Written by

Bernard Marr

Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity. He is a best-selling author of 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations. He has over 2 million social media followers, 1 million newsletter subscribers and was ranked by LinkedIn as one of the top 5 business influencers in the world and the No 1 influencer in the UK.

Bernard’s latest book is ‘Business Trends in Practice: The 25+ Trends That Are Redefining Organisations’

View Latest Book

Follow Me

Bernard Marr ist ein weltbekannter Futurist, Influencer und Vordenker in den Bereichen Wirtschaft und Technologie mit einer Leidenschaft für den Einsatz von Technologie zum Wohle der Menschheit. Er ist Bestsellerautor von 20 Büchern, schreibt eine regelmäßige Kolumne für Forbes und berät und coacht viele der weltweit bekanntesten Organisationen. Er hat über 2 Millionen Social-Media-Follower, 1 Million Newsletter-Abonnenten und wurde von LinkedIn als einer der Top-5-Business-Influencer der Welt und von Xing als Top Mind 2021 ausgezeichnet.

Bernards neueste Bücher sind ‘Künstliche Intelligenz im Unternehmen: Innovative Anwendungen in 50 Erfolgreichen Unternehmen’

View Latest Book

Follow Me

The Biggest Cyber Security Risks In 2022

28 March 2022

Both the global pandemic and, more recently, the war between Russia and Ukraine have brought the threat of cyber-attacks on individuals, businesses, and nations into sharp focus.

The Biggest Cyber Security Risks In 2022 | Bernard Marr

As more of our lives have moved online to cope with lockdowns and restrictions on movement, scammers, hackers, and fraudsters have enjoyed greater opportunities to strike. And international tensions have shown us that today warfare is fought just as ferociously in the digital domain as it is in the real world, as state-sponsored threat actors attempt to spread disinformation and destabilize critical infrastructure.

Last month, economists at Goldman Sachs said that infrastructure responsible for generating and distributing energy, financial services, and the transport sector in the US is particularly vulnerable to potential Russian cyber-attacks that could cause billions of dollars worth of damage.

This means that the role of the Chief Information Security Officer – CISO – is becoming more important than ever when it comes to ensuring organizations are taking every precaution to avoid becoming victims.

This week I have had a conversation with Equifax CISO Jamil Farshchi. As one of the world’s largest credit agencies, Equifax has custody of data on more than 800 million individuals and 88 million companies. And as CISO, the buck stops with him when it comes to keeping this information safe. Before joining Equifax, he was responsible for protecting the US space program during his time with NASA, as well as its nuclear arsenal when he was with Los Alamos National Laboratory.

Farshchi has just compiled his own list of what he considers to be the ten most serious cyber-security threats faced by industry and society in 2022. He joined me to discuss these in more detail, as well as to talk about how he hopes the cyber-security industry will evolve to meet these challenges.

Threat to Trust

Aside from the potential for breach of privacy, loss of money, and disruption to infrastructure from cyber-attacks, there's another genuine and pressing problem that's often overlooked: A loss in the trust in tech and data. Emerging technology and data have the potential to do real good in the world, including solving massive problems like ending the energy crisis, feeding the hungry, protecting the environment, and curing disease. However, for any of these things to eventually happen, it has to be trustworthy. Farshchi told me how one incident – the Capital One data breach discovered in 2017 – caused a lot of companies to delay their move to the cloud as they reassessed the security implications.

He tells me, "If we [CISOs] don't do our jobs well … if the cyber crisis isn’t reigned in, it’s going to hurt our ability to innovate … those roadblocks and hurdles impact our ability to be successful and leverage the latest technologies.

“But if we do technology right, I think that both economically as well as from a societal standpoint … I do my best, and I want the industry at large to be able to focus on this so we can all be in a better place."

2021 saw a record rise in the number of data breaches and ransomware attacks, and Farshchi says that, unfortunately, he only believes that this is a trend that will continue. As technology permeates more of our lives, there will simply be more opportunities for us to accidentally leave doors or windows open, giving malicious actors the opportunity to sneak in and cause damage.

Take the internet of things (IoT), for example … the vast and ever-growing network of online, connected devices encompassing everything from industrial machinery to connected cars and smart home appliances. It’s predicted that there will be over 27 billion of these devices by 2025, creating an unprecedented number of opportunities for cyber-criminals.

These threats are well established and should clearly be on the radar of everybody with responsibility for cyber-security. But what about more exotic threats, such as the dangers posed by the onset of the era of quantum computing?

Quantum Security

"This one really worries me," Farshchi says.

“A lot of folks think this is something we have to worry about in the future … the bottom line is that there are threat actors out there that are collecting encrypted data today … data that [using classical computing technology] would take thousands of years to decrypt. And they’re collecting it for a reason.”

The reason is that its quickly becoming apparent that quantum technology will be available in the not-too-distant future that will make short work of many of the industry-standard encryption techniques that are used to secure data today.

“This data has a long shelf-life … we’re racking up a tab that we’re eventually going to have to pay for.”

Farshchi believes that bodies such as the US National Institute of Standards in Technology are not moving quickly enough to adapt to these threats – guidelines on how government bodies should prepare for themselves for a time when all data will need to be protected with quantum-proof security are not even due to be published until 2024.

This is one of the reasons that "The quantum computing threat isn't decades away, it's here now," and it’s one of 10 key warnings in Farshchi’s report.

Others include the need for corporate boards to understand their liability as it relates to the data in their custody, the “blind spots” in security strategy when it comes to supply chain threats, growing cases of identity theft, and the increasing profitability to criminals of ransomware attacks.

The Importance of Preparedness

The key to being ready to cope with these threats, wherever they may come from, is preparedness, Farshchi tells me.

"If you've been through the steps to prepare, you can adapt in your muscle memory and respond," he says.

“I grew up in Iowa – we get a lot of tornados there … and you practice and prepare for them. Then fast forward to college, when I was there, and there were tornados all over the place. When you looked around, you could tell which [classmates] had grown up in the Midwest and which hadn’t … they knew what to do.

“I was in a different circumstance – I wasn’t back in Iowa, but I knew how to respond, and I think the same thing applies here. If organizations go through the steps and they practice with their board and executives, then when bad things happen … you’re able to lean in and solve them in a very rapid fashion.”

When I asked how he hoped the cyber-security landscape would look in the near future, he gave an answer that at first seems counterintuitive: "I would like to see more sophisticated threats out there.”

It turns out that there is a more down-to-earth reason for this than simply wanting to put his skills to the test against more challenging attacks; Farshchi reasons that most of today’s cyber-attacks, such as phishing and ransomware, while they may seem complex to a layman, are in fact remarkably simple. And it’s an indictment of much of the existing cyber-security infrastructure that so many attacks are still successful.

“It means that organizations aren’t even doing the basic things … and if we fast-forward to the future and we have a situation where we’re getting hit by meaningful and sophisticated attacks, it means we’ve done the basic stuff … we’re doing at least the minimum level necessary to make it difficult for our adversaries.”

You can watch my conversation with Jamil Farshchi, CISO at Equifax, where we also talk about the threats to security posed by the metaverse and more of the key threats identified by Farshchi in his new report. If you prefer to listen to it, then check out my podcast.

Business Trends In Practice | Bernard Marr
Business Trends In Practice | Bernard Marr

Related Articles

The 9 Biggest Trends Manufacturers Need To Be Ready For

Manufacturing organizations have enormous opportunities to leverage smart factories and new technology trends to boost revenue, increase safety, and improve processes.[...]

The Future Of Work: 4-Day Week And Pioneering Ideas At Virgin Money

Work has changed immeasurably over the decades that I have been in the workforce, and I am sure that 20 years from now, it will be unrecognizable from how it is today.[...]

Stay up-to-date

  • Get updates straight to your inbox
  • Join my 1 million newsletter subscribers
  • Never miss any new content

Social Media

0
Followers
0
Followers
0
Followers
0
Subscribers
0
Followers
0
Subscribers
0
Yearly Views
0
Readers

Podcasts

View Podcasts