BR +55 11 3069 3925 | USA +1 469 620 7643

Retrospective – Cybersecurity Forecasts for 2022

by | Dec 8, 2022 | BLOG

We are in the last quarter of 2022. Yes, it is the end of the year, and we are headed to prepare for 2023. This is also the time when markets in general, including cybersecurity, are preparing to present their forecasts for the following year. We, from senhasegura, already have our forecasts for 2023 and what the biggest challenges are for CISOs and their teams. However, the purpose of this article is to review the cybersecurity forecasts we made for 2022 and to understand how they were met this year.
First, let’s revisit the cybersecurity trends we brought in 2022. Here they are:

  • Greater Coverage of Data Protection Laws
  • Remote Work Protection
  • Cyber Awareness
  • Talents Wanted
  • It is All About Connection
  • Mobile Attacks
  • (Even) More Ransomware
  • Social Freedom
  • Artificial Intelligence and Machine Learning for Cybersecurity

Let’s now explore each of these forecasts and see what we got right (or not)!

Greater Coverage of Data Protection Laws

We all know data is the new oil. And governments have acted energetically to ensure the protection of their citizens’ data. This is reflected in the definition of high sanctions for companies that do not show commitment to the aspect of data protection.

Gartner estimates the personal information of 75% of the world’s population will be covered by specific data protection laws by 2023. In 2022, countries such as Thailand, the United Arab Emirates, and Qatar passed their specific laws for data protection. It is worth remembering the World Cup takes place in 2022 in Qatar. In this way, the data protection law further increases citizens’ guarantees regarding the processing of their personal data.

Another interesting aspect we brought into our cybersecurity forecasts for 2022 was the lack of a data protection law in the United States at the federal level. In July, the American Congress moved forward with the proposal of the American Data Protection and Privacy Act. However, the law still needs to go through new approval in the House of Representatives and the Senate.

Remote Work Protection

In our 2022 forecasts, we talked about the transformation of work environments during the pandemic. Remote work has been consolidated as an alternative to in-person work. According to the Buffer 2022 State of Remote Work survey, 72% of companies surveyed plan to allow their employees to work remotely, while in 2021 this percentage was 46%. Other important survey data are that 97% of survey respondents recommend remote work. The same percentage would also like to continue working in remote mode, at least for some time, for the rest of their careers.

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

3 + 3 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.


Cyber Awareness

Cyber Awareness should be among the priorities of CISOs. After all, it is impossible to invest in state-of-the-art security solutions without addressing the weakest link in this chain: people. According to Verizon, we saw a decrease in the percentage of data leaks involving the human aspect: from 85% in 2021 to 82% in 2022. The report also indicates a decrease in attacks involving Social Engineering as well as various mistakes. It is worth mentioning that the decrease in the influence of the human aspect in data leaks does not take away its relevance as a cybersecurity trend.

Talent Wanted

The cybersecurity aspect is increasingly present and more influential in organizations’ business strategies. To ensure infrastructure protection and business continuity, more resources are needed, including human resources.

According to the 2022 ISC2 Cybersecurity Workforce Study, the cybersecurity workforce has reached a record 4.7 million people, an increase of 11.1% compared to 2021. However, despite this increase, the gap grew more than double the workforce, with a YoY growth of 26.2%. According to the survey, more than 3.4 million cybersecurity workers would be needed;

It is All About Connection

In our 2022 forecasts, we talked about the development of technologies such as 5G and Internet of Things to offer greater connectivity to users. According to IoT Analytics, 14.4 billion IoT devices were expected, forecast to reach 17.2 billion by 2023 and a CAGR of 22% by 2025. In addition, according to Gartner, by 2025, cyberattackers will turn Operational Technology (OT) environments into weapons to cause even human deaths.

Another forecast that reinforces the need for the protection of IoT devices is that, according to Gartner, by 2025, more than 85% of companies will have more connected edge devices than laptops, tablets, desktops, or smartphones. And by 2026, more than 90% of companies will have some security incident associated with their edge network.

Mobile Attacks

The spread of remote work during the Covid-19 pandemic resulted in an explosion of mobile devices. Mobile device protection has evolved from the traditional antivirus approach to more comprehensive protection involving malware and zero-day threats. Moreover, companies have made BYOD and shadow IT policies more flexible, which hinders the process of protecting the devices used by cybersecurity teams;

(Even) more Ransomware

Ransomware attacks are among the top cybersecurity trends at least since the creation of Wannacry in 2017. And in 2022, cyberattacks through ransomware have only grown. According to ChackPoint, there was a 28% increase in ransomware attacks in the third quarter of 2022 if compared to the same period in 2021. During 2022, the areas that stood out in relation to ransomware attacks were Education and Healthcare. Education organizations experienced more than double weekly attacks compared to other industries, with YoY growth of 28%. Healthcare companies had a YoY increase of 60%.

Social Freedom

We talked about the influence of social media in important events, such as the war between Ukraine and Russia and elections in several countries, such as Brazil and the Philippines. In addition, the mid-term elections in the United States also took place. Fighting false information has been a growing challenge for governments around the world, with a growing difficulty for the population to identify such fake news. Also, another challenge is that many of those who disseminate this fake news want to associate this fight with censorship. In the United States, for example, the Disinformation Governance Board was created in April 2022. However, less than 5 months after the creation, the Board was dissolved, which shows this will continue to be a challenge for governments and society.

Artificial Intelligence and Machine Learning for Cybersecurity

With the rise of cyberattacks, adequate infrastructure protection depending only on the action of Information Security teams has become virtually impossible. With this, the use of technologies based on Artificial Intelligence and Machine Learning has become essential to ensure the protection of users and companies. According to Acumen Research, the global market for AI-based security products was $14.9 billion, with an estimation to reach $133.8 billion by 2030. The areas with the most opportunities for using AI and ML-based technologies are the protection of connected devices and Cloud environments.

2022 was not easy in the cybersecurity aspect. The increase in the number of cyberattacks and the lack of resources to detect and respond to these attacks have brought numerous challenges to security teams. After all, the question is not whether, but when organizations will suffer a cyberattack. And for 2023, the outlook is not the best one. We take this opportunity to invite you to check out the main cybersecurity trends for 2023.


SaaS, PaaS and IaaS: Learn about theCloud Computing Options

Understand these solutions to choose the best alternative for your business. For many years, we have been using cloud computing to access files that are not stored on a computer, but on email servers, social network websites, or internet pages, without the need of...

What does a Chief Information Security Officer (CISO) do?

A Chief Information Security Officer (CISO) is a high-level professional responsible for the digital security of a company. If you aspire to obtain this position, read our text until the end. In it, we explain more about the profession. With the advancement of...

An overview of essential certifications for CISOs

In the world of cybersecurity, the role of a CISO is crucial in protecting data and sensitive information. To excel in this career, it is necessary to have certain certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical...

What is the role of a CISO during a cyber attack?

The CISO plays a crucial role in incident management during cyber attacks as they are responsible for implementing containment and eradication measures. However, it is also their role to detect and prevent threats. Learn more in this article about the responsibilities...

Security Training Best Practices for Privileged Users

It is essential to train privileged users to avoid cyber threats, as they are the primary victims of hackers. Read our article and learn how to do it. Privileged user credentials are among the main targets of cybercriminals since they allow them to access data and...