Looking into the crystal ball for 2022 and beyond, here are my 10 biggest cybersecurity threats, trends, and predictions that all Texas CEOs need to know. While you’ll no doubt see quite a few familiar topics, it’s the severity of these very issues that’s quite alarming. Breaches are getting bigger and costlier. Cybersecurity talent is becoming harder to find. Social engineering attacks are becoming increasingly sophisticated.
Let’s dive in and look at each of these cybersecurity topics in greater detail.
1. The cybersecurity skills shortage will only continue to get worse.
If recent years have seen a tight labor market, then expect the second half of this year to be even tighter. The 2020 predictions for unfilled cyber jobs have essentially held true at the time of this printing, so how bad will it get this year? Experts point to a staggering 3.5 million unfilled cybersecurity jobs by the end of this year. There’s simply not enough talent to keep up with the massive growth in the industry, according to various experts. As the world becomes more connected, we’re going to need more cybersecurity professionals to secure the seemingly endless networks and devices that bridge our lives together, but we simply don’t have enough of them. The result is cybersecurity jobs going unfilled for months, leaving businesses highly exposed to security threats. What’s worse, whatever IT personnel an organization may have on staff, they often lack the necessary technical expertise for building a true cybersecurity program.
Technology professionals know that they can command heavy salaries. They also know they can find a job within weeks—even a few days—if they decide to jump ship for any number of reasons. Some companies are getting very creative in hiring, and, most importantly, retaining employees. Stock options, significant bonuses, expanded pay—whatever it takes to get the right employee on board, and keep them—are the new norm for many companies. “If you’re finding the job market a bit tight these days, you must not be in cybersecurity,” says Brian NeSmith, cofounder of Arctic Wolf Networks. “As hackers ramp up attacks with increasingly sophisticated methods and tools that are readily available for purchase on the dark web, the ‘white hats’ need all the help they can get.”
Word to the wise: Do all you can to hold on to whatever cyber talent you currently have, because replacing that person will be increasingly difficult, and expensive.
2. Cyberattacks and data breaches will get bigger and more costly.
The world is awash in cybersecurity attacks, and there seems to be no end in sight. What was once a rarity is now accepted as commonplace in today’s world. Data breaches keep coming and coming, a one-way freight train that cannot be stopped. Think of recent high-profile cyberattacks and how devastating they’ve been—the Sony Pictures breach of 2014, Yahoo’s compromise of hundreds of millions of user accounts from 2012 to 2014, and to top it all off, Equifax, the company that makes a living reporting, securing, and monitoring credit files, and their massive—and no doubt embarrassing—data breach in 2017.
Keep in mind that not all cyberattacks lead to data breaches. Many times they do, but often the purpose of such an attack is to create chaos and confusion, and to disrupt services we all heavily rely on.
The cold hard truth is that hackers are good at what they do and getting better all the time. Remember, they only must be right once, whereas businesses must be right every time when it comes to effective information security and cybersecurity measures. That’s not a winning formula, and its exactly why breaches will continue beyond 2021 and also grow in frequency and severity.
So, can nothing be done against the onslaught of cyberattacks coming our way? Not so fast. Yes, there are effective measures that can push back on such attacks, but the bigger question is this: Are businesses truly prepared to face the music and invest in comprehensive infosec and cybersecurity resilience measures?
We can only hope.
Talk is cheap, as the old saying goes, but Texas businesses will need to step up to the plate and hit a grand slam in terms of investing in infosec strategies that work. This means acquiring proven security tools and solutions, hiring competent and well-qualified IT personnel, training employees on current and emerging security issues, and more. But more than anything, businesses need an about-face on to security. This is not a start-and-stop strategy, or a one-and-done scenario. This is about a true culture change whereby security is engrained into the mindset of the organization. Implementing information security the right way will have profound benefits for years to come, no question about it.
Businesses can spend all the money they want on industry-leading security solutions, but without a “security first” mindset, one’s information security and cyber resilience programs are dead on arrival. I’ve heard countless stories of organizations investing in high-priced network security tools, only to find these products sitting on standby, totally unimplemented. And with a tight labor market discussed before, challenges will continue to mount for organizations.
Buying security products and doing nothing with them—well, that’s not security. That’s nothing but a waste of both time and money.
Changing the corporate culture is the very first—and most important—element when it comes to protecting organizational assets from growing cyberattacks. Train your employees on emerging security issues, threats, trends, and best practices. Make security a priority with every new hire in terms of training. Bring in outside experts to educate your employees.
3. The use of AI will accelerate.
Artificial intelligence is intelligence demonstrated via processing by machines, particularly computing systems. Remember the fear that robots would replace humans? Thankfully, that won’t happen anytime soon—hopefully ever—but AI is growing aggressively, becoming one of technology’s great disrupters of the new millennium.
AI is everywhere, used by almost everyone, every day. Familiar with Apple’s Siri or Amazon’s Alexa? Sure you are—that’s AI working for you. Have a Nest thermostat in your house? Then you’re no doubt aware of how it constantly adjusts its settings based on historical data. That means it’s using behavioral algorithms that “predictively” learn from prior heating and cooling settings.
Other examples of commonly used AI platforms are Tesla, Netflix, even music giants Pandora and Spotify. In fact, many of the initial wave of AI tools have been based on behavioral algorithms that essentially analyze data and then provide the user with what many call a “unique user experience” based on their prior actions. But that’s just the beginning of AI; it’s going to absolutely explode in coming years.
4. Cybercrime will continue to expand.
What, technically, is cybercrime? Well, not to get all wrapped up in a long-winded definition, but cybercrime is essentially criminal activity that either targets or uses a computer, a computer network, or a networked device. The vast majority, but not all, of cybercrime is committed by cybercriminals or hackers seeking to make a financial profit. And cybercrime can be carried out by both individuals and/or organizations.
Here are some of the most common forms of cybercrime:
- Email and internet fraud
- Identity fraud (where personal information is stolen and used)
- Theft of financial or credit card payment information
- Theft and sale of corporate data
- Cyberextortion (demanding money or an attack will be undertaken)
- Ransomware attacks (which is essentially a type of cyberextortion)
- Cryptojacking (where hackers mine cryptocurrency using resources they do not own)
- Cyberespionage (where hackers access government or company data)
The stark reality is clear: Cybercrime is here to stay, and will only increase over time. The hackers—and their attack methods—will become more brazen and sophisticated at every click of the mouse. Your best defense? Begin implementing a rock-solid cybersecurity program, and now! According to most security experts, adopting a comprehensive, well-thought-out cybersecurity program yields benefits that far exceed the cost. And to be clear, such a program simply can’t be developed overnight. But you’ve got to start somewhere, so start developing your very own customized cybersecurity program today.
5. Ransomware will be on the rise.
We’re likely to see more of one type of cybercrime in particular: ransomware, which is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files unless a ransom is paid. Ransomware variants have been employed for several years, with the goal of extorting money from victims by displaying an on-screen alert. Typically, these alerts state that the user’s systems have been locked or that the user’s files have been encrypted. Users are then told that unless a ransom is paid, access will be denied. The ransom demanded from individuals varies greatly, from as a little as a few hundred dollars to as much as hundreds of thousands of dollars.
And ransomware attacks are growing more common with each passing day. Just ask staff in the mayor’s office in Atlanta, Georgia, how damaging ransomware attacks can be. The City of Atlanta spent millions fighting a 2018 ransomware attack that is now believed to have been perpetrated by two Iranians thousands of miles away.
According to industry experts, a businesses will fall victim to a ransomware attack every 11 seconds this year. Additionally, it is estimated that the cost of ransomware to businesses will be more than $20 billion in 2021.
6. IoT will continue to flex its muscles.
In the broadest sense, the Internet of Things (IoT) encompasses essentially everything that’s connected to the Internet. Think devices, appliances, sensors, smartphones, and more. Ditch the more technical definitions of IoT and look at it as “the ever-growing network of physical objects that feature an IP address for Internet connectivity, and the communication that occurs between these objects and other Internet-enabled devices and systems.” IoT has become and will continue to grow into an ecosystem of connected devices that knows no end. There are billions of connected devices in use, and billions more on the way.
Gartner forecasts that a whopping 25 billion connected things will be in use in 2021, producing an immense volume of data. “Data is the fuel that powers the IoT and the organization’s ability to derive meaning from it will define their long-term success,” according to Nick Jones of Gartner. “AI will be applied to a wide range of IoT information, including video, still images, speech, network traffic activity and sensor data.”
Bain & Company expects the combined markets for the IoT, including hardware, software, systems integration, and data and telecom services, to grow to $520 billion by the end of this year. That’s more than double the $235 billion spent in 2017.
But with great benefits come great risks, particularly when it comes to security in the IoT landscape. There’s a massive amount of data traversing the world of IoT, being collected, analyzed, and stored. To the cyberhackers of the world, it’s a new world of opportunities for stealing gigantic amounts of highly sensitive consumer data.
7. Insider threats will be bigger than ever.
For years, we all worried about external threats: DoS and DDoS attacks. Hackers forcing their way into networks from thousands of miles. Email spam saturated with malware links.
Well, those threats are alive and well. Yet what’s also taking shape now—and will continue to grow this year and beyond—are insider threats. Call it the enemy within. As a business, you now have to look inside, toward nefarious employees and contractors who can create just as much damage—often more—as the well-known external threats. As to the types of insider threats, they’re plentiful and growing by the day in sophistication and regularity. In fact, insider threats are now so rampant that businesses are investing heavily in data loss prevention (DLP) techniques.
An insider is essentially anyone who has been given access to the organization’s information and other assets. This can be logical access to information systems, along with physical access to assets. According to the Information Security Forum (ISF), an independent, not-for-profit association of leading organizations from around the world, there are three types of insider threat occurrences: malicious, negligent, and accidental.
Some of the most common warning signs of insider threats include the following:
- Downloading or accessing significant amounts of data
- Accessing sensitive data not associated with one’s job function
- Accessing data outside of a user’s normal and routine behavioral profile
- Multiple requests for access to resources not associated with one’s job requirements
- Using removal media storage devices (e.g., USB drives or floppy disks) for downloading data
- Performing network crawling and searches for sensitive data
- Undertaking data hoarding, such as copying files from sensitive folders
- Emailing sensitive data outside the organization to other external parties
8. Phishing attacks will continue to grow.
Phishing attacks are a type of social engineering attack often used to steal a wide range of user data, ranging from passwords to credit card numbers and much more. A phishing attack happens when someone is masquerading as a trusted entity, effectively tricking an unsuspected victim into opening an email, a test message, or some other form of electronic communication. The victim then clicks on the link, and this is where the attack goes from bad to worse as malware infects the user’s computer, often spreading to other systems, especially if that user was on a network.
It’s been reported that a staggering 91 percent of cyberattacks begin with a spear-phishing campaign. That statistic alone is reason enough for organizations to implement robust and comprehensive security awareness training programs for their employees.
9. The cloud will continue to grow aggressively—and be attacked.
The two heavyweight cloud players are Microsoft Azure and Amazon AWS—with Google GCP also a viable entity—and their unprecedented growth will continue in 2022 and beyond. Businesses want reliability, scale, ease of use, and security from a cloud solution, and that’s what they’re getting with the likes of Azure and Amazon. No more costly data center deployments with dozens of high-paid network engineers cabling wires. No more tedious procurement measures for installing and decommissioning rows of servers and supporting devices. With just a click of the mouse, almost anyone can set up a network in today’s cloud environments. Within a short period of time, most businesses will have some or all of their development and production environments resting nicely and safely in the cloud!
The trio of Azure, AWS, and GCP come from some of the wealthiest, most well-funded organizations in the world, and with massive revenues relying on their cloud environments, you better believe they’re spending a fortune in terms of security and privacy. That’s not to say security should be an afterthought if you’re using one of these solutions—not at all, as access to one’s cloud console by the wrong individual can turn into a security nightmare of epic proportions. Someone can very easily delete server instances, make unauthorized configuration changes, or—even worse—close the entire environment with just a few clicks of the mouse. With so much at stake, it’s important that login credentials are closely monitored at all times. Cloud service providers (CSPs) such as Azure, AWS, and GCP all essentially run on what’s known as a “shared responsibility model.” Specifically, the CSP is responsible for certain things; you, the customer, are responsible for certain things; and then both the CSP and you share several responsibilities.
10. Organizations will fail miserably—once again—in applying security patches.
One of the most fundamentally important initiatives for helping secure information systems is patching. Specifically, applying security and patch updates to operating systems and applications is absolutely essential, yet untold numbers of businesses are missing the mark on this. There’s a reason Microsoft, Unix, Linux, and dozens of other major software vendors provide security updates. No, it is not to make your life miserable—it is to correct serious security issues that can be exposed by hackers and other nefarious individuals. How important is patching? Important enough that a number of high-profile breaches happened due to operating systems and applications not being patched for months—even years—after updates were available!
Take for example 2017, when a massive ransomware attack essentially shut down work at more than a dozen hospitals across the United Kingdom. According to researchers, the attack made use of an exploit called EternalBlue, believed to have been be developed by the NSA to break through Windows security. Microsoft issued an update to protect against the vulnerability before the attack, but the update didn’t make it to every Windows machine, and thus the systems were left unpatched.
• • •
In conclusion, cybersecurity is without question an issue that requires constant vigilance and preparedness on your part as top leaders in one of the world’s largest economies—our great state of Texas. I hope that understanding these 10 issues will help your efforts to grow, navigate, and continue to be innovative places of work and productivity for all your associates and customers in the decades to come.