DigiCert, Inc., a provider of TLS/SSL, IoT, and other PKI solutions, has released its annual set of cybersecurity predictions.
Majorly followed by important stakeholders present in the industry from across the world, the company has been releasing its cybersecurity predictions since 2018. Taking an active part in formulating these predictions, the company brought together their team of cybersecurity experts, including Jeremy Rowley, Avesta Hojjati, Mike Nelson, Jason Sabin, Dean Coclin, Stephen Davidson, Tim Hollebeek, and Brian Trzupek.
The team of experts found that as the year winds to a close, many of the uncertainties that shaped 2020 remain. The cybersecurity challenges that accompanied the pandemic have persisted, as hybrid remote workspaces have become a way of life. And through it all, the threat landscape continues to evolve, as innovations in cloud computing and other arenas open up new threats — some in unexpected areas.
Prediction: Supply chain, ransomware, and cyberterrorism attacks will continue to escalate
Undeniably, there has been a spike in ransomware attacks in India. According to a recent industry report, there has been a 64 percent increase in ransomware attacks between August 2020 and July 2021. Some threats that are likely to thrive in the coming year include:
Securing software isn’t easy in fast-paced DevOps-driven organizations. As development processes and supply chains for devices become more complex, the attack surface will only grow. The good news is that best practices like code signing can help companies bake security into each stage of the development process before it moves ahead to the production environments and customers.
The vulnerability also opens up more room for cyberterrorism. Public and private organizations that are vulnerable to cyberattacks will need to redouble their focus on a zero-trust approach to security. Like cyberterrorist events, ransomware attacks often attract heavy press coverage, which can further encourage bad actors seeking publicity.
We predict that ransomware attacks will continue to escalate, especially as the use of cryptocurrency expands — and makes ransom payments harder to trace outside the banking system.
Prediction: Trust and identity step up in business processes
Companies in every industry have been embracing digital transformation for years, and the trend is accelerating. According to Nasscom, the global digital transformation market size is expected to grow from USD 469.8 billion in 2020 to USD 1009.8 billion by 2025, at a CAGR of 16.5%, and India’s digital transformation market is expected to reach $710.0 billion by 2024, registering a CAGR of 74.7%.
As complex technology becomes a deeper part of every organization’s most critical processes, we predict that the use of digital signatures will increase — and will require a stronger level of trust and identity.
Prediction: The post-COVID threats will persist and evolve
Last year’s predictions included a variety of security threats that were directly tied to the COVID-19 pandemic. As the pandemic slowly recedes, we predict that those threats will continue to remain. We are seeing increasing use of contactless technologies in airports, retail environments, restaurants, and other public spaces — all of which are vulnerable to cyberattacks. Digital ID schemes such as drivers’ licenses and healthcare records are becoming more widely used — and also remain possible points that can be hacked.
Prediction: Automation will power cybersecurity improvements
As organizations work to keep the lights on and scrutinize the bottom line, there will be a push for efficiency in security technologies. Security teams will be asked to do more with even fewer resources. 2022 will bring an emphasis on technologies that allow organizations to do more with less, and automation will play a significant role in terms of security innovation in the new year. A recent DigiCert survey showed that 91% of enterprises are at least discussing automating the management of PKI certificates. AI and ML technologies will continue to play an essential role in powering this automation.
Prediction: Organizations prioritizing strategy/culture of security
We anticipate organizations working harder to strengthen a culture of cybersecurity, led from the top. We’re hearing more about employee education using phishing tests, mandatory online training, and cyber simulation exercises taking place at the board level, to help C-level participants test their communication strategies and decision-making in the event of a major cybersecurity crisis.
It’s clear that cyber attackers will continue to innovate and create more complex insidious threats. Mitigating tomorrow’s threats will require a commitment from leadership and good communication across every organization. However, best cyber security practices can help shield against such threats.