Cybersecurity is like ice cream or fashion, flavors and fads come and go, but the basics remain the same. 2021 brought a wave of ransomware and a realization that remote work is likely here to stay. Smarter MSP recently chatted with two notable cybersecurity experts, Sacred Heart University in Connecticut’s Sajal Bhatia, Director of MS Cybersecurity and Igor Khokhlov, assistant professor of cybersecurity, to learn what might make waves in 2022, and what surprised them (or didn’t) in 2021.
Prediction #1: Healthcare and Higher Ed to be a Prime Target for Hackers in 2022
Bhatia began by pointing to the continued emergence of 5G networks and cyber-attacks on healthcare and higher education as key trends to watch.
Statistics support Bhatia’s contention about 5G becoming a bigger and bigger player. Research and Markets project that the global market for 5G infrastructure should grow from $12.9 billion in 2021 to $115.4 billion by 2026, at a compound annual growth rate (CAGR) of 55 percent
As far as Bhatia’s prediction of attacks on healthcare, an ominous recall of all Medtronic remote controllers used with MiniMed 508 insulin pumps or the MiniMed Paradigm family of insulin pumps, ordered by the FDA in October, highlights the dangers ahead, as explained in the order:
“Using specialized equipment, an unauthorized person could instruct the pump to either over-deliver insulin to a patient, leading to low blood sugar (hypoglycemia), or stop insulin delivery, leading to high blood sugar and diabetic ketoacidosis, even death.”
Many experts Smarter MSP has recently interviewed share Bhatia’s prediction that healthcare will be a prime target for hackers in 2022. The explosive growth of connected healthcare devices creates a much larger attack surface to defend.
Khokhlov, meanwhile, predicts targeted phishing attacks will be a widespread problem in 2022. He agrees the healthcare field will be one to watch especially closely.
“Plus, more robust attacks on mobile devices, targeting stealing online banking credentials and bypassing two-factor authentication,” Khokhlov says.
Prediction #2: Ransomware will Continue to Proliferate
That brings us to ransomware, whether it will continue its rampage into 2022, and how might it change and evolve.
Bhatia says, “Yes, most likely it will continue, but the ransomware will become more targeted in nature.”
According to Kaspersky, that would continue a trend that increased by 767 percent over the past two years, targeted attacks on high-value targets like municipalities and deep-pocketed corporations.
Khokhlov predicts that not only will ransomware continue to pummel businesses in 2022, it will become even worse, riding the wave of targeted phishing attacks.
Prediction #3: Outlook for “Return to Normalcy” in 2022 is Dim
Dominating almost everything over the past year has been COVID. As the COVID pandemic enters its third year, everyone is asking whether remote work here to stay, and evaluating the cybersecurity implications should it continue. We asked Bhatia and Khokhlov if they think 2022 will bring more of a return to normalcy?
Both experts don’t see corporate campuses and downtown offices filling up anytime soon.
“Work-from-anywhere will be a thing going forward, especially for medium and large-scale organizations,” notes Bhatia. “The productivity, however, will depend on remote technology to a large extent and hence will increase the demand for cybersecurity professionals for IT support and data security. I can’t see going back to normalcy for a large part of 2022.”
Khokhlov adds, “I think for at least 2022 (and I believe for the observable future), remote work would be new normality. That leads to new cybersecurity issues since the virtual perimeter to be protected dramatically increases. Again, I expect more phishing attacks.”
Prediction #4: Cybersecurity Investments Should Focus on Security Awareness Training
Looking at where businesses should be investing their time and resources for 2022, Bhatia advises, “I would really want the organization to invest time/resources in cybersecurity awareness training in 2022.”
Most experts Smarter MSP has spoken to point toward increased training budgets for 2022. Cybersecurity awareness training continues to be one of the most inexpensive, and effective, weapons against the constantly evolving threat landscape.
Stay tuned to Smarter MSP for more expert interviews on what to expect in 2022 in the weeks ahead.
