Cybercrime-as-a-Service, growing awareness and securing the entire supply chain are among the most important cybersecurity trends in 2022. In addition, the increasing professionalization of cybercriminals in the area of ransomware requires companies to prepare accordingly.
"Kaseya, SolarWinds, the Colonial Pipeline: The attacks in 2021 have once again shown how important it is to establish cybersecurity as part of the corporate culture and to implement it across the entire supply chain," explains Sudhir Ethiraj, Global Head of Cybersecurity Office ( CSO) at TÜV SÜD. “In addition, ransomware is now accessible to everyone as cybercrime-as-a-service, including technical support. Cyber criminals used 2021 to reposition themselves, professionalize and expand their field of activity. It is therefore now important for SMEs, industry and authorities to react. ”According to the developments, the security experts from TÜV SÜD see the following trends for the year 2022.
Cybercrime as a Service (CaaS)
Malicious software (ransomware) is now being marketed by cyber criminals in a similar way to regular software and has thus created a business model. Malware can be purchased for license fees, including technical support. This market will continue to grow. Companies must react proactively to this and invest more in training and awareness of their employees as well as in securing the technical infrastructure.
Cybersecurity Awareness: Consumers are sensitized
Attacks on large companies and infrastructure have shown that the cybersecurity measures taken by industry, such as IIoT, are well behind the attackers' methods. It is in the interests of the industry itself to sharpen its own awareness of risks and threats and to jointly develop requirements that help to become more resilient towards attackers. End consumers are also increasingly paying attention to cybersecurity when purchasing connected products, for example in the case of IoT devices such as smartwatches or other wearables.
Supply chain: Uniform security standards
Past incidents show that the supply chain in software development in particular needs even more awareness of cyber threats. In addition, there must be common standards for secure software, such as those required by the Charter of Trust, a global cybersecurity alliance of which TÜV SÜD is an active member. Manufacturers should support their partners and suppliers in complying with new regulations in order to motivate them.
Global harmonization: Working together for more cybersecurity
“Standards are the backbone of cybersecurity.” This motto has to be lived internationally and requires cross-border cooperation. Industry and legislators have to react: We have to work together on harmonized minimum requirements that ensure across industries and technologies that products and services are cyber-secure “ex works”. Uniform and generally applicable standards for cybersecurity make it possible to strengthen the level of security.
Digital Trust: Protection for AI, automation and algorithms
AI and automation help companies, for example, to optimize processes and analyze their own data traffic in order to detect attacks, data leaks and theft at an early stage. However, these technologies are only as reliable as the algorithms behind them are secured. Correspondingly, companies and organizations need to be careful about how they protect these technologies. Because cyber criminals are also increasingly using AI for their own purposes. Fundamental AI cybersecurity standards can help protect infrastructure and data integrity.
More at TuvSud.com
About TÜV SÜD
Founded in 1866 as a steam boiler inspection association, TÜV SÜD is now a company that operates around the world. More than 25.000 employees at over 1.000 locations in around 50 countries ensure the optimization of technology, systems and know-how. They make a significant contribution to making technical innovations such as Industry 4.0, autonomous driving or renewable energies safe and reliable.