4 Predictions About Cyberthreats and Data Governance in 2022

Industry experts believe that businesses that deliver essential services—such as data centers and cloud providers—will continue to be targeted by cyberthreats. Here, they provide perspectives on data governance and security in data center and cloud environments.

1. In future of cloud computing, security will be front and center as cyberthreats grow: As cyberthreats grow, organizations are increasingly adopting a hybrid, multi-cloud approach to mitigate vendor concentration risk. With data protection top-of-mind, enterprises will also prioritize security designed with one single point of control so they can gain access to a holistic view of threats and mitigate complexity in the year ahead. While enterprises plan for 2022, they must also remember to prepare for the even longer-term future. As quantum computing grows stronger and poses potential risks, such as the ability to quickly break encryption algorithms and access sensitive data, enterprises must look beyond near-term threats to 10, 15, and 20 years in the future. —IBM
2. Insider threats pose a new challenge for organizations as the job market continues to shift: As the Great Resignation took shape, we saw growing challenges associated with insider threats. The sheer number of employees leaving their jobs and potentially still having access to the network or proprietary data has created a headache for IT and security teams tasked with protecting the organization. Insider threats have become a new, distinct challenge for organizations as they try to balance employee turnover, employee onboarding and the use of non-sanctioned apps and platforms. In 2022, I expect we’ll see the number of insider threat incidents increase. Attackers will also start targeting employees to carry out their attacks or plant ransomware. As a result, we’ll see new protocols and guidelines established as organizations work to keep networks and sensitive data protected. —Rick McElroy, Principal Cybersecurity Strategist, VMware 
3. A changed security mindset—assume you are under attack:The fast-tracking of digitization led to a sprawl of unmanageable systems, including servers, data centers, VPNs, and so on. In the end, a best practice—particularly for larger organizations—is to operate under the assumption that you've already been compromised. Businesses need to redesign their strategies around the fact they “are” under attack rather than “if” they get attacked. The threat is far more immediate nowadays. —Ambuj Kumar, CEO and Co-Founder of Fortanix
4. Rise of DDoS/ransomware-as-a-service offerings accelerates the “enterprisification” of cybercrime: Cybercrime has become a lucrative and mature market. As a result, we will see stronger strains of existing well-known malware and refined attack strategies emerge, while targets become ever more ambitious. Public infrastructure and large, private businesses that provide vital services–like cloud providers or data centers—will likely remain at the top of the target list, since the risk of the potential knock-on effects from an attack (service disruptions that impact customers) adds extra incentive for them to pay up. Organizations must implement an “always on” approach to network security to ensure fast and automated responses to attacks, and they need to partner with security providers that continually evolve their defense capabilities. These new best practices prove far more cost-effective in the long run and will provide peace of mind for organisations. —Carlos Morales, SVP Solutions, Neustar Security Services