Top Cyber Issues – Industry Growth Forecast 2022

Web applications represent the biggest opportunities and challenges for companies related to cybersecurity, and that will be true throughout 2022.

Whether companies use off-the-shelf applications or develop their own, web applications frequently have vulnerabilities that can lead to data leaks. breaches and access to other systems. Their increased popularity presents significant cyber risk because of their vulnerabilities.

Potential disruptors facing organizations in 2022 are concepts used to secure our federal information systems moving into the private sector, like zero trust.

Tools such as privileged access management and user behavior analysis likely will impact cybersecurity. The change to zero trust is a fundamental shift in the information security structure of an organization’s access management process.

This is a change from the widely used practice of granting users access to giving them zero access until they show why they need it.

Other cyber trends include regulations for increased focus on privacy laws, ensuring that companies maintain the privacy of their customer data. States also are likely to increase the number of cyber regulations.

It’s expected that by 2025, over 75% of the world’s population will be covered by privacy laws. This includes GDPR in the EU and privacy laws by states in the U.S. to protect consumer data. 

Department of Defense contractors this year will face what’s known as the Cybersecurity Maturity Model Certification. CMMC, as it’s commonly known, will be required for all DoD contractors doing business with the federal government. 

The DoD realized vendors in the defense industry must implement security controls to protect sensitive data that they interact with and their integral role in the DoD’s supply chain. 


75% of the world's population is projected to be covered by privacy laws by 2025

All DoD contractors will be required to comply at some level with this certification. Depending on the nature of the federal data they hold, contractors will be required to have a third-party audit attesting to their level of cybersecurity maturity in accordance with the CMMC model.

Companies should engage with professionals to help them get ready for their CMMC audit. Compliance will require a significant amount of time, resources and effort for organizations to maintain certification.

There are a number of ways companies can reduce cyber risk and keep up with new regulations and certification requirements.

The first is to perform appropriate cybersecurity tests before an application goes live, either when it’s initially developed or after significant changes are made. 

People are often the weakest link when it comes to web application security. It’s important to create a culture of cyber awareness and regularly update users on current risks.  

Many enterprise applications that companies use today have built-in security controls. The challenge is implementing them to get the full security benefit of the features. 

This year, organizations should focus on engaging their senior leadership and boards of directors in their cyber risk management programs. A challenge we often see is organizations making investments in cybersecurity tools and systems, but not making investments in the resources needed to manage them.

Users continue to be the weakest link in the cyber security chain. Organizations must focus on routine training and awareness of their end users and IT personnel related to cybersecurity risks and threats. They also must align their IT controls with their manual or financial internal controls. This helps mitigate risks, such as business email compromises. 

Cyber threats will continue to evolve, and breaches will occur more frequently. It’s important for organizations to develop a cyber risk management program to minimize the likelihood of a cyber incident and limit the impact if a breach occurs.



More Insights

Cybersecurity Challenges Digital Banking

The COVID-19 pandemic and changing consumer demographics have accelerated the need for financial institutions to expand their digital and mobile...


Why Web Application Security is Paramount

Web application vulnerabilities remain pervasive and extreme, enduring because organizations have misaligned security efforts with application...


Act Now: Mitigating Foreign Influence Threats

The United States is the top target for cyberattacks, and in light of current political events this has never been truer. As a recent article by...


COVID-19 Impacts on HIPAA: Maintaining Security and Privacy

COVID-19 has changed the HIPAA landscape in the short term, and some of these changes will undoubtedly echo long after the pandemic has ended....


What to Do When the Worst Happens

I’m sure you’ve heard the saying, “Hope for the best, but expect the worst.” I’d like to offer the IT incident response version, “Hope...


Securing a Mobile Workforce

Our former Executive Partner, Joey Havens, announced a new mobile document sharing platform for our organization. With a mantra of fearless unrivaled...


Talk to an expert today.