Smart company owners know that complacency presents a threat to your business in the best of times. But in our current climate, the velocity and unpredictability of those threats – and opportunities – has increased exponentially. That’s why staying on the cutting edge of cybersecurity has become imperative.
We’ve talked to you before about this topic, of course, because it’s always been our core focus. But attacks have only continued to increase within the last two years, becoming more devastating each time.
According to the FireEye 2022 Threat Predictions:
“Ransomware, nation states, social media and the shifting reliance on a remote workforce made headlines in 2021. Bad actors will learn from this year’s successful tactics, retool, and pivot them into next year’s campaigns wielding the potential to wreak more havoc…”
There’s never been a time when staying ahead of the next digital threat has been more critical (or when innovation has been more helpful!). That’s why today, we’re taking a closer look at just what you can expect for cybersecurity in 2022.
Ransomware Payment Legislation
Cybercriminals leveled up in 2020. In the last year, ransomware attacks rose by 158% in North America. Victims paid nearly $350 million in ransom, with the average payment being $312,000. When loss of productivity and the cost of recovering from the attack are added in, the ransom itself comprised only 20% of the cost to the impacted businesses.
Of course, cybersecurity companies and managed services providers (MSPs) are consistently strengthening their resources. But these attacks are so potentially devastating, even Congress is working to find a solution. That’s why the Ransom Disclosure Act was introduced.
The Random Disclosure Act would require businesses to report all digital ransom payments to the U.S. Department of Homeland Security within 48 hours of the transaction. From this, the DHS will potentially have enough information to find the source of these online attacks and pursue the perpetrators.
Navigating cybersecurity best practices can be complex – and that’s where an MSP can help. By working with a team of cybersecurity experts, your business will have a stronger, more robust set of protections not just to spot ransomware attacks, but in many cases, prevent them from happening in the first place.
*As an additional note: we do not recommend paying ransomware demands without consulting an IT expert first. Learn more about our pre-and post-attack ransomware advice here.
Cyber Privacy Legislation
Taking cybersecurity protocols one step further, countries are also working to protect their citizens’ vulnerable information. It’s predicted that by 2023, 75% of the world’s population will be covered by modern privacy laws.
Individual U.S. states are also taking legislative action to improve cyber privacy. The California Consumer Privacy Act (CCPA), signed in 2018, was a major step forward in cyber privacy protections. Because of their size and influence – and because there’s no federal equivalent for their law – it provided a framework for other states to copy.
What does the CCPA do?
- Social security and driver’s license numbers will have additional privacy limitations.
- Consumers must have an opt-out right for sharing personal information
- Consumers must be allowed to correct their own information
- Loopholes that allow consumer data to be used for targeted advertisements without consent will be closed
Until the federal government catches up, watch for California to continue to set the pace for cyber privacy laws in the United States and for other states to follow suit.
Hyperautomation is Here
It’s not all gloom and doom on the horizon. There are plenty of opportunities in this rapidly shifting landscape, too – including the emergence of hyperautomation.
Automation is nothing new, but the pace at which automation is currently accelerating is. By 2025, more than 20% of all products will be manufactured, shipped, and delivered without being touched by human employees. But properly leveraging these force multipliers helps reduce both cost and risk.
What makes hyperautomation different? Traditional automation looks at individual business processes and seeks to automate them; hyperautomation, according to IBM, is “adopting automation technologies as a synergy of powers or capacities instead of adopting only one.
This essentially means that hyperautomation includes several different types of automation at once, such as artificial intelligence, machine learning, and robotic process automation.
So, how does this benefit cybersecurity? Instead of having a patchwork of different security measures working independently, hyperautomation brings them together to work in tandem. When used efficiently, it can use this team of security applications to spot potential threats before they put your data in danger. It can also cut down time spent monitoring several different tools to check on your data’s safety.
Generative AI is a type of specialized programming that allows machines to process millions of data sets to find potential threats. Similar to the cybersecurity abilities of hyperautomation, Generative AI can multi-task by not only scanning for irregularities and potential digital attacks in several places at once, but it’s able to learn from past experiences and become more advanced at spotting new cybercriminals.
There are risks, of course. Bad actors are using this technology for fraud and disinformation, from “deep fake” videos to utilizing self-learning technology to hone their cyberattacks. Despite the risks, Generative AI is expected to account for 10% of all data produced by 2025.
Increasing Cloud Security
The traditional workplace model has shifted, perhaps permanently. Upwork surveyed 1,500 hiring managers and found that 62% of companies were planning on offering more remote work opportunities now and in years to come. And more remote workers mean increased security risks for the data you store on cloud platforms.
To continue managing these risks, we recommend that you:
- Ensure your data has existing cybersecurity protections before migrating it (and that you have external backups!)
- Use cloud security posture management tools (CSPM) to spot potential vulnerabilities.
- Use the zero-trust model to ensure users only have access to what they need.
- Centralize your cloud platforms to manage security controls more easily.
- Use multi-factor authentication controls on user accounts.
- Create a disaster protocol in the case of a digital emergency.
Ascend Can Help
The experts at Ascend Technologies are ready to help you navigate these cybersecurity obstacles and new technologies in 2022 and beyond. If you’re looking to level up your online safety and expand your company’s IT capabilities, contact us today.