Virtualization Technology News and Information
Pondurance 2022 Predictions: Top Cybersecurity Predictions for 2022

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Top Cybersecurity Predictions for 2022

By Lyndon Brown, Chief Strategy Officer at Pondurance

What's next for the cyber industry? Predictions are predictably unreliable, but one thing is certain: cyberattacks will continue to challenge organizations in 2022 and potentially disrupt our everyday lives. Indeed, the United Nations has reported that cybercrime is up 600% due to the COVID-19 pandemic-and now nearly every business is being forced to adapt and evolve. Here are some top emerging trends we are seeing that could shape the cyber industry in the coming year.

Going back to the risk management drawing board

Any successful cybersecurity program is predicated on a thorough risk management approach. The strategic element as of late seems to have been relegated to a fragmented set of tactics and solutions, as companies find themselves in a more reactive than proactive mode when protecting assets. In order to efficiently allocate their security budgets, consolidate existing technologies and harmonize control procedures across a vastly extended network, we will see more companies revisit their risk management program. For instance, legacy mitigation has largely relied on a third-party, risk transfer approach, which means organizations will have to more directly consider downstream impacts that may have intolerable business impacts on their operation. We're already seeing an increase in the rigor toward vendor management programs to confirm the level of due care, and increase the level of accountability.

The hybrid workplace will be the next frontier for cyber

Organizations will have to learn to mitigate the risk of cyberattacks while juggling the constantly changing demands of both on-site and remote workers. In the wake of the COVID crisis, some companies went from zero to full digital transformation overnight. Other companies are still on that path.

Regardless, now that some employees are returning to the office and others remain at home, companies will need to ensure that workers remain productive and secure in this new hybrid environment. Hybrid work will require a complete overhaul of how we think about security, including the ability to provide employees with easy and secure remote access to business-critical applications no matter where they are.

Governments will put the squeeze on cyber syndicates

Governments around the world will really clamp down on cybercrime. Cybercrime is a global problem, and world leaders want to establish norms when dealing with this type of crime. Expect to see more cybercrime legislation around the globe to put the squeeze on cybercrime syndicates and make it harder for them to evade police action.

This could include new laws that make it easier for police to gain search warrants, as well as more anti-corruption legislation to disrupt the use of cryptocurrency in cybercrime. Though cybercrime syndicates are still emerging, we predict at least one major cyber ring will be shut down this coming year.

In no small part, the current administration is likely to use the power of embargoes and other economic tools to better drive cross border law enforcement.

The Cybersecurity Maturity Model Certification will extend beyond the DOD

The Department of Defense (DOD) recently set up a process to ensure that all defense contractors meet certain requirements for handling controlled unclassified information. That process is known as the Cybersecurity Maturity Model Certification (CMMC). It is designed to ensure that defense contractors meet a basic level of cybersecurity hygiene for protecting sensitive information.

It's fair to predict that not only will DOD suppliers need to meet the cyber hygiene requirements, but that the same kind of compliance will soon be required across all government agencies and their suppliers. Why? Because a government agency breach could have a major impact on the lives of average citizens. The Department of Homeland Security, for example, is already exploring options for creating a cybersecurity standard for contractors.

Cloud customers will need MDR for greater protection

The cloud can be just as insecure as any on-premises data center, especially given misconfigurations and the typical cyber hygiene problems that plague most companies. When moving to the cloud, organizations need to appreciate the fact that they have a shared responsibility to protect their corporate data along with their cloud service providers.

As a result, there will be a greater need for managed detection and response (MDR) to better integrate with the cloud. Next-gen MDR offers an effective solution for cloud computing security by providing broad threat defense, such as filling detection gaps and automating responses to evolving threats.

MDR can be an extension of your security team or act as your security team. The security operations center that you gain from an MDR is on 24/7 and can act on alerts to ensure that your environments, both cloud and on-premises, are protected from bad actors.

Humans will matter more than ever

When it comes to cybersecurity, you can't rely strictly on automation. But a lot of companies do. They believe that humans can be removed from the cyber equation and replaced with AI and automation technology. While there's no doubt that automation is getting better, it is unlikely to reach a level of maturity to truly remove humans in anyone's lifetime that is reading this.

Of course, automation is necessary for managing certain processes and correlating disparate events. But to find and mitigate nefarious attacks, human involvement is just as critical as the latest and greatest security tools. Cybercriminals are humans and you need human defenders to combat human attackers.

Companies should never forget about the importance of the human element in detecting and deterring threat actors. In the coming year, human intervention can be the difference between swift containment and grave consequences.

Natural disasters will bring increased cyber risks

Natural disasters like hurricanes, wildfires, earthquakes and floods are increasing in size and frequency. And when natural disasters strike, communities and organizations are the most vulnerable. Cybercriminals understand this-and they will make it a priority to take advantage of environmental events to create more havoc by targeting physical infrastructure like electric grids, fuel pipelines and water systems with ransomware attacks.

Businesses, state and local governments must respond to this growing threat by better preparing their defenses and regularly running disaster drills and simulations to counter these threats. The more they practice, the better their response will be.

At Pondurance, we joined forces with the Indiana National Guard who conducted a drill at Muscatatuck Urban Training Center in Indiana, to test preparedness and bolster defenses. This drill involved a simulated earthquake followed by a cyberattack, with bad actors swooping in amid the chaos and attacking the water system to try to shut it down as the National Guard deployed its defense tools to protect networks, people and property. We also participated in a workshop for water and wastewater utilities in a red team / blue team cyber simulation event in another effort to bolster defenses by sharing knowledge.

Cyber insurance will be harder to get

Cyber liability insurance is a type of insurance designed to cover losses and penalties associated with a data breach or other cyberattack. But this kind of insurance will become harder to get. Why? Because for the first time, ransomware has hit a level where the payouts by insurance companies are now exceeding the premiums being paid. That means large insurance providers could limit the amount of business they book and be very selective when it comes to underwriting new cyber policies.

Some cyber insurance providers are even excluding ransomware coverage when they renew customers. Businesses will have to up their investments in cyber tools, processes and staffing to prove to insurance providers they are a worthwhile risk.

Nation-state attackers will expand their disinformation campaigns

Nation-state attackers will target the U.S. economy and financial institutions with disinformation, much like they have targeted our political institutions. These nation states could spread misinformation about the viability of our banking system, thus stoking panic among consumers and causing a run on our banks. These campaigns will be small in nature, but they could add up to make people lose confidence in our financial systems.

High schools and trade schools will start to train the cyber workforce

The search for cyber talent will continue to be front and center. The cybersecurity industry is currently short about 3 million qualified workers, according to the latest (ISC)2 Cybersecurity Workforce Study, and this shortfall is tipping the balance in favor of the bad guys. To help level the playing field, we will start to see more educational programs geared toward cyber, including the rise of trade schools with specialized degrees, as well as more high school programs that are focused on cyber skills.

Companies will realize that they can hire talent directly from high schools and trade schools, and that cyber workers of the future don't necessarily need a four- year college degree to enter the field.

This should help with the shortage of skilled workers needed but will take some time!


Cybercrime is not going away. If anything, the problem is getting worse, threatening to cripple organizations large and small. At the same time, security technology is evolving at a dizzying pace, such that newly acquired solutions are becoming legacy technology shortly after they're implemented. With both cyberthreats and cyber technology moving so fast, organizations should increasingly seek out the right partners to help manage and mitigate their risks - better protecting their business.



Lyndon Brown, Chief Strategy Officer at Pondurance

Lyndon Brown 

Lyndon Brown is an experienced technology executive focused on building high-growth enterprise SAAS companies. At Pondurance, he is responsible for product, marketing, corporate development, and driving cross-functional performance. He joined Pondurance from FireEye Mandiant, where he served as Vice President of Business Development, focused on strategic growth initiatives.  

Lyndon has held senior leadership roles in multiple fast-growing cyber security companies - Endgame (acquired by Elastic) and Verodin (acquired by FireEye). Lyndon currently serves on the Board of the University of Maryland's Department of Electrical and Computer Engineering (ECE) and multiple startup advisory boards. He makes direct angel investments and acts as a trusted advisor to venture and private equity teams.  

Published Thursday, January 20, 2022 7:35 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>