Cybersecurity is now a primary focus for companies and organisations of all types and sizes. Continuous change in technologies deployed to gain competitive advantage inevitably means a corresponding shift in cybersecurity trends. Phishing and ransomware attacks are increasingly with us and news reports of high-profile data breaches are becoming ever more the norm. As well as these, ever present fixtures, here are some other cybersecurity trends so far in 2022.
The steady increase in use of mobile apps to handle increasingly sensitive data has made handheld devices a very attractive prospect for hackers. All our photos, financial transactions via banking apps and online retail sites, emails, and personal messages give rise to a wide range of security risks. The continued rise of smartphone malware is a worrying trend.
Modern vehicles come packed with microchips and software to create seamless connectivity and an effortless driving experience including cruise control, engine timing, security, airbags and advanced driver assistance.
These systems make extensive use of Bluetooth and WiFi technologies to communicate. Unfortunately, this also leaves them open to threats from hackers. Gaining control of the vehicle or using microphones for eavesdropping is already rising in 2022. The self-driving and autonomous vehicles can pose an even greater threat as the use even more complex mechanisms that requires strict cybersecurity measures.
Use of AI and Machine Learning
AI is now widely used across all market segments. This technology together with machine learning has brought tremendous changes in cybersecurity. AI has been a key building block in building automated security systems, natural language processing, face detection, and automatic threat detection. AI enabled threat detection systems can predict new attacks and notify admins for any data breach instantly.
The down-side, of course, is that this technology is now also being used to develop smart malware and attacks to bypass the latest security protocols protecting data.
With many organisations now established on cloud services and cloud infrastructure, security controls need to be continuously checked and updated to safeguard data stored in the cloud. Although cloud providers such as AWS, Google or Microsoft are well equipped with layered security measures, it’s still often the user which is the weak link in providing opportunities for malicious software, and phishing attacks. Access controls and education are essential.
Data as a Target
Security of data will continue to be a concern for organisations. Safeguarding digital data, particularly sensitive personal information is high on the agenda. Minor flaw or bug in your OS software or browser is a potential vulnerability for hackers to access private information.
General Data Protection Regulation (GDPR) has been in place from May 25th, 2018 onwards. It offers data protection and privacy for individuals in the European Union(EU). Similarly, the California Consumer Privacy Act (CCPA) was applied after January 1st, 2020, for safeguarding consumer rights in the California area.
Both these regulations can result in severe penalties for organisations found to be lacking in their efforts to protect personal information
The Rise of 5G
With the advent and growth of 5G networks, a new era of inter-connectivity will become a reality. This, with the likely corresponding boom in applications of Internet of Things (IoT) may give rise to a broad attack surface. Every step of the 5G network might bring a plethora of network attacks that we might not be aware of. Here manufacturers need to be very strict in building sophisticated 5G hardware and software to control data breaches.
Another important cybersecurity trend, that has become a perennial issue, is targeted ransomware. There have been many recorded and probably more unrecorded attacks since the high profile Wanna Cry attack in May 2017, on the National Health Service hospitals in the UK which corrupted more than 70,000 medical devices. Ransomware targets are now often more focussed with spear phishing attacks on executives and key employees now being common.
East Vs West has moved on-line. The tension between the Western powers and Chinese, Russian and even countries like Iran is being played out on the new. State backed attacks often create worldwide news. They have been implicated in both money motivated breaches and also in attempts at political interference. Expect high-profile data breaches, as well as political and industrial secrets to top cybersecurity trends for 2022.
Human error is still one of the primary reasons for successful data breaches. Both mistakes and intentional actions can bring down a whole organisation due to stolen or leaked data. A recent report by Verizon on data breaches claimed that as high as 34 percent of total attacks were directly or indirectly because of employees’ actions or negligence. Awareness training, checks and audits have never been more important.
If you think your business could be affected by any of the issue discussed above, KRYPSYS may be able to help. Please feel free to contact us at www.krypsys.com/contact-us/