Site Logo

DigiCert 2022 security predictions

As our year winds to a close, many of the uncertainties that shaped 2021 remain. The cybersecurity challenges that accompanied the pandemic have persisted, as hybrid remote workspaces have become a way of life. And through it all, the threat landscape continues to evolve, as innovations in cloud computing and other arenas open new threats — some in unexpected areas. 

To take stock of where we’re at and what lies on the horizon, DigiCert’s team of cybersecurity experts, including Jeremy Rowley, Avesta Hojjati, Mike Nelson, Jason Sabin, Dean Coclin, Stephen Davidson, Tim Hollebeek and Brian Trzupek, take a closer look at what they expect to see next year:

Prediction: Supply chain, ransomware and cyberterrorism attacks will continue to escalate 

  • Supply chain complexity and vulnerabilities grow. The good news is best practices like code signing can help companies bake security into each stage of the development process. Awareness of the dangers of key sharing and inspecting code along each step of the development cycle, as well as preventing tampering after signing, will go a long way to secure code.  Setting up a software bill of materials (SWBOM) can also provide visibility into code sourcing, tracking all the components that make up a software app.
  • Cyberterrorism will embolden bad actors. New opportunities are emerging all the time, limited only by attackers’ imaginations, and high-profile technology environments such as private space launches and elections could prove inviting targets. Public and private organisations that are vulnerable to spectacular cyberattacks will need to redouble their focus on a zero-trust approach to security.
  • Ransomware will continue to expand its reach. Like cyberterrorist events, ransomware attacks often attract heavy press coverage, which can further encourage bad actors to seek publicity. We predict that ransomware attacks will continue to escalate, especially as the use of cryptocurrency expands — and makes ransom payments harder to trace outside the banking system. 

Prediction: Trust and identity step up in business processes 

  • Stakes are growing for digital signatures. We predict that more workflows will be associated with digital signatures, in industries like financial services, real estate, healthcare and education. Digital signatures are also helpful for organisations with hybrid work, to onboard or support remote employees.
  • Identity and trust power the IoT and more. Devices like healthcare monitors, industrial control devices, home security systems and vehicle sensors all depend on the integrity of their real-time data to support processes and decisions. As the adoption of 5G technology accelerates, we’ll see an increasing convergence in IoT and 5G applications, which could invite more attacks. PKI remains a robust, proven method to assure trust in IoT environments.   

Prediction: The post-COVID threats will persist and evolve

Last year’s predictions included a variety of security threats that were directly tied to the COVID-19 pandemic. As the pandemic slowly recedes, we predict that those threats will continue to remain. We are seeing increasing use of contactless technologies in airports, retail environments, restaurants, and other public spaces — all of which are vulnerable to cyberattacks. Digital ID schemes such as drivers’ licenses and healthcare records are becoming more widely used — and remain possible points that can be hacked.

Prediction: Post-quantum computing will challenge the security status quo 

A DigiCert survey found that 71 per cent of IT decision-makers believe quantum computers will be able to break existing cryptographic algorithms by 2025. That means security organisations will need to rethink security for a post-quantum world. Post-quantum cryptography (PQC) can strengthen cryptography, decreasing the possibility of security breaches. But many companies lack a clear understanding of the crypto they deploy, so they will want to take proactive steps to locate all the exposed servers and devices and rapidly update them when a fresh vulnerability comes to light. 

Prediction: Automation will power cybersecurity improvements

2022 will bring an emphasis on technologies that allow organisations to do more with less, and automation will play a significant role in terms of security innovation in the New Year. A recent DigiCert survey showed that 91 per cent of enterprises are at least discussing automating the management of PKI certificates. AI and ML technologies will continue to play an essential role in powering this automation. 

Prediction: Cloud sovereignty will create new security demands

We predict that cybersecurity challenges will become even more demanding as cloud services become more granular. Organisations are deploying cloud solutions that are increasingly subject to local jurisdiction and regulations. Cloud sovereignty controls are focused on protecting sensitive, private data, and ensuring that data stays under owners’ control. 

Prediction: VMC trust and identity will change the face of email marketing

According to a study by Wpromote, 31 per cent of B2B marketers were making brand awareness their top priority for 2020. We predict that organisations will increasingly adopt Verified Mark Certificates (VMCs) to build their brand equity and strengthen trust. 

As part of a cooperative initiative with the Brand Indicator Message Identification (BIMI) initiative, VMCs certify the authenticity to display a logo to email recipients right in their inboxes before a message is opened. They are enforced by Domain-Based Message Authentication Reporting (DMARC) security.

Prediction: Organisations prioritising strategy/culture of security

We anticipate organisations working harder to strengthen a culture of cybersecurity, led from the top. We’re hearing more about employee education using phishing tests, mandatory online training and cyber simulation exercises taking place at the board level, to help C-level participants test their communication strategies and decision-making in the event of a major cybersecurity crisis. It’s clear that cyber attackers will continue to innovate and create more complex insidious threats. Mitigating tomorrow’s threats will require a commitment from leadership and good communication across every organisation.

More News
1 month ago
How to prepare for the new changes to employment laws
Employment laws are due an overhaul in April, with changes to flexible working, request amends, and protection for new parents and carer's leave, among other changes. Vivek Dodd, CEO of Skillcast, warns that failure to comply could result in serious consequences.
1 month ago
British Safety Council Keep Thriving workshop to take place in Cardiff
As part of its charitable work, British Safety Council is offering SMEs and micro-sized organisations in Cardiff the chance to attend a 3-hour workshop, delivered by its Being Well Together experts, completely free of charge to explore how to develop a well-being strategy.
1 month ago
Mitel appoints new SVP and Head of International Region
Mitel, experts in business communications, has announced the appointment of Simon Skellon as SVP and Head of International Region.
1 month ago
VIPRE Security Group appoints new General Manager of Business Security Division
VIPRE Security Group, a cybersecurity solutions provider, has appointed Usman Choudhary as General Manager of its Business Security Division, encompassing VIPRE EDR and Advanced Threat Protection for Email, SafeSend for Email, and Inspired eLearning security awareness training.
1 month ago
Ascentae unveils smart workplace experience centre
Ascentae, a UK-based workplace solution and value-added distributor, has announced the opening of a new Experience Centre in the heart of Clerkenwell, London.
1 month ago
IT at forefront of sustainability efforts, but lacks proper tools and expertise
A report commissioned by OpenText has found that IT departments are playing a major role in achieving corporate sustainability objectives and cited the lack of innovative tools and expertise as the primary challenges they face in meeting those goals.
1 month ago
Harrison provides bespoke manufacturing services to B&Q stores
B&Q set out to find a partner that could provide a range of display components, including a new-look dump bin. While the products had already been designed by B&Q, Harrison was invited to tender for the project at a later date.
1 month ago
Leyard Europe LED supports new educational exhibition
A 4K CarbonLight VX LED screen from Leyard Europe forms the heart of a new inspirational and educational exhibition at the headquarters of the European Molecular Biology Lab (EMBL), Europe’s flagship laboratory for research into life sciences.
1 month ago
Crawley Town Centre BID invests in AI visitor behaviour platform
Crawley BID has invested in Place Informatics Visitor Behaviour Platform to help understand, manage, and improve town centre services and events.
1 month ago
Viking re-establishes presence in Ireland
Office supplies reseller Viking is re-establishing its presence in Ireland with the opening of a distribution centre in Dublin, the development of a local sales team, and the creation of a local customer service centre.

Login / Sign up