Cybersecurity
Cybersecurity trends in 2022 show a rise in ransomware and phishing attacks affecting businesses.
Blog Post
6 minutes
Dec 28, 2022
Trends in cybersecurity in 2022 show that home and business networks continue to expand, and cybercriminals developed new ways to try to breach into those networks.
Domestically and abroad organizations are working to assemble cybersecurity teams and to implement more technology in order to stay secure. But will their cybersecurity standing be proactive enough?
If you’d like to learn about other business trends coming next year, watch our expert-led 2023 Business Trends webinar now!
Let’s go into each of the 2022 cybersecurity trends in depth.
Phishing emails—in which a sender pretends to be a trusted figure or company in order to get the user to click a link or download a file—have unfortunately become a common occurrence in our inboxes. In fact, at 37% phishing was the most common type of cyberattack experienced by organizations in 2022.
In another study, 255 million phishing attacks appeared in emails and other channels analyzed for suspicious attachments and links. This is a 61% increase in phishing attempts compared to 2021.
While the cybersecurity community works to use technology to deter malicious actors from hacking into networks, the bad actors themselves develop new strategies to achieve breaches.
In a developing trend, hackers are using artificial intelligence to deploy automated phishing attacks that mimic human verbal patterns to fool unsuspecting users. With this technology, the number of attempted attacks could increase exponentially.
Phishing works, the statistics show. Therefore, it’s important to implement cybersecurity training in your organization to raise awareness of the ways to identify it and prevent it.
Related Blog: Spear Phishing: Why You Should Be Protecting Your Email
Currently, ransomware attacks appear in the news cycle regularly. One of the most recent attacks, a reported ransomware attack on newspaper The Guardian, affected the media organization’s IT network and systems.
Malicious hackers also successfully deployed a ransomware attack on Knox College in Illinois. They went as far as contacting the students to let them know they had exfiltrated their data. Usually hackers deal with organizational leadership, but in this case, they messaged the affected students directly.
A typical ransomware attack involves encrypting the victim organization’s or user’s data in order to demand a ransom for a decryption key. Bad actors make use of large networks to share knowledge, tools, and to sell the exfiltrated data. A number of ransomware gangs also have members work together to coordinate attacks on larger enterprises and even governments.
2022 cybersecurity trends show that ransomware is here to stay. A study surveying security leaders found that 79% of reporting organizations encountered ransomware attacks. Of those, 35% lost access to their own data and systems.
To combat this trend, organizations and individuals should implement thorough cybersecurity training initiatives. For small and midsized businesses, we recommend they create a cybersecurity program backed by specialists.
The Internet of things (IoT)—an interconnected network of computing and digital devices—has created many benefits for businesses and individual users alike. However, since we are using more devices than ever before, this also means malicious actors have a larger attack surface.
In 2022, the number of IoT connected devices reached 11.57 billion. This number is expected to increase more than double by 2030, reaching more than 25 billion devices.
While businesses take advantage of IoT to increase customer engagement, automate worker tasks, increase efficiency, and reduce costs, they are also under pressure to protect so many connected devices.
This cybersecurity trend in 2022 is a consequence of the pandemic beginning in 2020. Since many workers migrated to work-from-home environments—the number tripled from 2019 to 2021—organizations are struggling to implement security standards to protect their networks.
32% of cybersecurity professionals report having more difficulty protecting attack surfaces, compared to 28% in 2021.
In addition, 60% of knowledge workers are remote, and a sizeable portion of them will continue to work remotely. Therefore, cybersecurity experts urge organizations to act now to prevent breaches instead of retroactively fix damages once a breach has happened.
Remote work may be here to stay, but this does not mean your devices need to stay unprotected. Especially useful for organizations are endpoint protection and network security monitoring services to keep your organization’s systems and data safe.
Related Blog: Why You Need Layered Security
Bad actors’ main goal when directing cyberattacks is financial gain. It is no surprise, then, that the industry most affected by data breaches is finance, according to the 2022 Data Breach Investigations Report. The professional services and healthcare industries follow close behind, with public administration, IT, education, and manufacturing also making the top list.
Educational organizations were particularly affected by the pandemic. Due to online learning and remote work, the attack surface for these institutions has also increased. While many educational facilities have started to prioritize cybersecurity initiatives, this industry has come last in studies rating their cybersecurity standing.
Attacks on the healthcare sector have also seen an uptake in 2022. Since patients’ health information can be sold online, data breaches have been a continuing cybersecurity trend in 2022 for healthcare facilities.
If breached, organizations that handle patient’s protected health information (PHI) may have to pay fines, handle legal repercussions, and lose their clients’ trust. On average, the cost of a data breach in the healthcare sector was $7.13 million.
Related Blog: What Is HIPAA Compliance and Why Is It Important?
Organizations may try their best to prevent data breaches and implement the latest cybersecurity solutions. However, the skill gap cybersecurity teams deal with continues to grow.
The number of cybersecurity workers reached an all-time high in 2022. Despite this, the talent gap continues to go unfilled, and the percentage of needed professionals grows every year.
In the US alone, more than 700 thousand cybersecurity positions still need to be filled. This is in partly due to recruiters requiring a high number of credentials to fill the positions.
Another factor affecting the skill gap is speed at which cyber threats evolve. Since cybercriminals are continuously developing new tools and techniques to attempt data breaches, it also means that the cybersecurity learning curve is always changing.
Companies who wish to protect their networks can benefit from a partnership with a cybersecurity provider, since the provider can provide the technology and expertise needed to safeguard their clients’ environments.
These cybersecurity trends of 2022 show that a proactive approach to safeguarding business networks is the best response to growing threats.
Ransomware, phishing, a larger attack surface, and the shortage of skilled cybersecurity workers are affecting not only individuals, but also many businesses and even government organizations.
Staying up to date on developing cybersecurity trends as well as speaking with your IT team leaders or a cybersecurity consultant should be a priority for all organizations. Cybersecurity has become a mainstay in business, and the trends of 2022 show that it will be so in the future too.
Learn about the upcoming business trends of 2023 so that you know what to expect in the upcoming year for your organization. Watch our 2023 Business Trends Webinar led by industry experts.
Sign up for The Edge newsletter to receive our latest insights, articles, and videos delivered straight to your inbox.