2022 Cybersecurity Predictions

Glasses magnifying a computer screen.

As cybersecurity professionals, it’s critical to stay on top of potential cyberthreats that your organization may face to better prepare and build a proactive defense. Cybercrime in 2021 highlighted new trends with threats and breaches that have escalated the need to improve security strategies and modernize security operations. Last year certainly ended with a bang as security professionals across the globe worked quickly to mitigate issues pertaining to the Log4Shell vulnerability.

When we look back, several of LogRhythm’s 2021 cybersecurity predictions did, in fact, come true. Amid all the cybercrime and activity, did you see everything coming? Whether yes or no, things are not slowing down in 2022 — and there’s no time like to present to ramp up your defenses and prepare for what’s ahead.

Below, LogRhythm security experts and executives share their 2022 cybersecurity predictions for potential cyberthreats you may encounter this year. You can also view this accompanying infographic for a quick digest or check out our recent security predictions webinar that covers several of these top threats and risks in more detail.

Mark Logan, CEO:

1. The percentage of CISOs reporting directly to CEOs will double, and security team budgets will increase by double digits.

Historically, CISOs have struggled to help their organizations reach a desired security posture because they are not seen as being as influential as other members of the C-suite. The risk to an organization is amplified due to this lack of executive visibility when it comes to strategic planning and budgeting. Earlier this year, a report from LogRhythm found that only 7% of security leaders report to the CEO. On average, cybersecurity leaders are three levels away from reporting to the CEO, with 66 percent of CISO’s stating they still report to some part of the IT team. Additionally, only 37% say they or someone in their security function reports to the board of directors, despite 60% of organizations experiencing a cyberattack in the last two years.

However, after a year of one historic breach after another, the tide is turning. The role of the CISO will undergo a rapid transformation as CEOs and boards look to better understand the risks facing their organizations and how their security programs can protect against those risks.

We predict an increase of CISO reporting to CEOs to nearly double next year, providing the head of security greater access to C-level and more significant influence on corporate decisions.

Furthermore, we will see the security team within companies gain more stature in 2022, including an increase in demand for security talent that will push organizations to make substantial new investments focused on cybersecurity to address security issues. The increased investment will be primarily used to minimize third-party risk within application security and hire talent to validate the source code companies utilize.


James Carder, Chief Security Officer & Vice President of Labs:

2. A leading country producing semiconductor chips will have its supply-chain compromised, resulting in major shortages of critical materials. 

As we have seen with the pandemic, cybercriminals will take advantage of periods of societal disruption to manipulate companies and governments for financial gain. The global chip shortage, which shows no sign of slowing down as some experts estimate it could last through the end of 2022, is another period of disruption that hackers will soon exploit. As countries seek to ramp up production, one country will be caught attempting to corner the market by using fraudulent methods to gain access to the production and supply of the leading chip-producing countries. This will result in shortages of critical supplies, as well as soaring prices for basic goods.

3. The supply chain of a major vaccine manufacturer will be halted by ransomware.

In 2021, ransomware attacks crippled Colonial Pipeline and JBS. In 2022, cybercriminals will set their sights on carrying out a ransomware attack against one of the pharmaceutical companies producing the COVID-19 vaccine. This will interrupt the production of critical booster shots and keep many other lifesaving drugs from reaching patients. The resulting fallout will fan the flame for foreign and domestic vaccine disinformation campaigns.

4. Cybercriminals will leverage API vulnerabilities to breach multiple company networks at once.

Cyberattackers commonly use lateral movement techniques to move through an organization’s network after carrying out the initial breach. We have already seen the Russia-linked REvil ransomware-as-a-service group leverage Kaseya’s network management and remote-control software to move not only within Kaseya’s network but extend its reach to its customers. In 2022, we will see hackers seek to up-level the lateral movement concept for internal networks and apply it to an entire partner network using misconfigured APIs, which serve as a doorway from the internet into a company’s environment.

5. Hackers will blackmail Olympic athletes during the Beijing Olympics.

Hackers will breach various athletes’ accounts and find incriminating email exchanges regarding the use of performance-enhancing drugs and insight into the individual’s personal life. This will result in athletes being blackmailed into helping hackers carry out cyberattacks on their home countries or face the release of incriminating evidence.


Joanne Wong, VP of International Marketing:

6. Individuals, Not Infrastructure, Will Be Top Threats at the 2022 FIFA World Cup in Qatar.

Qatar has made significant investments in cybersecurity ahead of the FIFA 2022 World Cup. Although local cybersecurity teams are proactively mitigating threats to protect visitors, it is travel to the World Cup and the hospitality industry surrounding the tournament that will leave individuals vulnerable.

We predict that organizers will be prepared to manage the large in-country attack surface surrounding the tournament, but what about individuals before they arrive? It is individuals as well as the travel and hospitality industries that will need to be aware of these cyber threats.

Phishing and social engineering will be used to steal personal and financial information that criminals can monetize. Ticketing, hotel bookings and reservations of any kind can be faked and used to capture personal data and compromise individuals. Cybercriminals will recognize the work that Qatar has done to be prepared for the tournament and will focus on exploiting human nature before arrival, rather than digital infrastructure.


Matt Sanders, Director of Security: 

7. There will be a successful large-scale attack delivered through open-source software

Malicious actors have repeatedly demonstrated their technological aptitude at infiltrating and compromising organizations. Those same skills will be increasingly applied to the open-source software ecosystem (which welcomes all contributors), where attackers can intentionally introduce vulnerable code to widely used open-source software components. This would allow cybercriminals to exploit vulnerabilities on a massive scale, targeting companies that have built products using open-source technology without reviewing the code before copying and pasting it into their platforms. Such attacks can be extremely difficult to detect. It is likely that several instances of such attacks are already present in widely used open-source software today, which may be found in the year to come.

2022 Cybersecurity Predictions Webinar

Interested in hearing more from LogRhythm security experts on what possibly lies ahead in the cybersecurity world? James Carder and Matt Sanders break all this information down further in their 2022 Security Predictions webinar. You can watch this on-demand at any time to discover a brief recap on the predictions LogRhythm got correct in 2021, plus get a detailed explanation of the top threats you may face in 2022.