Ransomware attacks are expected to continue rising in 2022, but are likely to look different, as hackers become aware that the return on investment they can achieve by encrypting data is diminishing.
In addition, the supply chain will be a key target in 2022, with Forrester predicting 60 per cent of security incidents to result from issues with third parties. The insider threat is also expected to continue making organisations vulnerable with users and employees being brought into play by criminals looking to target critical national infrastructure (CNI).
There will also be an increase in social engineering, which tricks users into making security mistakes or giving away information. Countering these threats will require organisations to improve their preparedness for incidents, and build their ability to respond effectively, according to the security leaders.
Munawar Valiji, CISO, Trainline, said, “Organisations need to validate their use of basic security tooling – such as vulnerability management, and virus and malware protection – to make sure that they haven’t degraded against the performance expected of them. There will be more centralisation of those functions, and increased focus on automation and orchestration.”