Cybersecurity experts cite even more ransomware, weaponized vulnerabilities, and new hybrid work and 5G threats among their cybersecurity predictions for 2022.

The experts peered into their crystal ball and saw even more cybercriminals gearing up to pounce in the new year.

NCA’s Lisa Plaggemier

Lisa Plaggemier is interim executive director of the National Cybersecurity Alliance (NCA).

“Ransomware was definitely one of the biggest headline grabbers in cybersecurity this year,” she said. “And given how potentially lucrative it is, there’s no reason to suspect that it will be going anywhere anytime soon. One of the most concerning trends in terms of ransomware for 2022 is how ransomware impacts what may be considered to be soft targets, such as schools and health care organizations.”

Institutions in both of these areas hold troves of valuable data, Plaggemier said. Therefore it’s imperative that both of these spaces focus squarely on cybersecurity as the calendar flips to 2022.

With the ongoing newscycle and fear-mongering surrounding the newest cybersecurity threats, it can be easy to be bogged down and pessimistic about what the future holds for the cybersecurity industry, she said.

“However, there are huge reasons for us to be optimistic about 2022,” Plaggemier said. “There is no way around the fact that 2021 laid bare a lot of issues and holes that currently exist in global cybersecurity. However, with investments from both the public and private sector continuing to pour into both human and tools focused on cybersecurity, and growing public consciousness about the steps they can take to take control of their own cybersecurity, the future is arguably brighter than it has ever been.”

Human Error Remains Major Contributor to Breaches

For all the talk about ransomware and other emerging threats, the fact remains 95% of breaches have human error as a major contributing cause, Plaggemier said.

Therefore, organizations should invest in new training and awareness tactics that focus on engagement. That’s more effective than pressuring employees to get up to speed about best practices.

Training and awareness have proven to help boost confidence and know-how when it comes to cyber threats, Plaggemier said.

“For example, 82% of trained individuals reported a phish within an hour of receiving it,” she said. “This type of active engagement among workforces can immediately boost a company’s cybersecurity. Training and awareness that can drive positive action among employees should be a priority in 2022 for businesses.”

Scroll through our slideshow above for the experts’ 2022 cybersecurity predictions.