 will be the year of the SBOM: “Code signing and virus scanning alone will be deemed insufficient to safeguard networks against the spread of malware. Enter the Software Bill of Materials – SBOMs. The SolarWinds hack exposed one of the greatest vulnerabilities organisations face when it comes to determining the impact of ransomware or other types of malware injected through what often looks like legitimate software.”

“SBOM tool adoption will increase as organisations look to equip themselves with fast and effective tools to quarantine only the compromised areas of a given networks. The Wholesale Electric Industry among other critical infrastructure participants will lead the way as CISA begins providing baseline cybersecurity policies around third-party software management. By knowing exactly what software and software version is running where in a network, organisations will be able to prevent and respond in a much more agile way, reducing operational impact among other negative consequences.”



Mathieu Gorge, Author of “The Cyber-Elephant in the Boardroom” and CEO of VigiTrust


Mathieu Gorge, Picture Conor McCabe Photography.


“We can expect some new executive orders in the US, not just around critical infrastructure, but also around minimum benchmarks for large enterprises’ security around health information and credit card information. I also think we’ll see 5-10 states try to put something like CCPA into action in 2022. I don’t know if they’ll succeed, but I’m sure there will be a push. There will also definitely be a push for a federal privacy mandate, just as with previous administrations, but it takes time.”

“I believe that in 2022, cybersecurity will see more development and integration with artificial intelligence (AI) and this will be fuelled by the various attack vectors and the cybercriminals’ determination to bypass EDR and AV solutions. We’re already seeing the European Union Agency for Cybersecurity (ENISA) and several security institutes and working groups in the US (including NIST) issuing guidelines around AI and the ethics of AI. It can be used by the bad guys to make their attacks more powerful and by the good guys to stop and predict their attacks. Either way, there’s an ethical issue behind it. At some stage, the machine will make a decision based on its own intelligence, rather than what humans want. We’re a long way away from Terminator: Rise of the Machines, but not far away from issues that will be brought to the courts in the US and EU.”

“I also think that the concept of building a security awareness culture globally is getting traction. We saw way more activity in October this year for Cybersecurity Awareness Month in the US, Europe, Africa, and APAC than any other year. People are looking for new ways to interact and make their training more memorable and more fun – probably due to Covid-19 and teams not being together.”


For any questions, comments or features, please contact us directly.




Ilia Sotnikov, VP of User Experience & Security Strategist at Netwrix




Quantum computing will begin to disrupt encryption: “Most cryptographic algorithms today rely on the premise that there’s no processor sufficiently powerful to crack them in a reasonable timeframe — but quantum computing will allow such a processor to exist. While this technology is still far from any practical application, concern is growing. For example, the U.S. has announced export controls on eight Chinese quantum computing companies because of worries about China’s ability to break encryption. As the technology matures, we can expect more widespread adoption of post-quantum encryption standards.”

Companies will need to address challenges in machine learning: “Well over half (59%) of large enterprises today are already using data science (DS) and machine learning (ML). However, these techniques bring risks as well as benefits. ML algorithms are especially vulnerable in the learning phase because bad actors can poison the input in order to subvert the results, which can break critical processes and even put lives in danger in cases such as healthcare or traffic lights in a smart city. Organisations using ML must understand these threats and redouble their efforts to defend against them.”

Attackers will use residential home networks as their infrastructure: “A home network is much easier to infect with malicious software than a professionally secured enterprise IT environment. With processing power and bandwidth connectivity in residences increasing, home networks will become more attractive to bad actors. For example, by infecting many devices, they will be able to change IP addresses or even domain names dynamically during malware campaigns, thwarting common defenses like IP blocking and DNS filtering. IT teams should keep this new threat vector in mind when reviewing their security strategies and incident response plans. Moreover, the IT industry should seek to increase user awareness and best practices adoption to reduce the number of easy victims.”

“Prioritisation is the only way for organisations to manage the risk of cyberattacks in this new era of advanced technologies that can be used for both good and evil. Simply put, organisations need to focus on securing their most important and valuable assets from the most likely incidents, and update their policies regularly. It is increasingly obvious that cyber insurance is not a lifebuoy. Risk assessment is first and foremost our own responsibility.”


Bruce Snell, Security Strategy and Transformation at NTT Ltd.




“We should expect to see a continued evolution of the Ransomware as a Service (RaaS) “market” in 2022 in terms of growth and targets; expect to see more RaaS providers spring up (and disappear just as quickly) in 2022 as the back end systems for providing ransomware to affiliate members continues to improve. While the cybercrime gang “DarkSide” claimed to shut down operations after the Colonial Pipeline breach, expect to see the same group arise with a new name as well as many other groups wanting to copy their success. In 2021 we saw attacks against critical infrastructure and that is not going away any time soon. Attacks against the supply chain will continue to grow. The success of attacks against SolarWinds and Kaseya, allowing one breach to trickle down to thousands of additional targets is really too tempting for any aggressive cybercrime gang to ignore.”

“For organisations to combat this ever increasing threat, the solution lies in a combination of technology and education. The shortage of skilled cybersecurity staff (currently over 500,000 open cybersecurity jobs in the US) will require an increased dependence on technologies like Managed Detection and Response (MDR) and Extended Detection and Response (XDR). While many organisations can be hesitant to enable automated blocking, many more are realising that the cost of a breach far outstrips the cost of a false positive.”

“The old excuse of “I don’t want to potentially block my CEO from getting their email” really doesn’t hold much water when your organisation could be the next big breach that makes the news. In my opinion, employee security awareness training is the most cost effective security solution available. Not everyone needs to be a cybersecurity warrior, but if every one of your employees has a basic understanding of what a phishing email looks like and knows to not click on links with blind faith, then you have dramatically reduced the likelihood of your company being breached. Every single employee, from the CISO to the person at the front desk plays a vital role in the security of your organisation and with the looming cyber threats of 2022, you’ll need all the help you can get.”


For any questions, comments or features, please contact us directly.




Tim Prendergast, CEO at strongDM




“2022 will be a year where DevOps and Security converge beyond what we’ve already seen with DevSecOps, where it has been heavily focused on shifting left with security, and bringing security earlier into the development cycle.”

“This convergence will be marked by new workflows, technologies, and solutions that not just improve security, but that also improve the development cycle. One great example is optimising infrastructure access–when done right, you can improve your security posture with zero trust methodologies, while also making it easier for DevOps teams to access systems quickly and easily.”


Marco Bellin, Founder and CEO of Datacappy




“In 2022 you’ll be seeing ​ransomware malware being distributed over all of the ports available to any connected device. ​USB ports will be the most vulnerable. It has already been done to charging ports at the airports, and public charging stations are only becoming more popular in businesses and cities. Hiding a small chip with ransomware software programmed to upload to a connected device ​is even easier than building trust in a website or over fraudulent exchanges. As soon as that malware is on a device connected to an enterprise network the risks of propagation are enormous. Who asks if the white charging cables they see on a receptionist’s desk are dangerous for a corporate network? ​And as business travel resumes and hybrid office arrangements become the norm, how often will an employee need to charge a work device outside of the office?”

“Until these threats can be easily detected and prevented the best course of action for employers is employee education. ​Beyond ​”don’t click on links!”, advise employees to use trusted cables and chargers from the manufacturer of your devices ​and carry portable battery packs to avoid public outlets. These threats are currently esoterically employed but will soon be mainstreamed. Threats are ever evolving so it’s essential to teach your employees vigilance.”


For any questions, comments or features, please contact us directly.




Craig Ramsay, Senior Solution Architect at Omada




“Intelligent unification will be a major trend in 2022 in the Identity Management space – in other words, a meaningful convergence of technologies and identity disciplines. Now, more than ever, organisations have a plethora of solutions at their disposal. Maximising the capabilities and information available to provide a unified and holistic view of identities, their access, and the contexts through which they have the access will be crucial in reducing identity related risk. By breaking down these siloes and sharing information across these boundaries adapting to new identity challenges as they arise will become easier.”

“The sharp uptick in cloud adoption and SaaS offerings will continue across the board, which will make it easier for organisations to increase the services they’re consuming. With this trend in mind, any solution providing Identity Management and/or Identity Governance capabilities must provide versatile configurability to integrate and scale with the future and changing needs of businesses. Combining this configurable flexibility with increased identity analytics means we will start to see intelligent unified governance platforms that enable huge reductions in manual effort in implementing, managing, and interacting with Identity Management processes.”

“This shift to more and more autonomy in these processes is another trend I envisage growing throughout 2022. Right now, Identity Management is stuck in a hybrid of manual and semi-autonomous actions. Whilst there will always be a need for some level of human decision making when it comes to the most critical applications and sensitive data, a unified approach to identity will greatly reduce manual effort. This will be realised through increased automation and intelligent decision support where automation is not suitable.”


Tilo Weigandt, Co-Founder of Vaultree




More companies will invest in internal security teams: “With the responsibility for data security threats broadening, there is a strong case to be made for most companies to invest in their internal security team and to hire a CISO. I foresee companies ensuring their senior IT management staff also have a holistic understanding and approach to cybersecurity as an organisational-wide risk issue with a focus on the legal and regulatory implications of cyber risks as they relate to a company’s specific circumstances. This includes identifying which risks to avoid, accept and mitigate, as well as implementing specific plans for each potential threat and how these are communicated to senior management.”


For any questions, comments or features, please contact us directly.




Maxim Dressler, Co-Founder of Vaultre




Companies will need to implement zero-trust platforms: “The traditional security model is no longer fit for purpose and zero-trust models are simply more relevant in this era of remote working. The need for a zero trust security model has arisen because enterprises no longer tend to host data in-house but rather through a variety of platforms and services which reside both on and off premise with a host of employees and partners accessing applications via a range of devices in diverse geographical locations. Especially with the rise of remote work, companies will rely on an identity driven focus to bring security and networked convergence to organisations.”


Ryan Lasmaili, Co-Founder of Vaultree




Encryption adoption will rise across different industries: “Encryption technology is becoming more widespread. While industries such as finance, health and law enforcement are early adopters of encryption, we will begin to see more industries implement better data protection as their knowledge on the benefits increase. Realising that encrypted data is useless to criminals and that searchable encryption is practical and could solve many of the issues surrounding data privacy, will encourage more adopters of the technology.”


For any questions, comments or features, please contact us directly.




Kevin Curran, Co-Founder and Advisor of Vaultree


Dr Kevin Curran – School of Computing & Intelligent Systems. (Photo: Nigel McDowell/Ulster University)


Remote work will require us to re-examine data protection policies: “With the prolific use of mobile devices as remote work increases, this is leading to new risks as users install potentially malware-infected software and expose company data to foreign networks including their friends and family. Increasingly, employees are working longer hours in both work and remote home environments thus leading to new risks as users install potentially malware-infected software and expose company data to foreign networks including their friends and family.”

“One aspect, which should not be overlooked, is the fact that these devices belong to the employees and traditional ‘rules’ and mandates for enforcing new updates may simply not work, requiring us to reevaluate current data protection policies.”


Theo Wills, Senior Director of Privacy at Kuma LLC




The public is becoming more aware of privacy and how organisations keep, use, and share their data: “As this knowledge spreads, they will expect more of organisations regarding transparency, responsiveness when requesting access to information on what data is kept and who it shared with, consent about how data is used, and their right to have their data erased if they choose to cut ties with the organisation.”

Organisations will need to be able to respond quickly and concisely to consumer queries: “They’ll need to be faster internally to get systems and data handling in compliance with local regulations, and faster externally when individuals start exercising their privacy rights.”

Employee and workforce training is going to be more and more important: “The types of criminal campaigns that are on the rise (phishing, ransomware, etc) can often find an employee clicking on the wrong thing and compromising the business. Employees are going to need to be trained to think differently and critically about what they’re clicking on and who they’re responding to.”

“The rules are changing; the workplace isn’t what it used to be, and we are going to have to adapt to keep up!”


For any questions, comments or features, please contact us directly.




Ajay Unni, CEO at StickmanCyber




Ransomware: “In 2022 we will continue to see a rise in ransomware given the lucrative nature and guaranteed return on investment it offers cybercriminals. With a low reporting rate, it continues to be challenging for authorities to investigate and take action as victims often just pay the ransom and move on, making it an even more attractive proposition for hackers. Globally businesses, especially in the SME sector, are still not secure and are at risk of significant exposure to ransomware attacks.”

More email phishing attacks: “Expect to see more sophisticated email phishing campaigns and business email compromise style attacks as hackers know getting a victim to click on a malicious link via email is one of the easiest ways to get the system access needed to launch a ransomware attack.”

More investment in training: “With 77% of cyber attacks due to human and not technological failures it’s become clear that the first line of defence must always be to prevent human error. Compromised usernames and passwords provide a simple entry point for hackers to access a system and launch an attack. The smart organisations, that want to be on the front foot, will make cyber training a priority in 2022, ensuring their employees know not to share passwords and usernames, to use multi factor authentication and to be aware of and not click on malicious links.”


Josh Moulin, Senior Vice President at Center for Internet Security




Growing concerns over the mental health and wellness of cybersecurity professionals: “Cybersecurity professionals have been increasingly discussing concerns about the wellness of their staff. As if the COVID-19 pandemic has not been stressful enough for all of us, the immediate need to shift to remote work and keep employees and organisations safe from cyber-attacks is more important than ever. With an estimated 577,000 unfilled cybersecurity roles in the United States and the seemingly constant barrage of sophisticated cyber-attacks such as SolarWinds, Kaseya, Log4j, and others, cybersecurity professionals are burning out. Employers should be offering employee assistance programs (EAP), encouraging workers to take time off, and making plans to provide coverage so their security staff will feel comfortable stepping away to recharge.”

Continued convergence of OT/IoT and cyber-physical attacks: “Many organisations lack adequate strategies or detection/response capabilities for Operational Technology (OT) and Internet of Things (IoT) infrastructure. This has left many critical infrastructure sectors vulnerable to attacks, having a direct impact on public safety. In 2021 we saw evidence of this in the Colonial Pipeline, JBS meatpacking plant, and Florida water treatment facility cyber-attacks. While ransomware will continue to dominate these attacks, more life-threatening offences against our public safety, hospital, communications, utilities, transportation, and other critical infrastructure will increase. According to a recent report by Gartner, attacks on critical infrastructure have increased by 3,900% since 2013, and they predict that by 2024 a cyber-attack will be so damaging to critical infrastructure that a member of the G20 will reciprocate with a declared physical attack.”


For any questions, comments or features, please contact us directly.




Curtis Dukes, Executive Vice President & General Manager at Security Best Practices




Software suppliers will be the next big target of ransomware attacks: “Ransomware is a wholesale business that succeeds by offering a set of tools and exploits that can be developed once and run in as many places as possible. The most lethal and best-run criminal cartels are looking downstream from their most lucrative targets for software suppliers who distribute vital product updates. These exploits will not show up in large numbers and they will not roll out quickly since they require expertise, sophistication, and a long development time. But the return on investment is too large to resist. To counter the threat of ransomware, it’s critical to identify, secure, and be ready to recover your high-value digital assets in the likely event of an attack. This requires a sustained effort obtaining buy-in from the top level of your organisation (like the board) to get IT and security stakeholders working together.”


Joel Burleson-Davis, CTO of SecureLink




“2021 gave us a pretty stark picture of what to expect in 2022 in terms of cyberattacks. For one thing, we can expect hackers to continue exploiting third-party connections. Third parties are often granted privileged access to their customers’ systems and data, making them an extremely effective way to carry out a “hack one, breach many” attack. After all, what made SolarWinds and Kaseya some of the biggest breaches in history is the fact that hackers targeted vendors, which in turn allowed them to exploit thousands of those vendors’ customers.”

“With this in mind, the best way leaders can prevent cyberattacks in 2022—especially those conducted via third-party vulnerabilities—is by taking inventory of all access points, conducting periodic user access reviews and embracing the principle of Zero Trust, which grants users access only to the information and applications required to do their job and nothing more.”

“It’s always hard to predict the future, but we do know that cyberattacks, especially supply chain attacks, will continue to increase in sophistication and frequency in 2022. That’s why it’s so imperative that business leaders in every sector prioritise securing their most critical assets from both internal and external, third-party threats.”


For any questions, comments or features, please contact us directly.




Nick Santora, CEO of Curricula




“In 2022, cyber attacks will be as prevalent (if not more so) than supply chain issues. Namely because ransomware isn’t going away any time soon. It will continue to be the biggest threat to organisations’ financial security.”

“Ransomware is the outcome of the social engineering attack. We need to look at the root cause of socially engineered attacks, such as human error, because these attacks will become more complex and harder to prevent. As a result, I predict there will be a surge of companies prioritising cyber security. Organisations will be expanding their cyber security training and reevaluating the importance of systems and strategies that can more easily and accurately identify social engineering attacks.”

​​“While everyone is talking about how ransomware is only going to get worse in 2022, it’s really about how the severity of these attacks has increased as threat actors have become more sophisticated.”

“More people are continuing to work at home as the COVID pandemic is ongoing. When people are at home, they’re more relaxed, and bad actors have more opportunities to catch someone off guard.”

“We’ll also continue to see cyber attacks on employees at financial institutions as they are essentially spearphishing: deliberate, targeted attacks on an ideal victim profile. Call it what you will, but criminals are essentially creating target lists to focus on their ‘prospects’ to victimise. Why? Because they know they have money to pay.”


Nigel Thorpe, SecureAge




Email compromise: “A common way to infiltrate systems and organisations that cybercriminals have been using for years is to trick people into opening emails that look legitimate, thus interfering with corporate messages to make it look legitimate. These emails will have dangerous attachments or download links, allowing for data exfiltration, which then of course leads to making money off of it. And cybercriminals are becoming more and more sophisticated when it comes to piecing together disparate personal information from the dark web or social media to create seemingly legitimate and believable messages.”

“People are still working remotely, which means that company systems are no longer completely centralised. This leads to more vulnerabilities that organisations will have to prepare for, whether it’s investing in cybersecurity training for their employees, or making sure everyone is aware of what email addresses are legitimate and which ones are not.”

Core utilities and services will be heavily targeted: “One of the biggest stories in cybersecurity this year was the attack on the Colonial Pipeline that had ripple effects on many industries. But it was far from the only utility company that was targeted in 2021. We’ve seen plenty of attacks on utilities and services that affect people’s everyday lives, as hackers have exploited vulnerabilities in areas such as electrical or water grids, crippling critical infrastructure. By focusing cyberattacks on these generally well-protected areas that need constant upkeep, cybercriminals have the opportunity for huge pay-offs.”

“So even as there will be efforts to protect these vulnerable industries, hackers will still target them as much, if not more than they did this year. They know companies will meet their demands to keep vital parts of society running, and they will exploit any small weakness they can find. Thus, companies and local governments must do everything that they can to shore up their systems to prevent such attacks.”

Quiet attacks: “While some cybercriminals are still going for the big, attention-grabbing attacks, it’s becoming increasingly common to infiltrate an organisation in a way that they won’t be noticed for a long period of time. This allows for cybercriminals to exfiltrate data from servers and endpoints at a slow and steady pace. And in the new hybrid/remote work reality, there is much more information on remote computers that is typically less protected, which is most at risk.”

“It seems that the most popular point of entry for these quiet attacks in 2022 will be through targeting email and other messaging systems so that corporate communications can be compromised. Any data is vulnerable to attacks and should be protected all the time. While data is usually protected with defence and access controls, organisations should start protecting the data itself for more comprehensive protection at every level.”


For any questions, comments or features, please contact us directly.




Ben Goodman, CEO of CyRisk




“Startups have lots of things to think about and risk is around every corner. One risk that many startups typically don’t put enough thought into is cyber risk. We’ve seen dev teams spin up servers on the internet without proper protection, only to be attacked almost immediately and relentlessly, sometimes with very bad consequences. That’s because attackers use automated tools to continuously scan the internet for vulnerable, misconfigured or poorly protected systems. And entrepreneurialism isn’t just for good guys. It turns out bad guys are risk takers and entrepreneurs too. They’ve launched Ransomware-as-a-Service (RaaS) platforms with a quasi-franchise business model that lowers the barriers to entry for the less technical but criminally minded folks. They even offer tech support! Bad guy entrepreneurs have also been reinvesting some of their ill-gotten gains into R&D so their tools and RaaS platforms are more sophisticated than ever. Just because you’re small and new, it’s a mistake to think you’re not a target.”

“What can we expect in 2022? Undoubtedly, more wide-spread, random, opportunistic attacks from less experienced Ransomware-as-a-Service criminals. The bigger, well-financed ransomware gangs will focus on maximising ROI and protecting their investments. They are spending their resources going after big returns, such as companies that provide significant points of aggregation. We will see more ransomware and data exfiltration activity that starts by leveraging software supply chain vulnerabilities. Targets will include widely used hosting software, e-commerce, and infrastructure management tools. Bad guys will launch more ransomware attacks against other points of aggregation as well, such as managed service providers and SaaS platforms that large numbers of companies rely on.”

“Don’t be surprised to read about more frequent widescale attacks against IoT management systems, with impacts ranging from public infrastructure, industrial and consumer devices and services. As long as cyber gangs are motivated to make money and protect their investment, these types of attacks will continue. Startups are not immune to these risks, so it’s best to take cyber risk into account from the beginning.”


Avital Sincai, COO at Cydome




“For the past couple of years, we have seen cybersecurity breaches highlighted in the media more and more. As 2022 begins, companies from all markets would be wise to make a point of properly assessing their cybersecurity software in order to defend against and prepare for future attacks. With increased connectivity and data transfers comes an increased danger of cyberattacks and, given the increasing use of digitalisation, companies need to be weary and prepared for the worst-case scenario.”

“In the maritime industry specifically, based on previous data, we should expect to see an exponential increase in such threats. The global economy relies heavily on thousand of ships transferring over 90% of world trade, and these vessels are highly vulnerable without appropriate protection. The risks are greater in the maritime environment because of the reliance on technology for navigation, communications and transit combined with the intrinsic dangers of being at sea. Because of the potential vulnerabilities many entities view ships as a perfect target, from lone hackers to terrorists. Cybersecurity breaches have and will continue to have devastating results if vulnerabilities are not properly addressed.”

“Governments are already taking a closer look at cybersecurity with some nations implementing new, or enhanced regulations to protect the world’s economy. IMO 2021 was a good start, but in many parts of the world it is yet to be adhered to and, given the pace at which technology develops, it should not be delayed any longer. One of the biggest threats we have in our world today are cyberattacks. Recent figures show that in 2019 the global shipping industry moved 11 billion tonnes of cargo with a combined value of $11 trillion USD, so it is clearly a high value target, and the more successful attacks are, the more attractive they become to organised crime.”


For any questions, comments or features, please contact us directly.




J.R. Cunningham, CSO at Nuspire




“2022 is going to be a busy year for CISOs. Top of mind for everyone is ransomware, without question. This is driven in part by the fact that our former financial “last line of defense” against ransomware, our cyber insurance policy, is now not quite the same line of defense it once was. Insurance carriers are becoming ever more particular with expectations of a security program, ransomware caps, and minimum timelines for coverage. As a result, the potential financial exposure of a business to ransomware means the CISO has to adjust tactics to prevent, detect, and respond to ransomware faster and more efficiently than before.”

“The greatest paradigm shift for the CISO in 2022 is the requirement for much faster and more effective response to incidents. Gone are the days where the security team can leave the office on Friday or a holiday weekend, shut the lights off, and come back in on Monday. The speed of ransomware and advanced nation-state actors requires 24x7x365 security operations in order to ensure a business remains in-tact and safe from modern attacks. The work from home paradigm simply accelerates this trend, as the attack surface of a company now expands far beyond its traditional perimeter. Responding quickly and effectively, and with as much automation as possible, is now key to protecting businesses.”

“Exacerbating all of this is the talent shortage. Organisations continue to struggle to hire competent cyber security talent that is current in modern security tools. As a result, leveraging third parties such as consulting firms, virtual CISOs, and Managed Security Services Providers becomes more of a preferred option to protect an organisation in light of the extreme talent shortage. MSSPs can scale and adapt in a way that most organisations cannot regarding staffing levels and skills.”


Jose Carlos Najera Flores, Subject Matter Expert of Vulnerability Management at Syntax




“Supply-chain and Ransomware combo – Windows updates can offer a holy grail for launching supply-chain attacks, so it’s just a matter of time before hackers weasel their way in to leverage it as a delivery method for malware or other malicious software. I anticipate that we’ll see more Windows focused ransomware incidents targeting the supply chain next year.”

“Next-generation social engineering techniques – COVID-19 has unleashed a world of possibilities when it comes to social engineering. Phishing, Smishing and Vishing flourished and proved to be a profitable business. This scam triad will leverage AI and machine learning technologies to create “deepfakes” of individuals to make threats significantly harder to detect.”

“If you are already patching fast, double-time it! – Vulnerabilities will have a faster turnover into functional exploits that are measured in hours, not days.”


For any questions, comments or features, please contact us directly.




Steve Tcherchian, Chief Product Officer at XYPRO




Embrace ZERO Trust Security: “We are all used to the traditional security model of authenticating to the perimeter VPN or a cloud application then carrying on our tasks. This “Trust but Verify” strategy assumes everything within an organisation’s network is trusted, and not already breached. Once a user is authenticated to the VPN, they can move around to any resource to which they have access. The assumption is the user is who they say they are, the user’s account is not compromised and that the user will act responsibly.”

“In short, this model leaves organisations vulnerable to credential theft, low and slow attacks, and malicious insiders. Essentially all authenticated users are trusted on the network.”

“Enter ZERO Trust.”

“ZERO Trust not a technology, it’s a methodology. ZERO Trust never trusts and always verifies access. This eliminates any trust that previously existed for users, credentials, network, permissions. Instead, ZERO trust continuously checks and authenticates who is attempting to gain access to data, applications, servers, resources, etc. to ensure they are who they say they are. Even the U.S. Federal government is pushing hard for agencies to adopt this model under new guidance released last year by the Office of Management and Budget’s Cybersecurity and Infrastructure Security Agency. There will be a heavy emphasis this year by organisations both large and small, federal agencies and security vendors towards ZERO Trust strategies.”

Cryptocurrency becomes a target: “With interest rates (currently) at all time lows, and hyper-inflation and the U.S. stock market at all time highs, investors are looking at better returns on their money. Apps like CoinBase, Robinhood, eToro and others can make investing available to even the most technologically novice user. This could potentially be a recipe for disaster. As novice investors move funds around into these apps, they become popular and draw attention. Late last year, we saw what Robinhood calls a “data security incident” which compromised data from 7 million accounts by using simple social engineering techniques. Although this incident wasn’t as bad as it could have been, this shows that no app is off limits. This was the toe in the water. We are going to see larger attacks focused on targets where the money is.”


Gareth Wharton, Cyber CEO at Hiscox




“We all appear to be getting (re)-acquainted with the Greek alphabet as new Coronavirus strains emerge, the expectation must be that we are not going to be returning to a five-day work week in the office in the medium-term (or indeed ever).  This brings several challenges to our working environment that requires us and our technology to change. We reported in our 2021 Hiscox Cyber Readiness Report that 41% of respondents had increased numbers of staff working remotely.”

“In addition, nearly one fifth (18%) said they had added new e-commerce channels.  This is good news. Businesses are adapting and evolving to deal with these new ways of working and trading.  However, these changes were forced on businesses at very short notice, meaning these changes were not always planned, tested and secured with the rigour that they might have been under more normal times.”

“As businesses change and adapt so do our adversaries, and we have seen many attacks take place while M&A activity is underway because the customer is distracted and thereby more vulnerable to a successful attack. It is therefore vital to remain vigilant in these ever-changing times.”

“The recent log4j vulnerability is a good example. If a company has had to invest in a new VPN solution it may not have sufficient in-house skills or experience to ensure that service is checked for the vulnerability and remediated in a timely fashion.”

“Attackers (sadly) use global events to lure staff into opening phishing emails, and with the news moving so fast on vaccines, new variants, country lockdowns, etc. these are a treasure trove of opportunities for attackers to convince staff to click on phishing emails.”


For any questions, comments or features, please contact us directly.




Bryan Hornung, CEO/Founder at Xact IT Solutions




“My first cybersecurity prediction for 2022 is cyber insurance. We’re going to have higher premiums lower limits, and we’re going to see an increase in denied coverages. And we’re going to see more stringent requirements around things like multifactor authentication and even some insurance companies requiring companies to start implementing a zero-trust policy within their networks and their IT. This cyber insurance product is not very profitable for these companies, and they’re trying to figure out how to make money with it. These are the things we see already put in place, but they’re going to start asking for in 2022 from businesses that will be much more detailed. They’re going to want to know more about what you’re doing to prevent cyber attacks in your business before they’re even going to give you coverage.”

“We’re also going to see an increase in targeted and supply chain attacks—the targeted attacks against software companies and vendors that supply services to various industries or companies. We’re already starting to see supply chain attacks. Kronos and Schedulefly, who were hit with cyberattacks at the end of 2021 and early 2022, respectively, as examples. Both of these companies provided cloud-based services for thousands and tens of thousands of companies, impacting their business’s ability to do business. We’re going to see more of these types of attacks because cybercriminals know it works. They have a lot of leverage when an entire industry or a subset of an industry cannot do work normally.”


Ted Wagner, CISO, SAP NS2




“5G is going to start to disrupt traditional networking. Things like edge computing and network slicing will offer the opportunity to process data where it exists and segment networks in new ways with the potential for greater security. Vulnerabilities will show up as hackers apply their creativity, but it will certainly be disruptive. Services based on 5G technologies are already rolling out to market, which tells me more will follow. The caveat to this prediction is restrictions around airports, due to conflicts with aircraft.”

“Software Build of Material (SBOM) will be required of many software providers. Especially for customers like the federal government who can demand such disclosures. Issues with SolarWinds and the Log4j vulnerabilities have brought light to risks imbedded in released applications. Requirements like this will drive technology and automation to help meet this requirement.”

“The evolution of ransomware will continue to move towards disruptive and destructive outcomes. This has a national security implication. The US federal government will focus on ransomware over data exfiltration. An interesting development is the arrest of REvil ransomware gang members by the Russian government should be noticed. Greater prosecution of ransomware actors provides ample evidence of the international attention to this problem.”


For any questions, comments or features, please contact us directly.