But as 2022 launches, economists, such as those at IHS Markit, are predicting that new waves of COVID won’t derail the economy like it did in 2020. They note that the introduction of the Omicron virus signals a very important switch from pandemic to endemic. And, according to FactSet, S&P 500 earnings are expected to grow 9% in 2022.
And while the world gets its feet back under itself in 2022, one threat still lingers from the past two years: an increase in cyberattacks. Heightened nervousness over uncertainty fueled the ability for hackers to easily infiltrate businesses. And the threat continues.
To keep you apprised of the current state of third-party cybersecurity risk, we looked into the crystal balls of leading cybersecurity sources. Here’s their 2022 (and beyond) predictions:
1. Sixty percent of security incidents will result from issues with third parties.
In 2022, Forrester predicts that cyberattacks will not only target large enterprises, but smaller vendors and suppliers as well. Research conducted by Evident, an insurance verification solution, shows that 75% of third parties fail to meet contractual insurance requirements. Firms that don’t invest in the trifecta—people, process, and technology—may find an increase in third-party incidents.
2. By 2025, 60% of organizations will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements.
A business’s cybersecurity risk will be heavily scrutinized when it comes to mergers, acquisitions, and vendor contracts, resulting in a dramatic increase in security questionnaires by 2025. Prior to conducting any type of business transaction, most organizations will thoroughly evaluate the security risk when assessing opportunities.
3. Companies to prioritize supply chain resiliency, responsible sourcing
Small vendors and suppliers are being targeted as an easy way into larger enterprises, who typically have stronger security measures in place. As a result, many companies plan to implement stringent onboarding policies that may include contracts forcing vendors to assume cost of remediation and risk related to third-party attacks.
4. Securing data with third-party vendors in mind will be critical
Evaluating vendor access to data will become a top priority; however, this will be coupled with increased costs, resources and processes. Without visibility into third-party ecosystems, organizations may risk damage to their reputations and monetary implications if a third-party breach occurs.
5. Attackers Will Find New Ways to Hide Logic Bombs
Every year, attackers develop new ways to infiltrate businesses, and 2022 will be no exception. The opportunity to implant logic bombs—code buried in a machine that will delete files if the attackers’ demands are not met—by third-party vendors will increase as more outside sources are used to manage and maintain internal systems.
What’s Your 2022 Prediction?
If your company lacks adequate security measures to protect against these predictions, contact ProcessBolt for a customized demo. Our all-in-one automated vendor risk management serves both vendors and enterprise customers, and eases the burden of managing incoming and outgoing security assessments. Complete this form to receive a demo.