Jaime Coreano, Vice President of Sales – Flexxon
The annual cost of cybercrime is expected to take a hit. $10.5 trillion by 2025. Losses from theft, fraud and embezzlement are compounded by the chaos that follows. Forensic investigations, restoration and deletion of hacked data and systems, lost productivity and inevitably damaged reputation all add to your bill.
Of course, cybercrime is an enemy that quickly adapts to its surroundings. As more countries, businesses and individual businesses become digital, new threats emerge and priorities change.
But advance warning is advance arming! So, here are the top five cybersecurity trends identified by X-PHY in 2022 to help you have the right cybersecurity skills and conduct a meaningful technology stack review.
#1: Firmware level attacks will increase.
According to the highly cited Security Signals Report published by Microsoft in March 2021, at least 80% of enterprises in major economies have experienced at least one firmware attack attempt in the past two years.
Firmware attacks are threatening precisely because the most common and familiar tools for detecting and isolating malware reside ‘below’ the operating system, out of sight. But so far, corporate security teams haven’t taken firmware threats seriously enough. According to the Security Signals report, only 29% of the security budget is dedicated to firmware protection.
It has to change.
There are a number of ways in which a firmware attack on a network device can be launched and cause significant damage. Likewise, there are many basic housekeeping and security steps that can eliminate many potential vulnerabilities. For example, AI-assisted security at the firmware level allows real-time data protection against all kinds of software-based malware, ransomware, and viruses without human intervention.
#2: More companies will be the target of internal work.
The actions security professionals take to narrow the attack surface are based on the simple idea that the threat is ‘out there’. However, focusing on preventing and detecting external attacks can create a serious blind spot called internal threats.
Whether malicious intent or clumsy thinking, trusted employees and partners can do more damage than ever. New ways of working and greater digital engagement are changing the nature of company networks and assets. According to The Ponemon Institute’s 2022 Cost of Insider Threats: A Global Report The accident rate has increased by 44% over the past two years, and the current cost per incident is $15.38 million. There are few signs that this rate is slowing down.
A zero trust model that leaves no room for protocol, courtesy or respect for seniority in such an environment treats all insiders suspiciously. This means monitoring, logging, and effective pattern detection to detect anomalous internal behavior, along with proper multi-factor authentication of all access to any system or service. This may be an uncomfortable idea for many people, but it is a necessary thought.
#3: Your supply chain will be a target for large ransomware.
In July 2021, a health care provider in New York experienced a ransomware attack. 1.2 million individuals – One of the largest health data breaches reported to federal regulators in 2021.
We are all familiar with the threat of ransomware. What is changing is the number of cyberattacks (such as this one) targeting trusted third-party vendors who provide essential services or software to the supply chain.
IT decision makers believe that this kind of supply chain attack will be one of the biggest threats. to the organization next year. However, most have not researched current or prospective suppliers in the past 12 months.
To stay ahead, it’s time for organizations to develop a response strategy. Until they do, this will remain an attractive goal.
#4: Increased risk of SMB
The world has changed, but the old mantras still apply. Attackers always aim for the easiest target. This is driving the growth of supply chain attacks and is also the reason for the increasing frequency of attacks against SMBs.
its Internet Crime Report 2020The FBI reported 791,790 suspected Internet crime reports from small businesses, an increase of 300,000 over 2019, with total losses in excess of $4.2 billion.
SMBs may not have the resources or expertise to adequately protect themselves, but there is still valuable information in their systems. As a result, they are exposed to more and more targeted and complex attacks.
Additionally, the recent massive shift to remote and hybrid ways of working has intertwined people’s private and professional lives, often resulting in less diligent approaches to cybersecurity. As a result, SMBs have seen a surge in cyberattacks as a result of human error. In fact, human error is 95% Data breaches, a problem heightened only by the effects of the pandemic.
So SMBs, like everyone else, need strong cybersecurity that includes everything from software to physical and all layers in between.
Enter AI-infused cybersecurity solutions. AI has the ability to reduce human intervention, allowing data to be protected without extensive knowledge or training.
#5: Vulnerabilities in critical infrastructure will be recognized.
At the other end of the scale is critical national infrastructure that is increasingly digitized but relies on security measures for control systems developed before data, sensors and networking are embedded into core control systems.
Critical infrastructure is less affected by the natural laws of cybersecurity than any other sector of the economy. The surge in technology development creates the perfect environment for cybercriminals to thrive, with the most valuable but least secure targets at the top of the list.
Attack on just one building management system new york city office block An estimated $350 million in damage was caused by connected vending machines. The economic impact of a serious cyberattack on the U.S. power grid could be at least $240 billion.
But it’s not just financial that’s been driving the blow to critical infrastructure. It could be political. Hacktivists, terrorists and foreign agents see energy grids, health systems, and transportation logistics as useful negotiating tools. You need an intelligent bulletproof solution, ideally a zero trust architecture that uses cybersecurity SSDs with built-in AI as the last line of defense.
This is X-PHY’s final unofficial forecast for 2022. Attacks are getting smarter. The same will be true of defense. This is the year in which zero trust architecture becomes the lens through which all cybersecurity solutions are viewed.
About the author
Jaime Coreano is Vice President of Sales at Flexxon. As a sales and business development executive with 25 years of experience in semiconductors, electronic components and cybersecurity, his vision and strategy have had a profound impact on the success of his clients in the Americas. He most recently worked on a new cybersecurity solution based on hardware-level AI-based protection against ransomware, data cloning, and physical attacks.
our company website https://www.flexxon.com/
Fair Use Notice: “Fair use” laws allow other authors to make limited use of the original author’s work without permission. Under 17 US Code § 107, “It is not copyright infringement to use copyrighted material for purposes such as criticism, commentary, news reporting, education (including multiple copies for classroom use), scholarship, or research.” As a matter of policy, fair use is based on the belief that the public is free to use portions of copyrighted material for the purposes of comment and criticism. Fair use privileges are perhaps the most important restrictions on the exclusive rights of copyright owners. Cyber Defense Media Group is a news reporting company that reports cyber news, events, information and more free of charge on its website Cyber Defense Magazine. All images and reporting are conducted exclusively in accordance with the fair use of US copyright laws.