2022 Cybersecurity Predictions: An Ensign InfoSecurity Commentary
By Steven Ng, CIO and EVP of Managed Security Services, Ensign
Cyber threat landscape predictions for 2022
According to IDC, digital transformation investments in Asia Pacific are poised to double, hitting US$921 billion in 2024. Organisations will continue to adopt new technologies to transform their business operations in 2022. In doing so, they will expand their digital attack surfaces and introduce new vulnerabilities to their fast-growing digital environments.
At the same time, the cyber threat landscape will persistently evolve. Cyber supply chain attacks, such as the SolarWinds attacks, will go unabated. Technology service providers will remain attractive targets for threat actors due to the many organisations engaging their services for digital transformation.
Increasingly, threat actors will collaborate with each other to launch more sophisticated threat campaigns. The Ransomware-as-a-Service (RaaS) model is one example where cyber adversaries leverage each other’s respective expertise to execute more effective attacks. The RaaS model has led to the rise of the double extortion approach where threat actors demand ransom twice – one for decrypting the data and another for not leaking the stolen data online. To pressurize victims into paying the ransom, the perpetrators threaten to publish their stolen data on questionable websites. This can have grave ramifications for the affected parties, triggering regulatory attention, financial penalties and loss of trust.
Cybersecurity predictions for 2022
As cybersecurity demands continue to soar and evolve, organisations will not only increase their cybersecurity investment in 2022 but also shift their security approach. According to IDC, almost 70% of Asia-Pacific organisations highlighted that security in their organisations is currently underinvested. IDC also noted that more than half (55%) of organisations in Hong Kong, Korea, Malaysia, and Singapore plan to increase their security budgets.
While increasing cybersecurity spending is a step in the right direction, it is equally important for organisations to invest in the right areas. With threats becoming increasingly prevalent and sophisticated, the predictive nature of an intelligence-led cybersecurity approach is vital for organisations’ cyber defence arsenal.
Consequently, more organisations, especially the cyber mature ones, are likely to adopt this approach., building up their capabilities across several domains. These include threat detection, threat monitoring and analytics, threat hunting and digital forensics, as well as incident responses and recovery. This is key to building situational awareness and capabilities to identify, protect, detect, respond and recover from fast-changing security threats. According to IDC, security analytics, intelligence, response and automation (AIRO) are poised to register the highest CAGR of 17.6% among the security technology segments, reaching US$2 billion in 2025 in Asia Pacific, excluding Japan.
In particular, cyber analytics solutions that harness the power of AI will become increasingly vital and prevalent in 2022. Traditional signature-based detection solutions can no longer keep up with more sophisticated threat actors and threats. By leveraging AI-powered cyber analytics, organisations can gain enhanced visibility over advanced threats, and stay ahead of emerging threats. It is also a force multiplier that supports cyber teams, reducing alert fatigue and improving focus via triage of prioritised correlated incidents.