By: Tony Pepper, CEO, Egress
Experts predict that 2022 will bring a rise in multi-vector attacks and cybersecurity awareness training will “hit its limit” after a year of increasingly sophisticated email attacks targeting organisations and their supply chains
“After the major supply chain hacks of 2021, the supply chain will become least trusted channel and this will drive adoption of zero-trust methodologies. However, buyers should beware vendors that claim to singlehandedly solve zero trust – instead, organisations will need to layer combinations of technologies to truly achieve it.”
“In 2022 we’ll see a rise in multi-vector attacks. We’ve already seen hackers combining phishing, smishing and vishing, and the next step will include collaboration platforms. Hybrid work has created huge demand for collaboration tools, and they can be a treasure trove of company data that is often unsecured. Hackers will always follow current trends, and they know to take advantage of changes in the way that organisations store their data, so I expect that we’ll see a rise in attacks targeting these platforms.”
“Cyber training programmes will hit their limit in 2022. Cyberattacks have already outpaced the defence that security awareness training (SAT) can deliver. Despite continued investment in SAT, people continue to pose the biggest cybersecurity risk – and security teams are realising that training isn’t enough to solve the problem. Instead, there will be a focus on de-risking behaviour in place using technology, to provide a safety net for employees as they carry out their work.”
“In 2022 we’ll see a disappointing but inevitable continuation of attack vectors that have been plaguing businesses for years. Ransomware, phishing and social engineering attacks will all continue to increase. Major ransomware attacks will continue to dominate the headlines, with criminal gangs trying out new and increasingly inventive ways to turn the screws on their victims. Popular tactics include making threatening calls to company employees, and leaking or selling the organization’s sensitive data online. In response to this, we’ll see a renewed focus on preventing ransomware – and because over 90% of malware is delivered via email, organizations will ramp up their anti-phishing defences.”