Opinion

It is hard to believe that another year is about to pass, and while not quite as unpredictable as last year, 2021 held a lot of its own trials and tribulations – especially for the tech sector. Ransomware has hugely increased this year – in fact, the UK has been ranked number 10 on the list of countries worst affected by ransomware in a new report commissioned by Google – and we are in the eye of the storm of the ‘Great Resignation’, which is hitting the cybersecurity industry hard.
Despite this however, the year has also had its wins. This year the UN declared 2021 the International Year of Peace and Trust, Kamala Harris became the first female and black Vice-President of the United States, and more than 7.5 billion Covid vaccinations (so far) had been administered.
o as we celebrate the winds, wind down, and bring the year to a close, what can we expect from 2022? Cybersecurity Magazine spoke with eight technology experts to find out what they predict for the next 12 months. Here is what they had to say

With the onset of Covid, online classes are starting to become a staple of modern learning. Many schools, colleges, and universities remain closed for months due to social distancing. Over 1.2 billion children are out of school globally.
Instead of whiteboards, we’re starting to use digital boards and software such as Miro. Instead of classrooms, we’re using Zoom and Skype calls. And for many, the only way to find out when the next lesson is starting is to look up a digital timetable on a school’s website.
At the same time, online learning infrastructure is largely unprotected. Many local schools or university websites operate under the pretense that they won’t become a DDoS target. And it’s easy to think that way. These platforms are small, they don’t generate a lot of income, if any, and they contribute to a good cause. So who would DDoS them?
and launch a powerful network flood for just a few dollars.

The spread of ransomware has reached unprecedented levels; every few days, there are headlines about new attacks crippling major companies or organizations. Some of these attacks have resulted in 8 figure ransoms, but the damage caused by downtime and data leaks is much larger than losses to ransoms.
A lot of the profits hackers are raking in get reinvested in enhancing their capability. All of this cash is driving the growth of an increasingly advanced and sophisticated underground economy, and with it, an expansion in hacker capabilities.

With the number and frequency of ransomware attacks increasing, not to mention the innovation in distribution methods, this should be a wake up call for organisations to strengthen their defences. By taking a preventative approach, businesses can take the necessary steps to strengthen their cybersecurity posture. This includes a combination of education, processes, hardware and software to detect, combat and recover from such attacks if they were to arise.

A few weeks ago, an article on the new CIS 18 framework was published on this site. CIS is one of the go to frameworks for security assessments, but the cloud has its own set of controls and a framework developed by the Cloud Security Alliance (CSA). They have recently released a new version of their framework as well. This article will introduce the CSA and its security framework.

Recent high-profile ransomware and cyberattacks expose vulnerabilities in commercial buildings that are far too widespread. In fact, the same headline-making exposures of late can be faced by any company that uses operational technology (OT) and information technology (IT).
Smart leaders across the nation and around the world should be thinking: “Maybe it could happen here.” The question becomes how to prevent similar attacks and how to position your organization to meet upcoming cybersecurity mandates with wide-ranging implications. Those of us in the cybersecurity business are aware of many such incidents, including some stories from my experience.

Less than a month ago, President Biden released his proposed budget for Fiscal Year 2022 that includes $9.8 billion in funding for cybersecurity enhancements. Cyberbreaches are making the headlines too often – almost on a weekly basis – and those are only the attacks that are reported. Not only are the breaches costly, but they also are dangerous. Potential threats to public safety as a result of cyberbreaches, in fact, are daunting. The Administration has made it clear that the Federal government intends to provide as much protection to the nation’s overall infrastructure as possible.