The Top 22 Security Predictions for 2022

Click here to view original web page at
2022 loading bar

Where do we go from here?

As we head into 2022, the nation and the world ponder that question on topics ranging from the spread of the omicron coronavirus variant to new job prospects to the rise of inflation and interest rates to when international travel will return to pre-pandemic levels.

And in the midst of our accelerating digital transformation that has redesigned government and business processes over the past two years with remote work and more, the vast number of online trends, cyber forecasts, and security predictions are growing in breadth and depth more than ever before.

As I predicted back in early 2016 (see the end of this article on how to benefit from security predictions): “The more the security and technology industries grow, the more predictions we will have. From the Internet of Things, to new technologies to robots to self-driving cars, do you really think we will be talking about security and privacy less in 2020? I don’t.”

Indeed, this continues to be true as we enter 2022. There is tremendous professional value in reviewing these security prediction reports, and the companies that best articulate our future digital problems are also the best equipped to offer valuable solutions. With cybersecurity concerns again topping the list of CIO concerns for 2022, there has never been a more important set of cyber insights to digest in order to equip technology pros to fight the cyber battles ahead in the new year.

Still, many companies are renaming these reports without the traditional “predictions” or “forecasts.” White papers and annual reports are often using phrases like “trends,” “findings,” “recommended solutions,” “actions required,” “themes” or other words that still point to their desire to describe what has happened, what is coming next and what needs to be done now to prepare for 2022 and beyond.

Last December in “The Top 21 Security Predictions For 2021,” I noted the following summary of expected trends for 2021:

So how did we do? In most respects, this list of cyber industry predictions proved to be very accurate. If any faults were to be found, the predictions understated the attacks on critical infrastructure — and the government response afterwards. Both of those items show up in this year’s predictions.

Last week, I released my roundup of the top 2021 cybersecurity stories, with ransomware crippling critical infrastructure at the top of the list.

This year we again see many familiar themes, with cyber threats around working from home, supply chain, new ransomware, mobile threats, and new twists on cloud threats spread throughout the report. We again see forecasts of more government compliance rules, 5G challenges, APTs, deepfakes getting really dangerous, privacy concerns, and another year of healthy growth in technology and cyber companies.

New focuses this year cover:


Important reminder: This ranking covers organizational reports and not just individual predictions. Most reports offer six to 10 predictions, and the top reports group their cybersecurity predictions and themes into categories. Also, the research and details behind each security prediction offer vital context. I urge readers to visit these company portals, read their full prediction reports and see the details on each item. My goal is to point you in the right direction for more details and solution specifics.

The Top 22 Security Prediction Reports Ranked by Security Industry Organization

1) Trend Micro: Toward A New Momentum - Trend Micro Security Predictions for 2022. Trend Micro did it again. They produced a comprehensive security prediction report for 2022 with multiple formats, a 28-page PDF, and an interactive portal that breaks down their insights into six categories: cloud threats, ransomware threats, vulnerability exploits, commodity attacks, IoT threats and supply chain attacks.

Here is an excerpt:

“In 2022, decision-makers will have to contend with threats old and new bearing down on the increasingly interconnected and perimeterless environments that will define the post-pandemic workplace. Our experts’ security predictions provide valuable insights aimed at helping organizations mount a multilayered cybersecurity strategy that will be resilient against disruption and compromise. This strategy should involve:

Two sample Trend Micro predictions on ransomware:
“First, ransomware attacks will become more targeted and highly prominent, making it harder for enterprises to defend their networks and systems against these attacks. Because modern ransomware is relatively new, it is very possible that enterprises have yet to make the same ransomware mitigation and defense investments for servers as they have made for endpoints. In addition, the continuing lack of skilled cybersecurity specialists is an aggravating factor with regard to securing organizations against ransomware threats. The TTPs used by ransomware operators will likely stay the same, but they will be used to go after more complex targets, ones that will possibly be bigger than the major targets of previous years.

“The second development that we foresee is that ransomware operators will also use more modern and sophisticated methods of extortion that will resemble nation-state advanced persistent threat (APT) attacks. Once attackers are able to infiltrate their victims’ environments, they can opt to just exfiltrate sensitive data and go straight to extorting their victims, skipping the encryption or access blocking step altogether. In terms of the primary means of successful extortion, the focus will veer away from denial of access to critical data in favor of leaking and mining stolen data for weaponization. Attack vectors used by ransomware operators to target enterprises, such as virtual private networks (VPNs), spear-phishing emails, and exposed remote desktop protocol (RDP) ports, will remain at play. However, in 2022, the cloud will be targeted more often. As more enterprises migrate to the cloud, they bring with them their sensitive data and resources, prompting cybercriminals to follow suit.”

2) Watchguard Technologies: Not to be denied well-deserved attention, Watchguard’s 2022 Predictions again offer an outstanding security prediction report with professional videos that add to their presentation.

Here are their six big predictions with links to the details.

3) Kaspersky Labs: As in other years, Kaspersky Labs offers a wealth of research and a large number of predictions in various areas of cybersecurity. Unlike other years, I did not spend hours searching the Internet to find their various reports. Still, they get good marks for these security predictions for 2022 that were easily found in about 30 minutes:

“The potential of commercial surveillance software to provide access to large amounts of personal data and wider targets makes it a lucrative business for those who supply it and an effective tool in the hands of threat actors. Therefore, Kaspersky experts believe that vendors of such software will diligently expand in cyberspace and provide their services to new advanced threat actors, until governments begin to regulate its use.

“Other targeted threat predictions for 2022 include:

4) Check Point Software: Deepfakes, Cryptocurrency and Mobile Wallets: Cybercriminals Find New Opportunities in 2022

“Fake news 2.0 and the return of misinformation campaigns: The claim of ‘fake news’ surrounding contentious issues has become a new attack vector over previous years without people really understanding its full impact. Throughout 2021, misinformation was spread about the COVID-19 pandemic and vaccination information. The black market for fake vaccine certificates expanded globally, now selling fakes from 29 countries. Fake ‘vaccine passport’ certificates were on sale for $100-120 and the volume of advertisement groups and group sizes publishing sellers multiplied within the year. In 2022, cyber groups will continue to leverage these types of fake news campaigns to execute various phishing attacks and scams.

5) Mandiant: 14 Cyber Security Predictions for 2022 and Beyond — Mandiant split off from FireEye this year, but did not disappoint with their own excellent prediction report. My free advice for next year: Add back Kevin Mandia’s state of the Internet letter to the front of your activities.

I love this clip from Kevin (he was still CEO of FireEye when this was filmed) offering a powerful view of the future:

A few highlights:

6) Forcepoint: Forcepoint has gone all out this year and offers an impressive five-part “Future Insights” series. These topics are covered in detail and offer insightful deep dives into a variety of cyber topics.

Part 1: Cyberattacks: Now Part of the Military Arsenal
Part 2: Are We Ready for Mass-Market Malicious Updates?
Part 3: Security Recalculated: Understanding Risk Means Understanding the Workforce
Part 4: The Rise of Tractor Hackers and Smart City Attackers
Part 5: The Curtain Rises on the Age of Prevention

This article offers a good summary of Forcepoint’s 2022 cybersecurity predictions:

“1. We should expect cyberattacks to become a staple of military arsenals in 2022 and beyond – next year, more nation states will use digital vulnerabilities in smart cities, state and local governments to undertake cyberattacks which are part of national offensive strategies.

“2. In 2022, we expect a significant rise in criminal copycats delivering malware via software updates – the Sunburst incident shocked the industry. Using highly sophisticated malware hidden inside legitimate software updates, the attackers not only exfiltrated targeted data but also spread the malware across a huge spread of victims. When malware is successful, copycat attacks will follow. What happens when malicious updates hit the mass market? How do we protect ourselves?

“3. In 2022, organisations will turn to analytics to recalculate their understanding of cybersecurity risks and to reshape their protection strategies – when we talk about business risk, it boils down to two fundamentals: do we understand one) what we are protecting, and two) the factors that impact our ability to protect. The last eighteen months has seen a gradual erosion of the "rules" we had in place to manage workforce behaviours, and without an accurate understanding of this behaviour, risks can easily be introduced. The “new rules” that govern technology and personnel requirements for the remote and hybrid workforce will drive how we protect our organisations from both internal and external threats.”

7) McAfee & FireEye: McAfee Enterprise and FireEye 2022 Threat Predictions came out with a joint prediction blog report after the announcement that the combination of McAfee Enterprise and FireEye was complete in October. Their ranking dropped due to a lack of depth that was easy to find in one place. However, this was a very creative prediction report with items like:

They also offer deeper dives via YouTube videos, but they are hard to find, and not what FireEye or McAfee have done in the past. For example:

8) Splunk Predictions 2022 – Splunk again offers a solid prediction report, but you’ll need to register to download the full report. There are also so many detailed prediction highlights available in many places online (without registering).

Two security predictions that they offer:

For Government: Innovators drive government services

9) Gartner offers their Top 8 Cybersecurity Predictions for 2021-2022, beginning with this introduction: “A focus on privacy laws, ransomware attacks, cyber-physical systems and board-level scrutiny are driving the priorities of security and risk leaders.” Unlike most others, Gartner offers unique predictions that have dates and percentages. However, the details behind these predictions will cost readers (not free).

Here are four of the Gartner security predictions:

10) Fortinet offers the FortiGuard Labs Predictions for 2022: Tomorrow’s Threats Will Target the Expanding Attack Surface.

Two of their security predictions include:

11) Emsisoft Blog: This piece brings in a diverse set of cybersecurity predictions from a wide variety of global cyber experts. I found several of these to be very interesting, including two that think ransomware actors will lie low and that we will see a big reduction in global ransomware in 2022.

For example: Mikko Hyppönen, chief research officer at F-Secure, said, “The largest ransomware gangs will try to lie low during 2022. They’ve made so much money over the last few years that the risk is not worth it as international law enforcement finally reacts to the biggest cybercrime problem we have.”

Joe Tidy, cybersecurity reporter at BBC News, said, “I think we will see the end of large-scale ransomware attacks. They won’t die off entirely but they will become just another potential form of attack and no longer the biggest boogeyman in cyberspace. The reason I think this is that I have a glass half-full perspective and also the pressure building on the gangs is just too great. We’ve already seen the big bads of Darkside and REvil go and I think the landscape outside of Russia and within is becoming more tough for the groups. Will another form of cyber attack rise from somewhere else in the world? I hope not!”

12) BAE Systems offers their unique and researched 2022 Cyber Predictions with easy-to-download PDFs and details on each item listed. Well done BAE!

13) AT&T offers their 2022 Cybersecurity predictions. Here are four trends they highlight:

Industry expert Chuck Brooks also offered these security predictions for the new year on the AT&T website. Here are two:

You can also see the YouTube video for the AT&T ThreatTraq 2021 recap and 2022 security predictions here.

14) Symantec/Broadcom offers their Broadcom Software 2022 Predictions with an interesting and different perspective:

15) Forrester offers Predictions 2022: Continued Uncertainty Forces Attention On Securing Relationships, but you’ll need to pay $795 for the full report.

Still, these highlights are worth examining:

16) Forbes has many security prediction articles from a variety of different sources and perspectives. Taken as a whole, they provide an excellent landscape overview. Here are a few:

17) BeyondTrust released their Cybersecurity Trend Predictions for 2022 & Beyond back in October, and the list offers some familiar themes for areas of attack and/or concern (with details at the website). Here are their first eight items:

Finally, Beyond Trust offers this item for the next few years, which I think is unique and excellent: Digital Death and Resurrection. There is no argument — we live in a digital world. More and more resources reside on the Internet, including our photos, memories, and special events.

Unfortunately, humans are mortal. When we die, many of these resources are orphaned and unmanaged. Friends and family members may not even know the passwords to retrieve this priceless information.

In the next five years, expect to see new businesses emerge that can access and preserve a person’s digital presence after death. The services will include basic archive and retrieval, and the ability to download content in a consumable format (printed photos, slide shows, music videos, etc.) as a memorial to the deceased loved one.

18) ThycoticCentrify: My respected colleague and friend Joe Carson, chief security scientist at ThycoticCentrify, again has an excellent list of predictions for 2022 worth paying attention to. His No. 1 and No. 3 should raise some eyebrows.

19) VMware offers a report on Securing the Future: 7 Cybersecurity Predictions for 2022. Since this came in later than many other reports, it starts off with Log4j as an inspiration for zero-trust implementation. As usual, see their report for details.

20) Infosecurity Magazine offers their Top 10 Infosecurity Predictions for 2022. This is a nice list with some common perspectives. Here are their first seven, in a list which is a good summary of predictions from across the cyber industry:

1. Evolution of Cyber Insurance
2. More Cryptocurrency Heists
3. Deepfake Technology Used to Commit Fraud
4. Growing Role of AI to Combat Cybercrime
5. Continued Growth of Data Protection Legislation
6. Increased Adoption of Zero Trust
7. Governments Taking a More Proactive Role in Cybersecurity

21) The Enterprisers Project offers these four issues to watch in 2022 that are worth reading the details on:

22) Barracuda Networks offers nine predictions for 2022. Here is a small sample:


23) Outpost24 offers a series of experts who offer these unique predictions:

24) Security Magazine describes what to expect in the coming year, reporting: “2022 will be the year of cybersecurity” (which I find either very optimistic or too obvious).

25) Information Security Solutions Review offers 32 experts’ 2022 cyber predictions. (Longer pieces, but many valuable insights.)

26) Egress has four cybersecurity predictions for 2022.

27) Auth0 offers their Top 6 Cybersecurity Predictions for 2022. Here are three of them:


Note that the cutoff for this list was Dec. 21, 2021.

- CyberSaint Security — CyberSaint’s Security and Risk Predictions for 2022

- CyberArk Cybersecurity Trends for 2022: The Roots of Attacker Innovation

- Dataversity — Cybersecurity Predictions: What to Expect in 2022

- Palo Alto (APAC) — Palo Alto Network’s top cybersecurity predictions for 2022

- Database Trends and Applications — 13 Cybersecurity Predictions for 2022

- PerimeterX (via TechRepublic) 5 predictions to help you focus your web app security resources in 2022

- Mobolize — Predictions 2022: Better Mobile Device Performance for Zero Trust and Cloud Access Security Ensures Great SASE

- HP From Growing Supply Chain Attacks To Ransomware Gangs Putting Lives at Risk: Top Cybersecurity Predictions for 2022

- Deep Instinct Top Cyber Influencers Offer Future Cyber Predictions for 2025 & Beyond

- Netskope — Security Service Edge (SSE) Considerations for the Future of Work

- Governing* (Mark Weatherford) — A Year to Focus on 3 Crucial Cybersecurity Issues

- LogPoint — LogPoint 2022 Predictions: The year of holistic threat detection and incident response

- Endpoint Security Solutions Review 11 Experts Share Advice on Device Security in 2022

- Synopsys — 2022 software security predictions that should be on your radar

- Computer Weekly Top IT predictions in APAC in 2022 (with security included throughout)

- Digicert — 2022 Security Predictions

- DataCenter Knowledge — Looking Forward to 2022: What To Expect in Cybersecurity

- Radware — 2022 Cyber Predictions: Supply Chain Crisis and Remote Workforce Lead to New Security Challenges

- Tenable — (Business Australia predictions) Cyber security trends businesses can anticipate in 2022

- Ermetic — Cloud Security Predictions for 2022 (with good pro tips)

- DevOps Digest — 2022 DevOps Predictions (many on security)

- Experian Brace yourself for these five top data breach trends in 2022, Experian warns

- AttackIQ — 2022 Cyber Predictions: Former White House Chief Strategy Officer Weighs In on MITRE ATT&CK and More

- FedTech Magazine — 4 Federal Government IT Trends to Watch in 2022

- Optiv 10 Big Cybersecurity Bets For 2022 From Optiv CEO Kevin Lynch


Most Comprehensive Vendor Report Overall: Trend Micro – Toward A New Momentum - Trend Micro Security Predictions for 2022

Most Creative (tie): McAfee Enterprise and FireEye 2022 Threat Predictions (love the prediction names!) and WatchGuard — great all-around videos again.

Least Reported But Most Likely Prediction: Beyond Trust for their prediction on Digital Death and Resurrection.

Scariest: Kaspersky LabsBoth Cybercriminals And State-Sponsored Actors Will Target Cryptocurrencies

Most Common: “Ransomware attacks will become more targeted and highly prominent.”

Technical (Geeky) Prediction to Watch: WatchGuard Spear SMSishing Hammers Messenger Platforms


Every year I read through hundreds of security predictions reports with thousands of predictions. No doubt, many are repeats and some predictions have already happened. Regardless, I always learn so much and gain new perspectives. My hope is that you will do the same — with much of the legwork already done.

What’s missing? Again, few, if any, “Cyber Pearl Harbor” or “Cyber 9/11” predictions. Also, the late-breaking news about Log4j received minimal coverage (on how that will impact 2022) because most reports came in too early.

There was also little mention about the Winter Olympics in China, the World Cup or other major sporting events.

Another big midterm election is coming in November, and few talked about bad actors meddling in that. However, most other areas were covered in detail as many focused on how cyberthreats will impact day-to-day life.

On the positive side, new federal cyber grants and more focus and coordination on cyber by global governments were covered by many — with a minority predicting a much better cyber story in 2022.

Happy New Year to all, and thanks for following “Lohrmann on Cybersecurity and Infrastructure.”

*Governing is a sister publication of Government Technology.