12 Cybersecurity Predictions 2022: From AI Innovations and Vendor Visibility

According to CompTIA cybersecurity members, businesses should expect more ransomware attacks and cybersecurity attacks in 2022. However, advances in artificial intelligence innovations and increased regulations will help provide a stronger defense. There were many interesting trends and cybersecurity data that came out of 2021. It doesn’t look like the new year will be any different. We asked leaders from the Cybersecurity Advisory Council (and Cybersecurity Community) for their predictions about what tech companies can expect in the next 12 months.
Their thoughts covered everything from AI innovations in cybersecurity, to greater visibility into vendor applications, and much more. Here’s a glimpse at their thoughts:
Design flaws and increased attacks bring more resilience
“I believe we will see more negative impacts from intentional (attacks), and unintentional(design and build flaws), failures of AI/ML systems in 2022. This will encourage a greater focus on building and deploying resilient and failure-resistant solutions. We’ve seen some of these in the real estate sector, and I expect more to occur as businesses learn how to use AI and ML in secure environments.
Ransomware, Regulations and Threat Actor “Whac-a Mole” will continue
“We have seen a brief decrease in ransomware attacks during Q4 2021, as threat actors are temporarily taken down by international governments or they hide under the proverbial floor while they transform into something else. The U.S. government will continue to fight cybercriminals with offensive measures and international pressure. We will see proposals to establish significant regulations regarding cryptocurrency used for payment by cybercriminals. The U.S. Department of the Treasury’s Office of Foreign Assets Control will enforce stricter sanctions against individuals, organizations, or nations that have been added to the sanctions list. We will also see limited cyber-insurance availability, exponential premium rises of 4x-10x, and intense vetting of and attestations of controls coming to tech services providers.” – Kevin McDonald (COO and CISO), Alvaka Networks
It is a priority to get’securely fit’
“2022 will be the year that SMBs realize that security for their business is about collaboration with their IT security provider and with their staff. It is also about facing the realities of IT in today’s world. IT Security is not a diet or a weight loss program. It is a fitness program. It is not easy to do business in 2022. It is a difficult task that requires a lot of effort.” – Joshua Lieberman (president, Net Sciences).
AI Innovations Bolster Defenses
“AI will play a greater role in cybersecurity. We will see many new products, services, and products that use AI to protect against ransomware attacks and other breaches. This is important, as although some AI-based analytical tools exist today, the applications and use cases are numerous and many different models are required to create a comprehensive defense strategy. There are new AI-based tools for e-mails and Windows-based devices, which can be used in conjunction with existing products to deliver faster and deeper analytics.
As vulnerabilities increase, there is a higher demand for managed detection
“Organizations had to deal with 50 CVEs per hour on average due to the 18,000+ vulnerabilities and exposures (CVEs), that were recorded in 2021.” “As adversaries are rapidly exploiting vulnerabilities and diversifying their attacks, 2022 will press defenders to improve detection and response capabilities, increasing the demand for strong MDR solutions.” Pierson Clair managing director, Kroll
Critical Visibility to Vendors’ Applications
“I believe that the increase in software component vulnerabilities will receive much deserved attention by 2022. Businesses around the world will begin to protest against the lack of transparency by application vendors about which components they use to deliver solutions. Businesses are left in the dark about zero-day vulnerabilities in software components that are used to build application platforms, closed appliances, virtual machines, or virtual machines because there is no visibility. “Businesses are no longer willing take a wait-and-see approach from vendors.” – Ron Culler senior director of technology solutions, ADT Cybersecurity
Legacy IT Device Vulnerabilities Threaten Enterprise, Mid-Market Firms
“Scanning and remote exploit of legacy IT devices and software via the internet, via zero days and no patching