2. MATTHEW ROSENQUIST 2
SUMMARY
Cybersecurity will continue to rapidly gain in both relevance and
importance in 2022 as the world relies more upon digital technologies
and unknowingly embraces the increasing accompanying risks of
innovation. 2022 will see the rise of government orchestrated cyber-
offensive activities, the growth of cybercriminal impacts at a national
level, and the maturity of new technology used as powerful tools by both
attackers and defenders.
Threat actors will focus attention, as never seen before, against
technology supply-chains and all manner of national critical
infrastructures such as banking, healthcare, government services,
logistics, communications, and transportation. Most visibly, high-profile
ransomware attacks will capture the bulk of media headlines, but more
sophisticated strategic attacks will occur in stealth.
The cybersecurity industry will struggle with resources and agility in
responding to new attacks, but consumers will begin to demand that
products and services are trustworthy, fueling greater support by
executives for cybersecurity programs that manage security, privacy, and
safety.
Overall, 2022 will be a more difficult and trying year for cybersecurity
than its predecessors.
3. MATTHEW ROSENQUIST 3
INTRODUCTION
2022 will be a very challenging and tumultuous year for cybersecurity professionals. The underlying
fundamentals that drive major shifts of the cybersecurity industry: technologies, threats, and
economic factors, will combine to contribute to a significant overall rise in the relevance and
challenges of protecting digital assets and capabilities. Cybersecurity will be needed more than ever
and the expectations will be elevated accordingly.
The importance of cybersecurity increases with the adoption and reliance on digital products and services.
The technology landscape represents the expansive battlefield where threats seek opportunities to attack. As
it grows, more potential targets become available. With the innovation, implementation, and reliance on
technology, defenders are forced to spread ever thinner to protect what is critical. Maintaining the security,
privacy, and safety that users demand becomes unquestionably more difficult.
T H R E A T S L E V E L - U P
The threat agents themselves are growing in number, becoming better organized, emboldened by hugely
successful attacks, and joined by a new class of professionals that are entering the fray with never-before-
seen levels of resources and government backing. The threats defenders must face are becoming more
powerful.
The risks of attacks increase as the digital ecosystem grows in worth, importance, and power; therefore, the
value of protecting those systems and assets from disruption and manipulation rises at a comparable rate. As
consumers, businesses, and governments are impacted by cyberattacks, the focus will turn to increasing the
security to offset the risks of loss. The cost of security can rapidly increase as the scope and complexity
become more problematic.
C Y B E R S E C U R I T Y E C O N O M I C S O F P O W E R
Governments will play both offensive and defensive roles as cyberattacks are leveraged as a foreign and
domestic policy power-projection tool. Similar economic, political, and proxy attacks were conducted during
the cold war and we may see a resurgence of such behind-the-scenes maneuverings between nations. As
with any nation-level conflict, money and resources will be allocated at significant levels.
In the consumer space, customers will weigh the importance of security as a purchase criterion. Businesses
will want to respond to be more competitive and pursue investments to better harden and support their
offerings while better protecting their operational infrastructures.
4. MATTHEW ROSENQUIST 4
Overall, the relevance and need for cybersecurity will significantly jump in 2022. Critical capabilities and
assets will be at greater risk, driving a wide-ranging set of impacts being felt by more consumers. Citizens will
demand a greater level of trustworthiness of products and services. The shift in purchase criteria will spur
business executives to invest more in infrastructure and product development security. Marketing security,
privacy, and safety features for differentiation will prominently increase by the end of the year. Mergers and
acquisitions in the cybersecurity space will accelerate to support these goals and capitalize on emerging
opportunities.
This newfound relevance, even supported by more funding and respect, will not be enough to stem the flow
of attack as cybersecurity teams will continue to struggle with resources and agility. Cybersecurity talent
availability will continue to be a problem and the lack of integrated security tools will plague the ability for
cohesive oversight. 2022 will be a more difficult, confusing, and frustrating year for everyone in
cybersecurity.
5. MATTHEW ROSENQUIST 5
TOP 10 CYBERSECURITY
PREDICTIONS FOR 2022
• Defenses across all CI
sectors will be
seriously tested by
nation-states and
cybercriminals
• Compromised CI
organizations will
impact huge swaths
of users and citizens
• More attacks and
crippling impacts will
raise serious concerns
from governments
and the public
• Cybercriminals get
organized and
professional
1 . C R I T I C A L I N F R A S T R U C T U R E I S
T H E P R I M E T A R G E T
The gloves are fully off. The National Critical Infrastructure (CI) sectors will be
the main target for both cybercriminals and digitally capable nations. Attacks
will blend across Operational Technology (OT) and Information Technology (IT)
systems, making defense and response more difficult. Attacks will be designed
to impact service delivery and defenses will be seriously tested across all
sectors. In particular, the telecommunications, healthcare, government,
energy, transportation, and water management systems will be targeted most.
Many will fall victim to these acts, thereby impacting their downstream service
customers. Attacking a single critical infrastructure supplier can disrupt the
lives of millions.
I expect increased levels of critical infrastructure attacks will occur throughout
the year, with a handful being spectacular in their scope and downstream
effects. Crippling incidents will raise serious concerns from the public and
government. Calls for better security will echo loudly, but the practical up-
leveling of protections will remain challenging to achieve.
Cyberattacks are now everyone’s problem.
2 . C Y B E R C R I M I N A L S A R E
T A R G E T E D B Y G O V E R N M E N T S ,
B U T A D A P T A N D T H R I V E
Law enforcement agencies around the globe continue to get better at pursuing
cybercriminals for prosecution. In 2022 a new tactic will emerge, targeting the
infrastructure, personal assets, and systems of the hackers. Many
governments, including the U.S. in cooperation with their close allies, will
leverage their military and intelligence branches to offensively begin hack-back
operations. Essentially, hacking the hackers.
6. MATTHEW ROSENQUIST 6
• Automation and
decentralized
resources scale
attacks in 2H 2022
• Profitability attracts
more entry-level
participants
• The world begins to
pay the hefty price
for failing to address
ransomware while it
was small
It will be a shock to many unprepared and loosely organized cybercrime gangs.
However, this shift has been expected and is inherent to the nature of
adversarial engagements. To professional criminals, being attacked is simply
an occupational hazard, therefore not surprising and simply a practical matter
to be addressed.
I predict the professionals will spend the first quarter or so, hardening their
infrastructure, better securing their organization, preparing recovery options,
and improving the stealth of their money transfer and laundering operations.
They will get ready for the more hostile environment before returning to the
field of battle. Definitely, by the second half of the year, we will see them back
in force, maneuvering around the more active government hunters. Expect
the next generation of cybercriminals to better leverage automation and
distributed resources, such as Ransomware-as-a-Service (RaaS), hijacked
infrastructures, compromised technology suppliers, public blockchains, and
cryptocurrency, making it more difficult for government attackers to severely
disrupt their capabilities.
The overall success of cybercrime will attract a greater percentage of people
joining the Internet to participate in entry-level positions. Those who are
economically impoverished may be drawn to the profit potential of becoming a
ransomware affiliate, online money mule, data harvester, malware distributor,
or malicious social engineer. The greater pool of low-level expendable
resources will add additional scalability and insulation from the inner core of
the criminal organizations.
Cybersecurity will face growing legions of novice cyber attackers being
educated, directed, and empowered by the more experienced criminal
professionals who will share the staggering financial rewards.
3 . R A N S O M W A R E I M P A C T S E N T I R E
S O C I E T I E S
Security and governments have failed to properly respond to the explosive rise
of impacts due to ransomware. The attacks will only get worse, accelerating
rapidly in scope, innovation, and damage by mid-year. The effectiveness of
standard defenses, such as email filters and backups, begins to decline as
attackers find ways to undermine those controls.
7. MATTHEW ROSENQUIST 7
• Critical infrastructure
is heavily targeted in
addition to select
high-value companies
• Global ransomware
impacts increase by
10x
• Big cases and cross-
border arrests are
publicized
• But the overall impact
is trivial in the long-
term
• Criminals become
more cautious by the
end of the year,
making infiltration,
seizures, and arrests
more difficult
Critical Infrastructure will be a primary target. Well-organized attackers will
also begin campaigns against carefully selected high-value targets. Regardless
of how secure they may be, many will fall victim to the patient, methodical,
relentless, and well-organized attacks.
The impacts of ransomware will grow at least 10x for 2022, possibly an order
of magnitude more. By the end of the year, the government and many
industries will be declaring cyber-attacks as a national emergency, a threat to
democracy, and one of the highest priorities to address. Many of us will sadly
look back and realize we did have the chance to crush ransomware starting in
2021 but chose to act in meager ways without strategic foresight or conviction.
A severe price will be paid in 2022 and it will be our enemies who benefit and
get stronger because of our inaction.
4 . L A W E N F O R C E M E N T S H O W S
S T R E N G T H
For years, law enforcement organizations have been investing in technology
and training, putting them in a much better position in 2022. New tools,
processes, and cross-border collaboration will result in many criminal cases
being filed for actors around the globe.
The effectiveness of investigations will rise but not significantly undercut the
overall damage by cybercriminals. Attackers' growth and impacts on victims
will continue to outpace law enforcement efforts.
Expect to see some major cases and wins announced for the good guys. A
short-term slowdown in the first part of the year will give way to criminals
returning with better tactics, improved tools of their own, stronger
infrastructures, and more distributed capabilities by the second half of 2022.
Overall losses for the year due to cybercrime will reach new highs.
8. MATTHEW ROSENQUIST 8
• Gloves are off.
Offensive cyber
operations are now
part of the foreign
policy toolbox
• New cold-war
battlefield rules will
be defined by covert
actions
• Every country gets to
play this game on
relatively even terms.
Even small nations
can hit above their
class
5 . C Y B E R A T T A C K S A R E T H E N E W
F O R E I G N P O L I C Y T O O L
Governments and nation-states will be committed to a full-blown digital arms
race. Rulers will abandon any remaining apprehension and internally commit
to leveraging cyber as a tool to influence foreign policy.
Militaries and their supporting defense industrial base, intelligence agencies,
and diplomatic corps will augment their toolsets with new cyber capabilities to
provide leaders with new defensive and offensive options. Highly skilled
teams, advanced tools, and significant spending will support greater
capabilities as mechanisms to push foreign policy and protect essential
national capabilities.
Nations bring in significant financial and technical resources and offer political
cover for those conducting offensive operations. Attacks will be initiated
directly from government agencies and through external 3rd party vendors
hired as cyber mercenaries.
These powerful organizations have the ability to conduct very expensive and
complicated attacks, like the SolarWinds supply chain attacks of 2020/2021.
These exploitations penetrate deeply and reach across a wide range of public
and private victims at a scale never seen before.
National critical infrastructures, political activities, and powerful influencers in
adversarial countries will be prime targets for compromise, manipulation,
conveying veiled threats, or as exhibitions of power.
Cyber represents a much lower bar for entry and is an equalizing form of
warfare. The importance of borders, industrial capacities, geographical
distances, kinetic military might, and total defense budgets, are minimized.
Every country can play in this game and most will want an advantageous seat
at the table.
In 2022, cyber will be a brave new battlefield, where state coordinated attacks
could undermine economic stability, sway the opinions of the masses, disrupt
national infrastructures, and cripple the ability and morale to conduct military
operations, destabilize governments, and manipulate political sovereignty.
Most attacks will happen in covert ways, away from the public eye, similar to
the cold war a generation ago. The public will hear more attribution of
cyberattacks and finger-pointing speculation to other nations, but little
definitive proof will be left as evidence.
9. MATTHEW ROSENQUIST 9
• Oppressive
governments fully
commit to cyber for
domestic control
• Undesired groups and
individuals and easily
identified and
persecuted
• Attacks undermining
identity and trust will
mature in 2022
• AI used for attacks at
scale, customized for
individuals, that learn
over time to succeed
• A serious risk to
privacy, by oppressive
states who identify,
track, and persecute
political groups
2022 is the year hidden battles begin with cyber warfare between major
nations and ideologies, opening the era of a cold cyber-war.
6 . O P P R E S S I V E G O V E R N M E N T S
E M B R A C E D I G I T A L F O R P O W E R
Governments who maintain control of power with fear, oppression,
suppression of free speech, and constrain independent press, will fully
embrace digital technology to monitor, control information dissemination, and
manipulate citizens in 2022.
Offensive cyber operations will become a part of their domestic policy toolbox.
Oppressive governments will prioritize the establishment of several capabilities
to protect their positions of power, including identifying dissidents or disloyal
citizens, controlling social media narratives by suppressing unflattering data
and discussions about government practices and their rulers, and detecting
potentially threatening topics that receive public attention.
In places where freedom, privacy, and liberty are already rare or dwindling,
technology will be used in ruthless ways at scale, for controlling the flow of
information, enabling widespread surveillance of citizens, and as a mechanism
to target groups for persecution.
7 . A R T I F I C I A L I N T E L L I G E N C E I S
T H E N E W C Y B E R T O O L S R A C E
Artificial Intelligence (AI) use-cases are blossoming and
being adopted across every digital domain, bringing
tremendous efficiencies, automated scalability, and
fostering new capabilities for unimaginable benefits. The
great power of AI, specifically Machine Learning (ML) and
Deep Learning (DL) tools, will be leveraged by cyber
attackers and defenders in much more significant ways. A
new arms race is brewing for 2022, with opposing forces
working to leverage AI to undermine or enhance the
security, privacy, and safety of digital systems.
AI will be applied offensively to undermine the security,
privacy, and safety of targets. Attackers will use AI in large-
scale operations for fraud, theft, social engineering, target-
intelligence gathering, and the dynamic control of botnets.
New AI innovations will work to undermine identity and trust of people.
Art generated by AI GAN system,
with the prompt “cybersecurity”
Source: app.wombo.art
10. MATTHEW ROSENQUIST 10
• Quantum research
will show practical
proof-of-concepts for
encryption hacks
Cybersecurity will respond to these amplified threats with AI-enhanced
systems of their own, that will strive to keep pace at detecting, protecting, and
recovering from attacks. This will expand on the current use of AI for
rudimentary anomaly detection into entirely new branches for better
efficiency and scalability of cybersecurity.
The AI arms race will become obvious to the cybersecurity community who
find themselves dealing with the threats attacking at scale with automated
intelligent weapons. Defenders will scramble to respond and invest sizable
resources to maintain parity.
The most desirable AI security technologies will largely be developed in
startups and sought for acquisition by established cybersecurity and
technology companies, adding to the already feverish M&A activities in the
industry. By the end of 2022, many important deals will be announced and it
will signal the beginning of a buying spree to significantly augment digital
protections with new features enabled by AI.
AI will be the new weapon for cybersecurity in 2022. New weapons introduced
into battle, will always experience trials, blunders, invoke surprise, fear, and
eventually, refinement to create powerful systems for both sides. The
attackers, who maintain the initiative, will see the greatest benefit in the
window of time it takes for defenders to respond with improved defenses.
AI, for all its amazement, will showcase how the manipulation and misuse of
technology can harm as greatly as it can benefit. The use of AI will begin to
shift the types of attacks, tools, and tactics that cyber attackers use at scale by
the end of 2022.
8 . Q U A N T U M S H O W S I T S
F E R O C I O U S T E E T H
Quantum hacking research begins to show results in 2022. Qubit rates of
quantum computers, essentially their processing speed, are climbing to levels
where they, in theory, can begin to chip away at the locks protecting data.
Combined with optimized or potentially new algorithms, there are many
encryption schemes at risk, mostly in the public/private communications and
transactions space.
11. MATTHEW ROSENQUIST 11
• Updated algorithms
and hardware will
show proof-of-
concept attacks
against some
encryption schemes
• Concerns will
accelerate the
maturity and
adoption efforts for
new quantum
hardened standards
• Value of crypto
increases, attracting
more attacks
• The rush into crypto
brings easy victims
and money
• Victimization of
mainstream users will
fuel new regulation
I expect some proof-of-concept work to surface next year that leverages
quantum hardware with custom software to showcase how specific encryption
schemes could be compromised at scale.
This early research, showing actual capabilities, will send a shudder down the
spine of technology houses and governments. As a result, there will be a spur
of activity to rush the finalization and implementation of new quantum
resistance algorithms, hardened against such attacks.
Decisions on which standards to adopt are strategically important to the
industry but the work to implement is where the most difficulty exists and the
greatest investments are required.
Widespread attacks in the wild and transitions to better-hardened encryption
standards in products are still more than a year away, as part of a much larger
battle that will unfold across the next decade that will put the confidentiality of
the world's digital data at risk.
Proof-of-Concept attacks against encryption with quantum systems is the next
milestone that will fuel a shift in data protection standards and will eventually
force fundamental changes to the infrastructure of the global digital
ecosystem.
9 . C R Y P T O C U R R E N C Y I N N O V A T I O N
B E C O M E S A M A G N E T F O R
T H E F T , H A C K S , A N D F R A U D
An explosive infusion of more money, value, and services in cryptocurrency will
earn equally more attacks! Criminals, by their very nature, go where the
money is. They will thrive in 2022 by riding the massive growth of value
attached to cryptocurrency ecosystems.
The cryptocurrency industry is in its wild-west phase of insane growth and
currently exceeds over $2 trillion in value, with little regulation or oversight. A
massive land grab is taking place with innovation and droves of globally
connected consumers are interested in exploring these new digital economic
currencies, tools, services, and virtual worlds.
It is a criminal's paradise. The low bar of entry for fraud, frail and disjointed
regulations, a notable absence of effective law enforcement, little
accountability for actors, and a vast number of potential victims willing to
invest in trivial ventures is the perfect environment for cyber criminals success.
12. MATTHEW ROSENQUIST 12
2022 will be fraught with many more cryptocurrency frauds, rug-pulls,
exchange hacks, pyramid schemes, account takeovers, asset thefts, money
laundering, and other financial crimes perpetrated by cybercriminals.
Cryptocurrency hacks are not new, but society has viewed the victimization of
early-adopting technophiles as a consequence of their risk-seeking fringe
behaviors. But as mainstream populations flood into crypto and begin to be
victimized, the political fall-out will drive more visible demands for regulation
and oversight.
Cryptocurrency is becoming more mainstream. As we enter 2022, it is
estimated that 16% of Americans have used cryptocurrency, with a
disproportional ratio of younger adults (18 to 29) being the most popular.
Survey data also shows 32% of those who have never used crypto are
interested and an incredible 68% of American millionaires own cryptocurrency.
Financial institutions are receiving many requests for crypto-based solutions
and investment mechanisms. Numerous countries have already enacted
favorable regulations to embrace the use of digital currencies, such as Canada,
Germany, Singapore, Dubai, Portugal, and many others, but the US is struggling
to define clear laws.
Until regulation establishes a framework of rules and law enforcement evolves
mature capabilities for investigation and prosecution, the attackers will run
rampant. Only technologists and code currently stand in the way as static
barriers that will not hold smart attackers at bay for long.
As the value of cryptocurrency increases, more attacks will occur totaling
billions of dollars in losses. With the combination of easy victims, vast wealth,
and a lack of policing to interdict attackers, 2022 will be a tremendously
successful year for cybercriminals targeting cryptocurrency projects, users, and
services.
13. MATTHEW ROSENQUIST 13
• Public-Private data
sharing increases
significantly
• Support fades by EOY,
as the benefits aren’t
seen by the private
sector
• Governments will
need to show how
they are proactively
eliminating cyber
risks for everyone
1 0 . P U B L I C - P R I V A T E
C O O P E R A T I O N I N
C Y B E R S E C U R I T Y I M P R O V E S B U T
R E M A I N S L A C K I N G
The US government will invest and attempt to work more closely with the
private sector, especially those organizations that control or support national
critical infrastructure sectors. The Cybersecurity Infrastructure Security Agency
(CISA) and partner organizations will step up to fill large gaps by building a
runway for better data collection, public/private collaboration, and publishing
recommended standards for industries to improve general security.
Although by the end of 2022 many newly forged public-private collaborations
will be in place, most will be about data sharing to the government. It will be
seen as an unbalanced partnership as these capabilities won’t be viewed as
directly helping the majority of private sector participants. The shine will fade
until the next phase where governments can show how they are quantitatively
helping businesses proactively minimize their risks-of-loss.
14. MATTHEW ROSENQUIST 14
STANDING READY FOR 2022:
Cybersecurity in 2022 will be confusing, frustrating, and yet be driven by a newfound sense of frenzied
urgency. It will be a pivotal year as cybersecurity will once again remake itself to align with new
expectations and rapidly evolving threats.
But the year will be different as consumers will feel tangible impacts for cyberattacks and begin to
realize the importance of trustworthy technology. As security, privacy, and safety become a purchase
criterion and topic of public discussion, providers of products and services will respond by improving the
foundations of digital innovation.
The powerful economic incentives will significantly increase the resources for security but come with
sky-high expectations. By comparison, looking back at 2021 it will seem easy to what the cybersecurity
industry will experience in 2022 and beyond.
“The only easy day was yesterday”
“The only easy day was yesterday”, a motto taken from the military, will fit well with the cybersecurity
professionals finding themselves in the thick of what 2022 will bring. Every month will bring new
challenges as levels of exuberance increase with equally ambiguous expectations, more funding but a
lack of available resources, greater tools that are used just as proficiently (perhaps better) by attackers,
and bigger threats with seemingly unlimited budgets searching for vulnerabilities and crafting
professional exploits in record time.
It will take a collaborative effort for all entities participating in the global digital ecosystem to make
significant progress. Every government agency, company, and consumer must play a role to improve
cybersecurity and reduce victimization. Demanding trust in digital technology is the first step we must
take to endure 2022.
Only one thing is for certain in 2022, we are all at risk.
15. MATTHEW ROSENQUIST 15
AUTHOR
Matthew Rosenquist
Matthew Rosenquist is the Chief Information Security Officer (CISO)
for Eclipz, the former Cybersecurity Strategist for Intel Corp, and benefits from over 30+ diverse years in
the fields of cyber, physical, and information security. Matthew is very active in the industry and
consults to fellow CISO’s, boards, academia, governments, and businesses around the globe.
Matthew specializes in understanding the fundamental factors that drive and shift the industry. He has
been providing cybersecurity predictions for decades and his insights have been published in reports
from McAfee and various industry periodicals. As a veteran cybersecurity strategist, he identifies
emerging risks and opportunities to help organizations balance threats, costs, and usability factors to
achieve an optimal level of security.
He develops effective security strategies, measures value, develops best-practices for cost-effective
capabilities, and establishes organizations that deliver optimal levels of cybersecurity, privacy,
governance, ethics, and safety. He is a member of multiple advisory boards, an experienced keynote
speaker, publishes acclaimed articles, white papers, blogs, videos, and podcasts on a wide range of
cybersecurity topics, and collaborates with partners to tackle pressing industry problems.
Matthew regularly posts, shares, and collaborates on LinkedIn, where he has over 190 thousand
followers. You can follow him on LinkedIn: https://www.linkedin.com/in/matthewrosenquist/
Every week he publishes a new cybersecurity related podcast, interview, or video on YouTube. Be sure
to follow the Cybersecurity Insights channel for regular updates -
https://www.youtube.com/c/CybersecurityInsights