Cybersecurity is probably one of the areas of IT that will increase in significance in Spain in 2022. The social and health crisis due to the COVID-19 pandemic that we’re witnessing has obliged us to abandon analogue. This has led to an increase in video calls, online shopping, business digitisation and so on. However, increasing digitisation has also been reflected in an increase in cybercrime.
Moreover, the report titled Cyberthreats and Trends 2021 drawn up by the Spanish National Cryptological Centre points out that 61% of cyberattacks over the past year have been “high risk”.
The above is leading to an increase in the development of cybersecurity within companies in order to prevent them from falling victim to cybercrimes that seriously affect their operations and the privacy of their data.
The trends that will shape cybersecurity in 2022 are listed below.
Ransomware attacks are among the most common cybercrimes and they’ve increased during the pandemic. So much so that some technology blogs indicate that the ransomware phenomenon is a pandemic in its own right. According to Fernando Maldonado, an analyst at IDG Research, this increase in ransomware attacks “will continue in 2022 and engage different teams within companies, leading to organisational changes”.
In this respect, the actions taken to prevent and respond to ransomware attacks will be one of the most important factors in 2022. Measures such as the regular creation of back-ups, the development of contingency plans among employees to enable them to know how to respond to a cyberattack or keep the systems, programs and applications constantly updated will be a trend this year in terms of cybersecurity.
61% of the cyberattacks that occurred in 2021 were “high risk”.
Preparation of the work teams in matter of cybersecurity
Thus, one of the most important cybersecurity gaps a company may have is a workforce with little or no digital education. This can leave the organisation vulnerable to cybercrime such as phishing, which uses social engineering to trick people into handing over confidential information such as passwords, bank account details, card numbers, etc. The likelihood of companies encountering phishing attempts increased by 40% between June and October last year.
Due to the above, cybersecurity training for employees is important in preventing them from falling prey to scams and other kinds of cyberattacks that jeopardise the company’s security. Measures to promote digital education will be decisive in 2022, as well as one of the most important issues to be covered in terms of domestic cybersecurity.
SOCs or Security Operation Centres are services that companies are increasingly turning to. Their role is to monitor, control and prevent in order to ensure that your organisation doesn’t fall victim to cybercrimes or cybersecurity breaches. The cybersecurity teams at the SOCs allow organisations and companies to work without the classical fear of falling victim to cybercrime, as they are given the peace of mind of having a team monitoring their platforms 24/7.
A system with a focus on the most delicate and vulnerable aspects of an organisation is highly effective. This is why cybersecurity meshes are highly useful when it comes to preventing or responding to a cyberattack. In this regard, Gartner, the cybersecurity consultancy firm, explains that, by 2024, companies and organisations that have these meshes in place “will reduce the financial impact of security incidents by an average of 90%”. This means that the use of security meshes will be one of the most important trends in 2022.
The Zero Trust model
Zero Trust is one of the most secure aspects of cybersecurity that an organisation can adopt, as it’s based on the idea that no devices or users can be trusted, whether they form part of the organisation or otherwise. This means that all the devices are responsible for their own security and, therefore, they will be scanned, validated and authenticated after every step within the organisation’s network.
Which of these measures do you use to avoid becoming a victim of cybercrime within your company?