Saket Modi, CEO and Co-Founder, Safe Security, provides us with his cybersecurity predictions for 2022.
- The first phygital catastrophe is coming: A central mission-critical application will go down and create a ripple impact across businesses and for consumers around the world. For example, a hack on a major central system like an Internet gateway, public cloud provider or a healthcare system like Epic will impact millions of people and we will see the physical ramifications in our everyday lives. Healthcare could be upended, businesses unable to provide digital services, flights cancelled, food and supplies not delivered and more.
- The consumerization of cyberattacks will rise for easier wins: The attack perimeter is becoming more personal, and the consumerization of attacks will rapidly increase. For example, the last iOS update alone had 11 zero-day attacks. Hackers will amplify attacks on mobile apps and people. This issue will proliferate because as zero-day attacks are rising, consumer cyber-awareness and the steps people need to take to protect themselves have not increased in tandem.
- Cybersecurity and data science fields will unite: Cybersecurity and data science have been disconnected fields that served two distinct purposes, but they will come together to help organizations better understand and proactively protect against increasing threats. The fields will collide and continue to grow together out of necessity, as application creation and enterprise data continue to explode and dramatically expand the attack surface.
- Cyber insurance will be mandated: In the next 12 months, the quantum of cyber insurance needed to protect against ransomware and other attacks will be mandated, at least in some geographic regions and industries. In a similar manner to requiring everyone to have auto liability insurance, high at-risk industries will be mandated to have a minimum level of cyber insurance. For example, companies may be required to have insurance to cover at least 2% of their annual turnover. In the next five years, almost all industries and geographic regions will mandate cyber insurance.
- A healthcare cyber regulator will be established: Healthcare continues to be the most targeted and attacked vertical, putting consumers at risk while not effectively protecting itself. A healthcare regulator or governing body will be put in place soon, like the SEC for the highly regulated financial services industry, to help strengthen the healthcare industry’s security and consumer protection.
- More cybersecurity services will be sold by non-cyber companies in the next five years: Cell Phone service providers and device manufacturers will embed Cybersecurity-as-a-Service into their plans to help consumers manage their security. Businesses will purchase cybersecurity offerings within their IT plans to protect employees and infrastructure. A large chunk of cybersecurity, both personal and enterprise, will be sold by large technology companies rather than solely through cyber vendors.