SlideShare uma empresa Scribd logo

2022 Cybersecurity Predictions

Matthew Rosenquist
Matthew Rosenquist

2022 Cybersecurity Predictions by Matthew Rosenquist

Tecnologia
1 de 15
Baixar para ler offline
2022 CYBERSECURITY PREDICTIONS 10 INDUSTRY PREDICTIONS Matthew Rosenquist CISO & Cybersecurity Strategist
MATTHEW ROSENQUIST 2 SUMMARY Cybersecurity will continue to rapidly gain in both relevance and importance in 2022 as the world relies more upon digital technologies and unknowingly embraces the increasing accompanying risks of innovation. 2022 will see the rise of government orchestrated cyber- offensive activities, the growth of cybercriminal impacts at a national level, and the maturity of new technology used as powerful tools by both attackers and defenders. Threat actors will focus attention, as never seen before, against technology supply-chains and all manner of national critical infrastructures such as banking, healthcare, government services, logistics, communications, and transportation. Most visibly, high-profile ransomware attacks will capture the bulk of media headlines, but more sophisticated strategic attacks will occur in stealth. The cybersecurity industry will struggle with resources and agility in responding to new attacks, but consumers will begin to demand that products and services are trustworthy, fueling greater support by executives for cybersecurity programs that manage security, privacy, and safety. Overall, 2022 will be a more difficult and trying year for cybersecurity than its predecessors.
MATTHEW ROSENQUIST 3 INTRODUCTION 2022 will be a very challenging and tumultuous year for cybersecurity professionals. The underlying fundamentals that drive major shifts of the cybersecurity industry: technologies, threats, and economic factors, will combine to contribute to a significant overall rise in the relevance and challenges of protecting digital assets and capabilities. Cybersecurity will be needed more than ever and the expectations will be elevated accordingly. The importance of cybersecurity increases with the adoption and reliance on digital products and services. The technology landscape represents the expansive battlefield where threats seek opportunities to attack. As it grows, more potential targets become available. With the innovation, implementation, and reliance on technology, defenders are forced to spread ever thinner to protect what is critical. Maintaining the security, privacy, and safety that users demand becomes unquestionably more difficult. T H R E A T S L E V E L - U P The threat agents themselves are growing in number, becoming better organized, emboldened by hugely successful attacks, and joined by a new class of professionals that are entering the fray with never-before- seen levels of resources and government backing. The threats defenders must face are becoming more powerful. The risks of attacks increase as the digital ecosystem grows in worth, importance, and power; therefore, the value of protecting those systems and assets from disruption and manipulation rises at a comparable rate. As consumers, businesses, and governments are impacted by cyberattacks, the focus will turn to increasing the security to offset the risks of loss. The cost of security can rapidly increase as the scope and complexity become more problematic. C Y B E R S E C U R I T Y E C O N O M I C S O F P O W E R Governments will play both offensive and defensive roles as cyberattacks are leveraged as a foreign and domestic policy power-projection tool. Similar economic, political, and proxy attacks were conducted during the cold war and we may see a resurgence of such behind-the-scenes maneuverings between nations. As with any nation-level conflict, money and resources will be allocated at significant levels. In the consumer space, customers will weigh the importance of security as a purchase criterion. Businesses will want to respond to be more competitive and pursue investments to better harden and support their offerings while better protecting their operational infrastructures.
MATTHEW ROSENQUIST 4 Overall, the relevance and need for cybersecurity will significantly jump in 2022. Critical capabilities and assets will be at greater risk, driving a wide-ranging set of impacts being felt by more consumers. Citizens will demand a greater level of trustworthiness of products and services. The shift in purchase criteria will spur business executives to invest more in infrastructure and product development security. Marketing security, privacy, and safety features for differentiation will prominently increase by the end of the year. Mergers and acquisitions in the cybersecurity space will accelerate to support these goals and capitalize on emerging opportunities. This newfound relevance, even supported by more funding and respect, will not be enough to stem the flow of attack as cybersecurity teams will continue to struggle with resources and agility. Cybersecurity talent availability will continue to be a problem and the lack of integrated security tools will plague the ability for cohesive oversight. 2022 will be a more difficult, confusing, and frustrating year for everyone in cybersecurity.
MATTHEW ROSENQUIST 5 TOP 10 CYBERSECURITY PREDICTIONS FOR 2022 • Defenses across all CI sectors will be seriously tested by nation-states and cybercriminals • Compromised CI organizations will impact huge swaths of users and citizens • More attacks and crippling impacts will raise serious concerns from governments and the public • Cybercriminals get organized and professional 1 . C R I T I C A L I N F R A S T R U C T U R E I S T H E P R I M E T A R G E T The gloves are fully off. The National Critical Infrastructure (CI) sectors will be the main target for both cybercriminals and digitally capable nations. Attacks will blend across Operational Technology (OT) and Information Technology (IT) systems, making defense and response more difficult. Attacks will be designed to impact service delivery and defenses will be seriously tested across all sectors. In particular, the telecommunications, healthcare, government, energy, transportation, and water management systems will be targeted most. Many will fall victim to these acts, thereby impacting their downstream service customers. Attacking a single critical infrastructure supplier can disrupt the lives of millions. I expect increased levels of critical infrastructure attacks will occur throughout the year, with a handful being spectacular in their scope and downstream effects. Crippling incidents will raise serious concerns from the public and government. Calls for better security will echo loudly, but the practical up- leveling of protections will remain challenging to achieve. Cyberattacks are now everyone’s problem. 2 . C Y B E R C R I M I N A L S A R E T A R G E T E D B Y G O V E R N M E N T S , B U T A D A P T A N D T H R I V E Law enforcement agencies around the globe continue to get better at pursuing cybercriminals for prosecution. In 2022 a new tactic will emerge, targeting the infrastructure, personal assets, and systems of the hackers. Many governments, including the U.S. in cooperation with their close allies, will leverage their military and intelligence branches to offensively begin hack-back operations. Essentially, hacking the hackers.
MATTHEW ROSENQUIST 6 • Automation and decentralized resources scale attacks in 2H 2022 • Profitability attracts more entry-level participants • The world begins to pay the hefty price for failing to address ransomware while it was small It will be a shock to many unprepared and loosely organized cybercrime gangs. However, this shift has been expected and is inherent to the nature of adversarial engagements. To professional criminals, being attacked is simply an occupational hazard, therefore not surprising and simply a practical matter to be addressed. I predict the professionals will spend the first quarter or so, hardening their infrastructure, better securing their organization, preparing recovery options, and improving the stealth of their money transfer and laundering operations. They will get ready for the more hostile environment before returning to the field of battle. Definitely, by the second half of the year, we will see them back in force, maneuvering around the more active government hunters. Expect the next generation of cybercriminals to better leverage automation and distributed resources, such as Ransomware-as-a-Service (RaaS), hijacked infrastructures, compromised technology suppliers, public blockchains, and cryptocurrency, making it more difficult for government attackers to severely disrupt their capabilities. The overall success of cybercrime will attract a greater percentage of people joining the Internet to participate in entry-level positions. Those who are economically impoverished may be drawn to the profit potential of becoming a ransomware affiliate, online money mule, data harvester, malware distributor, or malicious social engineer. The greater pool of low-level expendable resources will add additional scalability and insulation from the inner core of the criminal organizations. Cybersecurity will face growing legions of novice cyber attackers being educated, directed, and empowered by the more experienced criminal professionals who will share the staggering financial rewards. 3 . R A N S O M W A R E I M P A C T S E N T I R E S O C I E T I E S Security and governments have failed to properly respond to the explosive rise of impacts due to ransomware. The attacks will only get worse, accelerating rapidly in scope, innovation, and damage by mid-year. The effectiveness of standard defenses, such as email filters and backups, begins to decline as attackers find ways to undermine those controls.
MATTHEW ROSENQUIST 7 • Critical infrastructure is heavily targeted in addition to select high-value companies • Global ransomware impacts increase by 10x • Big cases and cross- border arrests are publicized • But the overall impact is trivial in the long- term • Criminals become more cautious by the end of the year, making infiltration, seizures, and arrests more difficult Critical Infrastructure will be a primary target. Well-organized attackers will also begin campaigns against carefully selected high-value targets. Regardless of how secure they may be, many will fall victim to the patient, methodical, relentless, and well-organized attacks. The impacts of ransomware will grow at least 10x for 2022, possibly an order of magnitude more. By the end of the year, the government and many industries will be declaring cyber-attacks as a national emergency, a threat to democracy, and one of the highest priorities to address. Many of us will sadly look back and realize we did have the chance to crush ransomware starting in 2021 but chose to act in meager ways without strategic foresight or conviction. A severe price will be paid in 2022 and it will be our enemies who benefit and get stronger because of our inaction. 4 . L A W E N F O R C E M E N T S H O W S S T R E N G T H For years, law enforcement organizations have been investing in technology and training, putting them in a much better position in 2022. New tools, processes, and cross-border collaboration will result in many criminal cases being filed for actors around the globe. The effectiveness of investigations will rise but not significantly undercut the overall damage by cybercriminals. Attackers' growth and impacts on victims will continue to outpace law enforcement efforts. Expect to see some major cases and wins announced for the good guys. A short-term slowdown in the first part of the year will give way to criminals returning with better tactics, improved tools of their own, stronger infrastructures, and more distributed capabilities by the second half of 2022. Overall losses for the year due to cybercrime will reach new highs.
MATTHEW ROSENQUIST 8 • Gloves are off. Offensive cyber operations are now part of the foreign policy toolbox • New cold-war battlefield rules will be defined by covert actions • Every country gets to play this game on relatively even terms. Even small nations can hit above their class 5 . C Y B E R A T T A C K S A R E T H E N E W F O R E I G N P O L I C Y T O O L Governments and nation-states will be committed to a full-blown digital arms race. Rulers will abandon any remaining apprehension and internally commit to leveraging cyber as a tool to influence foreign policy. Militaries and their supporting defense industrial base, intelligence agencies, and diplomatic corps will augment their toolsets with new cyber capabilities to provide leaders with new defensive and offensive options. Highly skilled teams, advanced tools, and significant spending will support greater capabilities as mechanisms to push foreign policy and protect essential national capabilities. Nations bring in significant financial and technical resources and offer political cover for those conducting offensive operations. Attacks will be initiated directly from government agencies and through external 3rd party vendors hired as cyber mercenaries. These powerful organizations have the ability to conduct very expensive and complicated attacks, like the SolarWinds supply chain attacks of 2020/2021. These exploitations penetrate deeply and reach across a wide range of public and private victims at a scale never seen before. National critical infrastructures, political activities, and powerful influencers in adversarial countries will be prime targets for compromise, manipulation, conveying veiled threats, or as exhibitions of power. Cyber represents a much lower bar for entry and is an equalizing form of warfare. The importance of borders, industrial capacities, geographical distances, kinetic military might, and total defense budgets, are minimized. Every country can play in this game and most will want an advantageous seat at the table. In 2022, cyber will be a brave new battlefield, where state coordinated attacks could undermine economic stability, sway the opinions of the masses, disrupt national infrastructures, and cripple the ability and morale to conduct military operations, destabilize governments, and manipulate political sovereignty. Most attacks will happen in covert ways, away from the public eye, similar to the cold war a generation ago. The public will hear more attribution of cyberattacks and finger-pointing speculation to other nations, but little definitive proof will be left as evidence.
MATTHEW ROSENQUIST 9 • Oppressive governments fully commit to cyber for domestic control • Undesired groups and individuals and easily identified and persecuted • Attacks undermining identity and trust will mature in 2022 • AI used for attacks at scale, customized for individuals, that learn over time to succeed • A serious risk to privacy, by oppressive states who identify, track, and persecute political groups 2022 is the year hidden battles begin with cyber warfare between major nations and ideologies, opening the era of a cold cyber-war. 6 . O P P R E S S I V E G O V E R N M E N T S E M B R A C E D I G I T A L F O R P O W E R Governments who maintain control of power with fear, oppression, suppression of free speech, and constrain independent press, will fully embrace digital technology to monitor, control information dissemination, and manipulate citizens in 2022. Offensive cyber operations will become a part of their domestic policy toolbox. Oppressive governments will prioritize the establishment of several capabilities to protect their positions of power, including identifying dissidents or disloyal citizens, controlling social media narratives by suppressing unflattering data and discussions about government practices and their rulers, and detecting potentially threatening topics that receive public attention. In places where freedom, privacy, and liberty are already rare or dwindling, technology will be used in ruthless ways at scale, for controlling the flow of information, enabling widespread surveillance of citizens, and as a mechanism to target groups for persecution. 7 . A R T I F I C I A L I N T E L L I G E N C E I S T H E N E W C Y B E R T O O L S R A C E Artificial Intelligence (AI) use-cases are blossoming and being adopted across every digital domain, bringing tremendous efficiencies, automated scalability, and fostering new capabilities for unimaginable benefits. The great power of AI, specifically Machine Learning (ML) and Deep Learning (DL) tools, will be leveraged by cyber attackers and defenders in much more significant ways. A new arms race is brewing for 2022, with opposing forces working to leverage AI to undermine or enhance the security, privacy, and safety of digital systems. AI will be applied offensively to undermine the security, privacy, and safety of targets. Attackers will use AI in large- scale operations for fraud, theft, social engineering, target- intelligence gathering, and the dynamic control of botnets. New AI innovations will work to undermine identity and trust of people. Art generated by AI GAN system, with the prompt “cybersecurity” Source: app.wombo.art
MATTHEW ROSENQUIST 10 • Quantum research will show practical proof-of-concepts for encryption hacks Cybersecurity will respond to these amplified threats with AI-enhanced systems of their own, that will strive to keep pace at detecting, protecting, and recovering from attacks. This will expand on the current use of AI for rudimentary anomaly detection into entirely new branches for better efficiency and scalability of cybersecurity. The AI arms race will become obvious to the cybersecurity community who find themselves dealing with the threats attacking at scale with automated intelligent weapons. Defenders will scramble to respond and invest sizable resources to maintain parity. The most desirable AI security technologies will largely be developed in startups and sought for acquisition by established cybersecurity and technology companies, adding to the already feverish M&A activities in the industry. By the end of 2022, many important deals will be announced and it will signal the beginning of a buying spree to significantly augment digital protections with new features enabled by AI. AI will be the new weapon for cybersecurity in 2022. New weapons introduced into battle, will always experience trials, blunders, invoke surprise, fear, and eventually, refinement to create powerful systems for both sides. The attackers, who maintain the initiative, will see the greatest benefit in the window of time it takes for defenders to respond with improved defenses. AI, for all its amazement, will showcase how the manipulation and misuse of technology can harm as greatly as it can benefit. The use of AI will begin to shift the types of attacks, tools, and tactics that cyber attackers use at scale by the end of 2022. 8 . Q U A N T U M S H O W S I T S F E R O C I O U S T E E T H Quantum hacking research begins to show results in 2022. Qubit rates of quantum computers, essentially their processing speed, are climbing to levels where they, in theory, can begin to chip away at the locks protecting data. Combined with optimized or potentially new algorithms, there are many encryption schemes at risk, mostly in the public/private communications and transactions space.
MATTHEW ROSENQUIST 11 • Updated algorithms and hardware will show proof-of- concept attacks against some encryption schemes • Concerns will accelerate the maturity and adoption efforts for new quantum hardened standards • Value of crypto increases, attracting more attacks • The rush into crypto brings easy victims and money • Victimization of mainstream users will fuel new regulation I expect some proof-of-concept work to surface next year that leverages quantum hardware with custom software to showcase how specific encryption schemes could be compromised at scale. This early research, showing actual capabilities, will send a shudder down the spine of technology houses and governments. As a result, there will be a spur of activity to rush the finalization and implementation of new quantum resistance algorithms, hardened against such attacks. Decisions on which standards to adopt are strategically important to the industry but the work to implement is where the most difficulty exists and the greatest investments are required. Widespread attacks in the wild and transitions to better-hardened encryption standards in products are still more than a year away, as part of a much larger battle that will unfold across the next decade that will put the confidentiality of the world's digital data at risk. Proof-of-Concept attacks against encryption with quantum systems is the next milestone that will fuel a shift in data protection standards and will eventually force fundamental changes to the infrastructure of the global digital ecosystem. 9 . C R Y P T O C U R R E N C Y I N N O V A T I O N B E C O M E S A M A G N E T F O R T H E F T , H A C K S , A N D F R A U D An explosive infusion of more money, value, and services in cryptocurrency will earn equally more attacks! Criminals, by their very nature, go where the money is. They will thrive in 2022 by riding the massive growth of value attached to cryptocurrency ecosystems. The cryptocurrency industry is in its wild-west phase of insane growth and currently exceeds over $2 trillion in value, with little regulation or oversight. A massive land grab is taking place with innovation and droves of globally connected consumers are interested in exploring these new digital economic currencies, tools, services, and virtual worlds. It is a criminal's paradise. The low bar of entry for fraud, frail and disjointed regulations, a notable absence of effective law enforcement, little accountability for actors, and a vast number of potential victims willing to invest in trivial ventures is the perfect environment for cyber criminals success.
MATTHEW ROSENQUIST 12 2022 will be fraught with many more cryptocurrency frauds, rug-pulls, exchange hacks, pyramid schemes, account takeovers, asset thefts, money laundering, and other financial crimes perpetrated by cybercriminals. Cryptocurrency hacks are not new, but society has viewed the victimization of early-adopting technophiles as a consequence of their risk-seeking fringe behaviors. But as mainstream populations flood into crypto and begin to be victimized, the political fall-out will drive more visible demands for regulation and oversight. Cryptocurrency is becoming more mainstream. As we enter 2022, it is estimated that 16% of Americans have used cryptocurrency, with a disproportional ratio of younger adults (18 to 29) being the most popular. Survey data also shows 32% of those who have never used crypto are interested and an incredible 68% of American millionaires own cryptocurrency. Financial institutions are receiving many requests for crypto-based solutions and investment mechanisms. Numerous countries have already enacted favorable regulations to embrace the use of digital currencies, such as Canada, Germany, Singapore, Dubai, Portugal, and many others, but the US is struggling to define clear laws. Until regulation establishes a framework of rules and law enforcement evolves mature capabilities for investigation and prosecution, the attackers will run rampant. Only technologists and code currently stand in the way as static barriers that will not hold smart attackers at bay for long. As the value of cryptocurrency increases, more attacks will occur totaling billions of dollars in losses. With the combination of easy victims, vast wealth, and a lack of policing to interdict attackers, 2022 will be a tremendously successful year for cybercriminals targeting cryptocurrency projects, users, and services.
MATTHEW ROSENQUIST 13 • Public-Private data sharing increases significantly • Support fades by EOY, as the benefits aren’t seen by the private sector • Governments will need to show how they are proactively eliminating cyber risks for everyone 1 0 . P U B L I C - P R I V A T E C O O P E R A T I O N I N C Y B E R S E C U R I T Y I M P R O V E S B U T R E M A I N S L A C K I N G The US government will invest and attempt to work more closely with the private sector, especially those organizations that control or support national critical infrastructure sectors. The Cybersecurity Infrastructure Security Agency (CISA) and partner organizations will step up to fill large gaps by building a runway for better data collection, public/private collaboration, and publishing recommended standards for industries to improve general security. Although by the end of 2022 many newly forged public-private collaborations will be in place, most will be about data sharing to the government. It will be seen as an unbalanced partnership as these capabilities won’t be viewed as directly helping the majority of private sector participants. The shine will fade until the next phase where governments can show how they are quantitatively helping businesses proactively minimize their risks-of-loss.
MATTHEW ROSENQUIST 14 STANDING READY FOR 2022: Cybersecurity in 2022 will be confusing, frustrating, and yet be driven by a newfound sense of frenzied urgency. It will be a pivotal year as cybersecurity will once again remake itself to align with new expectations and rapidly evolving threats. But the year will be different as consumers will feel tangible impacts for cyberattacks and begin to realize the importance of trustworthy technology. As security, privacy, and safety become a purchase criterion and topic of public discussion, providers of products and services will respond by improving the foundations of digital innovation. The powerful economic incentives will significantly increase the resources for security but come with sky-high expectations. By comparison, looking back at 2021 it will seem easy to what the cybersecurity industry will experience in 2022 and beyond. “The only easy day was yesterday” “The only easy day was yesterday”, a motto taken from the military, will fit well with the cybersecurity professionals finding themselves in the thick of what 2022 will bring. Every month will bring new challenges as levels of exuberance increase with equally ambiguous expectations, more funding but a lack of available resources, greater tools that are used just as proficiently (perhaps better) by attackers, and bigger threats with seemingly unlimited budgets searching for vulnerabilities and crafting professional exploits in record time. It will take a collaborative effort for all entities participating in the global digital ecosystem to make significant progress. Every government agency, company, and consumer must play a role to improve cybersecurity and reduce victimization. Demanding trust in digital technology is the first step we must take to endure 2022. Only one thing is for certain in 2022, we are all at risk.
MATTHEW ROSENQUIST 15 AUTHOR Matthew Rosenquist Matthew Rosenquist is the Chief Information Security Officer (CISO) for Eclipz, the former Cybersecurity Strategist for Intel Corp, and benefits from over 30+ diverse years in the fields of cyber, physical, and information security. Matthew is very active in the industry and consults to fellow CISO’s, boards, academia, governments, and businesses around the globe. Matthew specializes in understanding the fundamental factors that drive and shift the industry. He has been providing cybersecurity predictions for decades and his insights have been published in reports from McAfee and various industry periodicals. As a veteran cybersecurity strategist, he identifies emerging risks and opportunities to help organizations balance threats, costs, and usability factors to achieve an optimal level of security. He develops effective security strategies, measures value, develops best-practices for cost-effective capabilities, and establishes organizations that deliver optimal levels of cybersecurity, privacy, governance, ethics, and safety. He is a member of multiple advisory boards, an experienced keynote speaker, publishes acclaimed articles, white papers, blogs, videos, and podcasts on a wide range of cybersecurity topics, and collaborates with partners to tackle pressing industry problems. Matthew regularly posts, shares, and collaborates on LinkedIn, where he has over 190 thousand followers. You can follow him on LinkedIn: https://www.linkedin.com/in/matthewrosenquist/ Every week he publishes a new cybersecurity related podcast, interview, or video on YouTube. Be sure to follow the Cybersecurity Insights channel for regular updates - https://www.youtube.com/c/CybersecurityInsights

Recomendados

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
Shawn Croswell
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
♟Sergej Epp
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 

Recomendados

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
Shawn Croswell
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
♟Sergej Epp
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
Shah Sheikh
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
Inderjeet Singh
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
NUS-ISS
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
Evolve IP
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptx
uthayakumar174828
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Ulf Mattsson
 
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
APIsecure_ Official
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
Sylvain Martinez
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security Architecture
Kris Kimmerle
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
PECB
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
Stephen Lahanas
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
Sounil Yu
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Matthew Rosenquist
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docx
briancrawford30935
 

Mais conteúdo relacionado

Mais procurados

Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
ReZa AdineH
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Ulf Mattsson
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 

Mais procurados (20)

Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptx
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security Architecture
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
 

Semelhante a 2022 Cybersecurity Predictions

Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Matthew Rosenquist
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docx
briancrawford30935
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
at MicroFocus Italy ❖✔
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018
Confederation of Indian Industry
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdf
ssuserc1c354
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber security
John Kingsley
 
Safeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfSafeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdf
jasonuchiha2
 
CYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfCYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdf
Krishna N
 
Vision By 2023, the Departme.docx
Vision By 2023, the Departme.docxVision By 2023, the Departme.docx
Vision By 2023, the Departme.docx
jessiehampson
 
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk AdvisoryWhat Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
CR Group
 

Semelhante a 2022 Cybersecurity Predictions (20)

Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistTop 10 cybersecurity predictions for 2016 by Matthew Rosenquist
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
 
Project 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docxProject 2020 Scenarios for the Future of.docx
Project 2020 Scenarios for the Future of.docx
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
 
7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx7 Cybersecurity Statistics You Need to Know in 2023.pptx
7 Cybersecurity Statistics You Need to Know in 2023.pptx
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwc
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and AdaptabilityPat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018CII Whitepaper India Cyber Risk & Resilience Review 2018
CII Whitepaper India Cyber Risk & Resilience Review 2018
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Strengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdfStrengthening Critical Infrastructure Security.pdf
Strengthening Critical Infrastructure Security.pdf
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber security
 
Digital danger zone tackling cyber security
Digital danger zone tackling cyber securityDigital danger zone tackling cyber security
Digital danger zone tackling cyber security
 
Safeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdfSafeguarding the Digital Realm.pdf
Safeguarding the Digital Realm.pdf
 
CYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfCYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdf
 
Vision By 2023, the Departme.docx
Vision By 2023, the Departme.docxVision By 2023, the Departme.docx
Vision By 2023, the Departme.docx
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking Havoc
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
Cyberdefense strategy - Boston Global Forum - 2017
Cyberdefense strategy - Boston Global Forum - 2017Cyberdefense strategy - Boston Global Forum - 2017
Cyberdefense strategy - Boston Global Forum - 2017
 
5 main trends in cyber security for 2020
5 main trends in cyber security for 20205 main trends in cyber security for 2020
5 main trends in cyber security for 2020
 
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk AdvisoryWhat Are Cyber Attacks All About? | Cyberroot Risk Advisory
What Are Cyber Attacks All About? | Cyberroot Risk Advisory
 

Mais de Matthew Rosenquist

Improving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security BudgetsImproving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security Budgets
Matthew Rosenquist
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 
2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report
Matthew Rosenquist
 

Mais de Matthew Rosenquist (20)

Improving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security BudgetsImproving Healthcare Risk Assessments to Maximize Security Budgets
Improving Healthcare Risk Assessments to Maximize Security Budgets
 
Six Scenarios How Russia May Use Nukes.pdf
Six Scenarios How Russia May Use Nukes.pdfSix Scenarios How Russia May Use Nukes.pdf
Six Scenarios How Russia May Use Nukes.pdf
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022
 
McAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMcAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats Predictions
 
Cybersecurity Curricula Guidelines for Post-Secondary Degree Programs
Cybersecurity Curricula Guidelines for Post-Secondary Degree ProgramsCybersecurity Curricula Guidelines for Post-Secondary Degree Programs
Cybersecurity Curricula Guidelines for Post-Secondary Degree Programs
 
How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...
How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...
How Cyber Attacks are Changing Security - CSE ISCWest 2017 - Matthew Rosenqui...
 
Cybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew Rosenquist
Cybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew RosenquistCybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew Rosenquist
Cybersecurity Risks and Recommendations - PSA TEC 2017 - Matthew Rosenquist
 
2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...
2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...
2019 Keynote at the Techno Security and Digital Forensics Conference - The Ve...
 
Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018
Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018
Preparing for the Next Evolutions of Ransomware - Matthew Rosenquist 2018
 
2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist2017 K12 Educators Security Briefing - Matthew Rosenquist
2017 K12 Educators Security Briefing - Matthew Rosenquist
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
 
2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist2017 InfraGard Atlanta Conference - Matthew Rosenquist
2017 InfraGard Atlanta Conference - Matthew Rosenquist
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
Diversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Diversity in Cybersecurity Education - 2016 ICT keynote - M.RosenquistDiversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
Diversity in Cybersecurity Education - 2016 ICT keynote - M.Rosenquist
 
2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report2015 August - Intel Security McAfee Labs Quarterly Threat Report
2015 August - Intel Security McAfee Labs Quarterly Threat Report
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew Rosenquist
 
2015 Global APT Summit - Understanding APT threat agent characteristics is ke...
2015 Global APT Summit - Understanding APT threat agent characteristics is ke...2015 Global APT Summit - Understanding APT threat agent characteristics is ke...
2015 Global APT Summit - Understanding APT threat agent characteristics is ke...
 

Último

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 

Último (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

2022 Cybersecurity Predictions

  • 1. 2022 CYBERSECURITY PREDICTIONS 10 INDUSTRY PREDICTIONS Matthew Rosenquist CISO & Cybersecurity Strategist
  • 2. MATTHEW ROSENQUIST 2 SUMMARY Cybersecurity will continue to rapidly gain in both relevance and importance in 2022 as the world relies more upon digital technologies and unknowingly embraces the increasing accompanying risks of innovation. 2022 will see the rise of government orchestrated cyber- offensive activities, the growth of cybercriminal impacts at a national level, and the maturity of new technology used as powerful tools by both attackers and defenders. Threat actors will focus attention, as never seen before, against technology supply-chains and all manner of national critical infrastructures such as banking, healthcare, government services, logistics, communications, and transportation. Most visibly, high-profile ransomware attacks will capture the bulk of media headlines, but more sophisticated strategic attacks will occur in stealth. The cybersecurity industry will struggle with resources and agility in responding to new attacks, but consumers will begin to demand that products and services are trustworthy, fueling greater support by executives for cybersecurity programs that manage security, privacy, and safety. Overall, 2022 will be a more difficult and trying year for cybersecurity than its predecessors.
  • 3. MATTHEW ROSENQUIST 3 INTRODUCTION 2022 will be a very challenging and tumultuous year for cybersecurity professionals. The underlying fundamentals that drive major shifts of the cybersecurity industry: technologies, threats, and economic factors, will combine to contribute to a significant overall rise in the relevance and challenges of protecting digital assets and capabilities. Cybersecurity will be needed more than ever and the expectations will be elevated accordingly. The importance of cybersecurity increases with the adoption and reliance on digital products and services. The technology landscape represents the expansive battlefield where threats seek opportunities to attack. As it grows, more potential targets become available. With the innovation, implementation, and reliance on technology, defenders are forced to spread ever thinner to protect what is critical. Maintaining the security, privacy, and safety that users demand becomes unquestionably more difficult. T H R E A T S L E V E L - U P The threat agents themselves are growing in number, becoming better organized, emboldened by hugely successful attacks, and joined by a new class of professionals that are entering the fray with never-before- seen levels of resources and government backing. The threats defenders must face are becoming more powerful. The risks of attacks increase as the digital ecosystem grows in worth, importance, and power; therefore, the value of protecting those systems and assets from disruption and manipulation rises at a comparable rate. As consumers, businesses, and governments are impacted by cyberattacks, the focus will turn to increasing the security to offset the risks of loss. The cost of security can rapidly increase as the scope and complexity become more problematic. C Y B E R S E C U R I T Y E C O N O M I C S O F P O W E R Governments will play both offensive and defensive roles as cyberattacks are leveraged as a foreign and domestic policy power-projection tool. Similar economic, political, and proxy attacks were conducted during the cold war and we may see a resurgence of such behind-the-scenes maneuverings between nations. As with any nation-level conflict, money and resources will be allocated at significant levels. In the consumer space, customers will weigh the importance of security as a purchase criterion. Businesses will want to respond to be more competitive and pursue investments to better harden and support their offerings while better protecting their operational infrastructures.
  • 4. MATTHEW ROSENQUIST 4 Overall, the relevance and need for cybersecurity will significantly jump in 2022. Critical capabilities and assets will be at greater risk, driving a wide-ranging set of impacts being felt by more consumers. Citizens will demand a greater level of trustworthiness of products and services. The shift in purchase criteria will spur business executives to invest more in infrastructure and product development security. Marketing security, privacy, and safety features for differentiation will prominently increase by the end of the year. Mergers and acquisitions in the cybersecurity space will accelerate to support these goals and capitalize on emerging opportunities. This newfound relevance, even supported by more funding and respect, will not be enough to stem the flow of attack as cybersecurity teams will continue to struggle with resources and agility. Cybersecurity talent availability will continue to be a problem and the lack of integrated security tools will plague the ability for cohesive oversight. 2022 will be a more difficult, confusing, and frustrating year for everyone in cybersecurity.
  • 5. MATTHEW ROSENQUIST 5 TOP 10 CYBERSECURITY PREDICTIONS FOR 2022 • Defenses across all CI sectors will be seriously tested by nation-states and cybercriminals • Compromised CI organizations will impact huge swaths of users and citizens • More attacks and crippling impacts will raise serious concerns from governments and the public • Cybercriminals get organized and professional 1 . C R I T I C A L I N F R A S T R U C T U R E I S T H E P R I M E T A R G E T The gloves are fully off. The National Critical Infrastructure (CI) sectors will be the main target for both cybercriminals and digitally capable nations. Attacks will blend across Operational Technology (OT) and Information Technology (IT) systems, making defense and response more difficult. Attacks will be designed to impact service delivery and defenses will be seriously tested across all sectors. In particular, the telecommunications, healthcare, government, energy, transportation, and water management systems will be targeted most. Many will fall victim to these acts, thereby impacting their downstream service customers. Attacking a single critical infrastructure supplier can disrupt the lives of millions. I expect increased levels of critical infrastructure attacks will occur throughout the year, with a handful being spectacular in their scope and downstream effects. Crippling incidents will raise serious concerns from the public and government. Calls for better security will echo loudly, but the practical up- leveling of protections will remain challenging to achieve. Cyberattacks are now everyone’s problem. 2 . C Y B E R C R I M I N A L S A R E T A R G E T E D B Y G O V E R N M E N T S , B U T A D A P T A N D T H R I V E Law enforcement agencies around the globe continue to get better at pursuing cybercriminals for prosecution. In 2022 a new tactic will emerge, targeting the infrastructure, personal assets, and systems of the hackers. Many governments, including the U.S. in cooperation with their close allies, will leverage their military and intelligence branches to offensively begin hack-back operations. Essentially, hacking the hackers.
  • 6. MATTHEW ROSENQUIST 6 • Automation and decentralized resources scale attacks in 2H 2022 • Profitability attracts more entry-level participants • The world begins to pay the hefty price for failing to address ransomware while it was small It will be a shock to many unprepared and loosely organized cybercrime gangs. However, this shift has been expected and is inherent to the nature of adversarial engagements. To professional criminals, being attacked is simply an occupational hazard, therefore not surprising and simply a practical matter to be addressed. I predict the professionals will spend the first quarter or so, hardening their infrastructure, better securing their organization, preparing recovery options, and improving the stealth of their money transfer and laundering operations. They will get ready for the more hostile environment before returning to the field of battle. Definitely, by the second half of the year, we will see them back in force, maneuvering around the more active government hunters. Expect the next generation of cybercriminals to better leverage automation and distributed resources, such as Ransomware-as-a-Service (RaaS), hijacked infrastructures, compromised technology suppliers, public blockchains, and cryptocurrency, making it more difficult for government attackers to severely disrupt their capabilities. The overall success of cybercrime will attract a greater percentage of people joining the Internet to participate in entry-level positions. Those who are economically impoverished may be drawn to the profit potential of becoming a ransomware affiliate, online money mule, data harvester, malware distributor, or malicious social engineer. The greater pool of low-level expendable resources will add additional scalability and insulation from the inner core of the criminal organizations. Cybersecurity will face growing legions of novice cyber attackers being educated, directed, and empowered by the more experienced criminal professionals who will share the staggering financial rewards. 3 . R A N S O M W A R E I M P A C T S E N T I R E S O C I E T I E S Security and governments have failed to properly respond to the explosive rise of impacts due to ransomware. The attacks will only get worse, accelerating rapidly in scope, innovation, and damage by mid-year. The effectiveness of standard defenses, such as email filters and backups, begins to decline as attackers find ways to undermine those controls.
  • 7. MATTHEW ROSENQUIST 7 • Critical infrastructure is heavily targeted in addition to select high-value companies • Global ransomware impacts increase by 10x • Big cases and cross- border arrests are publicized • But the overall impact is trivial in the long- term • Criminals become more cautious by the end of the year, making infiltration, seizures, and arrests more difficult Critical Infrastructure will be a primary target. Well-organized attackers will also begin campaigns against carefully selected high-value targets. Regardless of how secure they may be, many will fall victim to the patient, methodical, relentless, and well-organized attacks. The impacts of ransomware will grow at least 10x for 2022, possibly an order of magnitude more. By the end of the year, the government and many industries will be declaring cyber-attacks as a national emergency, a threat to democracy, and one of the highest priorities to address. Many of us will sadly look back and realize we did have the chance to crush ransomware starting in 2021 but chose to act in meager ways without strategic foresight or conviction. A severe price will be paid in 2022 and it will be our enemies who benefit and get stronger because of our inaction. 4 . L A W E N F O R C E M E N T S H O W S S T R E N G T H For years, law enforcement organizations have been investing in technology and training, putting them in a much better position in 2022. New tools, processes, and cross-border collaboration will result in many criminal cases being filed for actors around the globe. The effectiveness of investigations will rise but not significantly undercut the overall damage by cybercriminals. Attackers' growth and impacts on victims will continue to outpace law enforcement efforts. Expect to see some major cases and wins announced for the good guys. A short-term slowdown in the first part of the year will give way to criminals returning with better tactics, improved tools of their own, stronger infrastructures, and more distributed capabilities by the second half of 2022. Overall losses for the year due to cybercrime will reach new highs.
  • 8. MATTHEW ROSENQUIST 8 • Gloves are off. Offensive cyber operations are now part of the foreign policy toolbox • New cold-war battlefield rules will be defined by covert actions • Every country gets to play this game on relatively even terms. Even small nations can hit above their class 5 . C Y B E R A T T A C K S A R E T H E N E W F O R E I G N P O L I C Y T O O L Governments and nation-states will be committed to a full-blown digital arms race. Rulers will abandon any remaining apprehension and internally commit to leveraging cyber as a tool to influence foreign policy. Militaries and their supporting defense industrial base, intelligence agencies, and diplomatic corps will augment their toolsets with new cyber capabilities to provide leaders with new defensive and offensive options. Highly skilled teams, advanced tools, and significant spending will support greater capabilities as mechanisms to push foreign policy and protect essential national capabilities. Nations bring in significant financial and technical resources and offer political cover for those conducting offensive operations. Attacks will be initiated directly from government agencies and through external 3rd party vendors hired as cyber mercenaries. These powerful organizations have the ability to conduct very expensive and complicated attacks, like the SolarWinds supply chain attacks of 2020/2021. These exploitations penetrate deeply and reach across a wide range of public and private victims at a scale never seen before. National critical infrastructures, political activities, and powerful influencers in adversarial countries will be prime targets for compromise, manipulation, conveying veiled threats, or as exhibitions of power. Cyber represents a much lower bar for entry and is an equalizing form of warfare. The importance of borders, industrial capacities, geographical distances, kinetic military might, and total defense budgets, are minimized. Every country can play in this game and most will want an advantageous seat at the table. In 2022, cyber will be a brave new battlefield, where state coordinated attacks could undermine economic stability, sway the opinions of the masses, disrupt national infrastructures, and cripple the ability and morale to conduct military operations, destabilize governments, and manipulate political sovereignty. Most attacks will happen in covert ways, away from the public eye, similar to the cold war a generation ago. The public will hear more attribution of cyberattacks and finger-pointing speculation to other nations, but little definitive proof will be left as evidence.
  • 9. MATTHEW ROSENQUIST 9 • Oppressive governments fully commit to cyber for domestic control • Undesired groups and individuals and easily identified and persecuted • Attacks undermining identity and trust will mature in 2022 • AI used for attacks at scale, customized for individuals, that learn over time to succeed • A serious risk to privacy, by oppressive states who identify, track, and persecute political groups 2022 is the year hidden battles begin with cyber warfare between major nations and ideologies, opening the era of a cold cyber-war. 6 . O P P R E S S I V E G O V E R N M E N T S E M B R A C E D I G I T A L F O R P O W E R Governments who maintain control of power with fear, oppression, suppression of free speech, and constrain independent press, will fully embrace digital technology to monitor, control information dissemination, and manipulate citizens in 2022. Offensive cyber operations will become a part of their domestic policy toolbox. Oppressive governments will prioritize the establishment of several capabilities to protect their positions of power, including identifying dissidents or disloyal citizens, controlling social media narratives by suppressing unflattering data and discussions about government practices and their rulers, and detecting potentially threatening topics that receive public attention. In places where freedom, privacy, and liberty are already rare or dwindling, technology will be used in ruthless ways at scale, for controlling the flow of information, enabling widespread surveillance of citizens, and as a mechanism to target groups for persecution. 7 . A R T I F I C I A L I N T E L L I G E N C E I S T H E N E W C Y B E R T O O L S R A C E Artificial Intelligence (AI) use-cases are blossoming and being adopted across every digital domain, bringing tremendous efficiencies, automated scalability, and fostering new capabilities for unimaginable benefits. The great power of AI, specifically Machine Learning (ML) and Deep Learning (DL) tools, will be leveraged by cyber attackers and defenders in much more significant ways. A new arms race is brewing for 2022, with opposing forces working to leverage AI to undermine or enhance the security, privacy, and safety of digital systems. AI will be applied offensively to undermine the security, privacy, and safety of targets. Attackers will use AI in large- scale operations for fraud, theft, social engineering, target- intelligence gathering, and the dynamic control of botnets. New AI innovations will work to undermine identity and trust of people. Art generated by AI GAN system, with the prompt “cybersecurity” Source: app.wombo.art
  • 10. MATTHEW ROSENQUIST 10 • Quantum research will show practical proof-of-concepts for encryption hacks Cybersecurity will respond to these amplified threats with AI-enhanced systems of their own, that will strive to keep pace at detecting, protecting, and recovering from attacks. This will expand on the current use of AI for rudimentary anomaly detection into entirely new branches for better efficiency and scalability of cybersecurity. The AI arms race will become obvious to the cybersecurity community who find themselves dealing with the threats attacking at scale with automated intelligent weapons. Defenders will scramble to respond and invest sizable resources to maintain parity. The most desirable AI security technologies will largely be developed in startups and sought for acquisition by established cybersecurity and technology companies, adding to the already feverish M&A activities in the industry. By the end of 2022, many important deals will be announced and it will signal the beginning of a buying spree to significantly augment digital protections with new features enabled by AI. AI will be the new weapon for cybersecurity in 2022. New weapons introduced into battle, will always experience trials, blunders, invoke surprise, fear, and eventually, refinement to create powerful systems for both sides. The attackers, who maintain the initiative, will see the greatest benefit in the window of time it takes for defenders to respond with improved defenses. AI, for all its amazement, will showcase how the manipulation and misuse of technology can harm as greatly as it can benefit. The use of AI will begin to shift the types of attacks, tools, and tactics that cyber attackers use at scale by the end of 2022. 8 . Q U A N T U M S H O W S I T S F E R O C I O U S T E E T H Quantum hacking research begins to show results in 2022. Qubit rates of quantum computers, essentially their processing speed, are climbing to levels where they, in theory, can begin to chip away at the locks protecting data. Combined with optimized or potentially new algorithms, there are many encryption schemes at risk, mostly in the public/private communications and transactions space.
  • 11. MATTHEW ROSENQUIST 11 • Updated algorithms and hardware will show proof-of- concept attacks against some encryption schemes • Concerns will accelerate the maturity and adoption efforts for new quantum hardened standards • Value of crypto increases, attracting more attacks • The rush into crypto brings easy victims and money • Victimization of mainstream users will fuel new regulation I expect some proof-of-concept work to surface next year that leverages quantum hardware with custom software to showcase how specific encryption schemes could be compromised at scale. This early research, showing actual capabilities, will send a shudder down the spine of technology houses and governments. As a result, there will be a spur of activity to rush the finalization and implementation of new quantum resistance algorithms, hardened against such attacks. Decisions on which standards to adopt are strategically important to the industry but the work to implement is where the most difficulty exists and the greatest investments are required. Widespread attacks in the wild and transitions to better-hardened encryption standards in products are still more than a year away, as part of a much larger battle that will unfold across the next decade that will put the confidentiality of the world's digital data at risk. Proof-of-Concept attacks against encryption with quantum systems is the next milestone that will fuel a shift in data protection standards and will eventually force fundamental changes to the infrastructure of the global digital ecosystem. 9 . C R Y P T O C U R R E N C Y I N N O V A T I O N B E C O M E S A M A G N E T F O R T H E F T , H A C K S , A N D F R A U D An explosive infusion of more money, value, and services in cryptocurrency will earn equally more attacks! Criminals, by their very nature, go where the money is. They will thrive in 2022 by riding the massive growth of value attached to cryptocurrency ecosystems. The cryptocurrency industry is in its wild-west phase of insane growth and currently exceeds over $2 trillion in value, with little regulation or oversight. A massive land grab is taking place with innovation and droves of globally connected consumers are interested in exploring these new digital economic currencies, tools, services, and virtual worlds. It is a criminal's paradise. The low bar of entry for fraud, frail and disjointed regulations, a notable absence of effective law enforcement, little accountability for actors, and a vast number of potential victims willing to invest in trivial ventures is the perfect environment for cyber criminals success.
  • 12. MATTHEW ROSENQUIST 12 2022 will be fraught with many more cryptocurrency frauds, rug-pulls, exchange hacks, pyramid schemes, account takeovers, asset thefts, money laundering, and other financial crimes perpetrated by cybercriminals. Cryptocurrency hacks are not new, but society has viewed the victimization of early-adopting technophiles as a consequence of their risk-seeking fringe behaviors. But as mainstream populations flood into crypto and begin to be victimized, the political fall-out will drive more visible demands for regulation and oversight. Cryptocurrency is becoming more mainstream. As we enter 2022, it is estimated that 16% of Americans have used cryptocurrency, with a disproportional ratio of younger adults (18 to 29) being the most popular. Survey data also shows 32% of those who have never used crypto are interested and an incredible 68% of American millionaires own cryptocurrency. Financial institutions are receiving many requests for crypto-based solutions and investment mechanisms. Numerous countries have already enacted favorable regulations to embrace the use of digital currencies, such as Canada, Germany, Singapore, Dubai, Portugal, and many others, but the US is struggling to define clear laws. Until regulation establishes a framework of rules and law enforcement evolves mature capabilities for investigation and prosecution, the attackers will run rampant. Only technologists and code currently stand in the way as static barriers that will not hold smart attackers at bay for long. As the value of cryptocurrency increases, more attacks will occur totaling billions of dollars in losses. With the combination of easy victims, vast wealth, and a lack of policing to interdict attackers, 2022 will be a tremendously successful year for cybercriminals targeting cryptocurrency projects, users, and services.
  • 13. MATTHEW ROSENQUIST 13 • Public-Private data sharing increases significantly • Support fades by EOY, as the benefits aren’t seen by the private sector • Governments will need to show how they are proactively eliminating cyber risks for everyone 1 0 . P U B L I C - P R I V A T E C O O P E R A T I O N I N C Y B E R S E C U R I T Y I M P R O V E S B U T R E M A I N S L A C K I N G The US government will invest and attempt to work more closely with the private sector, especially those organizations that control or support national critical infrastructure sectors. The Cybersecurity Infrastructure Security Agency (CISA) and partner organizations will step up to fill large gaps by building a runway for better data collection, public/private collaboration, and publishing recommended standards for industries to improve general security. Although by the end of 2022 many newly forged public-private collaborations will be in place, most will be about data sharing to the government. It will be seen as an unbalanced partnership as these capabilities won’t be viewed as directly helping the majority of private sector participants. The shine will fade until the next phase where governments can show how they are quantitatively helping businesses proactively minimize their risks-of-loss.
  • 14. MATTHEW ROSENQUIST 14 STANDING READY FOR 2022: Cybersecurity in 2022 will be confusing, frustrating, and yet be driven by a newfound sense of frenzied urgency. It will be a pivotal year as cybersecurity will once again remake itself to align with new expectations and rapidly evolving threats. But the year will be different as consumers will feel tangible impacts for cyberattacks and begin to realize the importance of trustworthy technology. As security, privacy, and safety become a purchase criterion and topic of public discussion, providers of products and services will respond by improving the foundations of digital innovation. The powerful economic incentives will significantly increase the resources for security but come with sky-high expectations. By comparison, looking back at 2021 it will seem easy to what the cybersecurity industry will experience in 2022 and beyond. “The only easy day was yesterday” “The only easy day was yesterday”, a motto taken from the military, will fit well with the cybersecurity professionals finding themselves in the thick of what 2022 will bring. Every month will bring new challenges as levels of exuberance increase with equally ambiguous expectations, more funding but a lack of available resources, greater tools that are used just as proficiently (perhaps better) by attackers, and bigger threats with seemingly unlimited budgets searching for vulnerabilities and crafting professional exploits in record time. It will take a collaborative effort for all entities participating in the global digital ecosystem to make significant progress. Every government agency, company, and consumer must play a role to improve cybersecurity and reduce victimization. Demanding trust in digital technology is the first step we must take to endure 2022. Only one thing is for certain in 2022, we are all at risk.
  • 15. MATTHEW ROSENQUIST 15 AUTHOR Matthew Rosenquist Matthew Rosenquist is the Chief Information Security Officer (CISO) for Eclipz, the former Cybersecurity Strategist for Intel Corp, and benefits from over 30+ diverse years in the fields of cyber, physical, and information security. Matthew is very active in the industry and consults to fellow CISO’s, boards, academia, governments, and businesses around the globe. Matthew specializes in understanding the fundamental factors that drive and shift the industry. He has been providing cybersecurity predictions for decades and his insights have been published in reports from McAfee and various industry periodicals. As a veteran cybersecurity strategist, he identifies emerging risks and opportunities to help organizations balance threats, costs, and usability factors to achieve an optimal level of security. He develops effective security strategies, measures value, develops best-practices for cost-effective capabilities, and establishes organizations that deliver optimal levels of cybersecurity, privacy, governance, ethics, and safety. He is a member of multiple advisory boards, an experienced keynote speaker, publishes acclaimed articles, white papers, blogs, videos, and podcasts on a wide range of cybersecurity topics, and collaborates with partners to tackle pressing industry problems. Matthew regularly posts, shares, and collaborates on LinkedIn, where he has over 190 thousand followers. You can follow him on LinkedIn: https://www.linkedin.com/in/matthewrosenquist/ Every week he publishes a new cybersecurity related podcast, interview, or video on YouTube. Be sure to follow the Cybersecurity Insights channel for regular updates - https://www.youtube.com/c/CybersecurityInsights