The global cybersecurity industry will be worth almost $238 billion in 2030, a massive 106% increase up from the $115 billion value in 2020, according to forecasts by GlobalData. The leading data and analytics company notes that this growth will be supported by three key future predictions for 2022, which it outlines in its latest report, ‘Tech Media and Telecom Predictions 2022’.

GlobalData predicts that the range of cyber threats will increase as new technologies connect more networks, a ‘zero trust’ approach (the assumption that whatever entity is trying to gain access is untrustworthy until its identity is verified) will become commonplace, and security convergence (integrating security into wide area networks [WANs] and cloud services) will be increasingly important.

Emilio Campa, Analyst on the Thematic Team at GlobalData, comments: “Hackers used to be one step ahead, but now the gap between the ‘good’ and ‘bad’ guys has widened. Increased use of virtual private networks (VPN) and a general lack of cybersecurity awareness led to many high-profile attacks in 2021. Discussions on cybersecurity have moved to the boardroom, but many companies still lack an effective strategy to counter these risks.”

Below, Campa offers his view on three of the trends that will most impact the cybersecurity industry in 2022:

Cyber threats will increase in sophistication and intensity

“Ransomware is a type of malware that prevents access to a computer system or data until a ransom is paid to the attacker. Double extortion ransomware exfiltrates data first and then encrypts it. Whether the ransom is paid or not, hackers using this type of malware now have a copy of the data and can sell it online to the highest bidder.

“Double extortion will become the main form of cyberattack in 2022, and a double extortion ransomware attack that spreads globally will occur. Companies that handle large quantities of user data or operate networks that manage critical national infrastructure will be most at risk. GlobalData expects governments will focus on offensive cyber capabilities to deter attackers, but this form of deterrence is likely to be ineffective—attribution difficulties and ambiguity surrounding proportional retaliation undermine most cyber deterrence efforts.”

Organizations will start taking the zero-trust approach seriously

“Companies that do not adopt a zero-trust approach will be more likely to experience a cyberattack in 2022. As of September 2021, the US government mandates its agencies to achieve five specific zero-trust security goals by the end of 2024. Corporations that do not follow this example will miss out on a critical defense that will save them money in the long run. However, implementation of zero trust will not be easy: Google took six years to fully migrate its staff to a zero-trust framework.”

Security convergence will be an increasingly important area in 2022

“Demand will increase for solutions that integrate security into WANs and cloud services in 2022. Most companies understand that security is an integral part of their entire business infrastructure and are turning to multiple vendors to provide security services. Therefore, interoperability will become increasingly important. Governments continue to experience ‘gray zone’ cyber threats—such as the 2017 WannaCry ransomware attack that impacted the running of the NHS, and the 2020 SolarWinds hack that resulted in huge amounts of sensitive data being stolen—and will turn to businesses for holistic security and data protection solutions.”