The year 2021 has shown how unpredictable cybercrime is progressing with several high-profile incidents. The most notable incidents, such as the failure of the US fuel pipeline in den USA, the Kaseya incident where a service provider was abused as a stepping stone to other companies or the Log4j vulnerability as a gateway for cryptomining, botnets and ransomware, are just the tip of the iceberg.
Cybersecurity as part of the corporate culture
A forecast right away: Cybersecurity will remain a key issue for IT and the industry in 2022. Reinforced by the pandemic, a large proportion of employees and partner companies access internal IT systems primarily from outside. Classic measures alone are no longer sufficient to be prepared against hacker attacks, particularly dynamic malware. The aim must be to anchor cybersecurity as profoundly as possible as part of the corporate culture.
Just in time for the turn of the year, the forecasts of various organisations and companies for the coming years are piling up. We have taken a look at the assessments of TÜV Süd  and analyst Gartner  and summarised them in four clear points.
Focus on ransomware
The constant development of technology and the possible increasingly serious effects are critical. Be it the increase in “Cybercrime as Service”, which makes ransomware attacks easier and more accessible, or the increasing number of severe disruptions that can occur, for example, in critical control systems and via IoT systems.
Better cyber security standards
The holistic goal of building secure systems will depend heavily on common and well-coordinated developments within the industries involved. Whether it’s secure supply chains, comprehensibly secure software development or the certification of such systems over the entire life cycle – companies will need to take current developments into account during production, deployment and application and have to adapt dynamically.
Data protection and cyber security
The issue remains omnipresent because of the increasing number of incidents and the increase in cyber-attacks. Consumers will increasingly take future standards into account in their purchasing decisions.
From a regulatory point of view, initiatives such as the European Data Protection Regulation are expected to be prepared and implemented in other countries to provide better protection for data subjects. This means that companies have to deal more with new requirements and developments.
Importance and visibility of IT security management
The increasing and often far-reaching impact of cyber attacks calls for better preparedness in companies. In addition to developing the necessary technical measures to safeguard operations, the organisational aspect is becoming increasingly important.
Within the company, the importance of IT security management is to be expected to increase significantly. Evidence of necessary measures is also required for external issues such as supplier relationships, procurement or the conclusion of insurance policies.
Conclusion: In many outlooks, cybercrime’s growing threat and rapid development constitute a significant challenge in the coming years. The technical and organisational demands on companies will increase. The joint development of standards and efforts to tackle cyber-attacks in a coordinated way will only lead to improvements in the long term.