2021 will, like 2020, be remembered as a pandemic year. But 2021 saw a phenomenon that was less present in 2020. Digitalization. What started in 2020 exploded in 2021 with the standardization of systems and processes designed to keep people apart. When people are physically separated, they will find ways of communicating, working and playing together from a distance. That is exactly what happened in 2021 and digitalization was a major part of that transition. With expanded digitalization, however, came a torrent of new cyberattacks, in various forms, which affected businesses, governments and individuals. The more we find ourselves online, the more the cybercriminals will find us there, too. At Allot, we have been following a number of developments that might not give 2022 the most optimistic glow as far as cybercrime is concerned. But we can also see the light at the end of the long tunnel. These are the trends and predictions that we expect to shape 2022.
#1: Work from home numbers will stay stable in 2022
Remote work has serious implications for cybersecurity as it dramatically increases the potential attack surface of an organization. Employees connect to and interact with network resources over remote internet connections and often use their own personal devices, which are likely infected with all types of malware. 18% of the SMB workforce currently works remotely or hybrid. According to a recent survey, SMB managers predict this level will drop only slightly in the next three years to 15%. With the status quo maintained, not only will the level of cyberattacks aimed at remote workers remain stable, but it will also likely increase as cybercriminals learn to consider this category as a stable and more vulnerable target. This has serious repercussions for larger corporations whose remote workforce will bring infections into the network from outside. But the real victims will be the small businesses who are less likely to survive the downtime and other consequences of cybercrime.
#2: Cyberattacks on consumers will continue to trend upwards
The reality of life under COVID-19 goes much further than the pandemic itself. Fears of human contact have driven digitalization efforts forward at unprecedented speed. Daily tasks such as paying bills and making appointments have gone digital for many businesses and administrations, making the points of contact with our digital data assets more accessible to cybercriminals. Poorly configured accounts, weak passwords, phishing attacks and other vulnerabilities have made it that much easier for the bad guys to get to your personal information and trick you into opening doors for them. As the pandemic lingers this trend will continue to accelerate with no likelihood of it letting up post-COVID-19 as digitalization continues its forward push. Attacks against corporations, institutions and individuals with continue to increase in scale and sophistication. They will also increase in intensity in mobile devices. This will be even more apparent as 5G services and applications start to proliferate.
On a positive note, a poll by The Pearson Institute and The Associated Press-NORC Center for Public Affairs Research shows that about two-thirds say they are very or extremely concerned about “hacking that involves their personal information, financial institutions, government agencies or certain utilities.”
Clearly the awareness comes from the media coverage of the increase in cyberattacks. But that, of course, also points toward the increase itself.
#3: IoT-based security threats will increase significantly
In a recent survey by Allot and Coleman Parkes Research, only 34% of smart home owners had changed default manufacturer passwords on connected devices, the absolute bare minimum cybersecurity requirement. Only 17% of respondents reported they had set up a segregated network for their smart home devices to keep hackers from moving laterally from a device into the main home Wi-Fi network to gain access to PCs and sensitive information. This is disturbing since smart home and other IoT devices commonly found in homes are designed with little ability to integrate security technologies in them. With very limited CPUs and memory capacity, most IoT devices cannot support the most basic security methods. With IoT expected to grow exponentially over the next few years, that poses a serious threat to home network and the digital assets that consumers keep connected to them.
#4: CSPs will increasingly consider revenue from consumer services beyond communication
As competitive pricing reduces average revenue per unit (ARPU), CSPs are searching for ways to differentiate their brands and to increase ARPU through new and innovative services that go beyond connectivity. Among some of the world’s largest and most influential CSPs, there is a sentiment that security will be one of, and perhaps the most likely, service type that will make the difference both in brand affinity and in revenue. In fact Marc Rouanne, Chief Network Officer at DISH Networks in a recent interview went as far as to say that he believes that security is more important than speed in 5G networks. Rouanne believes that most consumers already have the speed they want with their 4G connectivity. But 5G has the potential to deliver the security that they will need to stay protected with the rising threats that 5G will invite.
#5: Consumers will start to consider their CSP as a trusted source of security
Cyberthreats arrive at your devices through the network to which you are connected. Whether at home behind your router, connected to the mobile network or as a guest on a Wi-Fi network, your devices and your digital assets are exposed to the possibility of cybercrime. So, if the common factor is the network, why not expect the network provider to be the one to provide protection from cyberthreats? This is the sentiment of a wide swath of consumers around the globe. In the survey mentioned earlier, respondents claimed that they were willing to pay their internet service providers 3 Euro and as much as 8 Euro per month for a comprehensive cybersecurity solution, depending on the region they lived in. In an earlier survey, 68% of respondents said they would switch providers to be on a more secure network. The same survey showed that 90% of consumers think the CSP should provide a security solution. These numbers show a willingness to consider the CSP as a trusted source of security for consumers. Now the burden lies on CSPs to act.
These predictions and trends do not paint a rosy picture for 2022 and beyond, even once the pandemic is in the rear view. The good news is that there is a great opportunity for CSPs to start providing security for their customers, and to protect them from cyberattacks before they reach them while enjoying an increase in ARPU. Once that trend takes hold, we could foresee a considerable reduction in cybercrime.
