From tighter regulations for public sector to ransomware and the continued rise of the remote workforce, read all about it from our senior management team as they weigh in on their thoughts for 2022.
Looking at 2022, and it seems clear that there will be tighter regulatory oversight for the public sector.
The NHS is already going through Data Security Privacy Toolkit (DSPT) processes and several recent tenders for large public sector organisations have made compliance to Cyber Essentials Plus a mandatory requirement for every supplier. If the NHS is a template, then more public sector organisations will be required to adhere to CE+ within a few years. And I would expect these requirements to spread to anybody that supplies into the public sector. The framework is not onerous, but it is audited which means that organisations need to do more than just a “check box” exercise so it’s wise to start looking at these optional processes now and before they become mandatory.
Although Ransomware is certainly not new, the last year has seen its meteoric rise in the public consciousness and the coming year will unfortunately be more of the same.
However, the move by AXA, one of Europe’s largest insurers, to stop offering new insurance policies that cover ransom payments to criminals for French policy holders may be the start of a wider trend across the region during 2022. The logic is that ransom payments encourage more ransomware attacks and drive up the cost of cyber security insurance policies. Although UK companies can still gain insurance policies that will pay ransoms – assuming you can prove no liability, it’s likely that AXA’s position might spread. The whole market for insuring against all forms of cyber-attack and outage is an interesting area and I suspect that 2022 will be a year where its starts to get a lot more attention from enterprises.
The ‘great return to the office’ has not materialised as expected by most, with more organisations opting to have more staff working remotely as a permanent option.
The first of the studies that have looked at issues such as productivity and mental wellbeing are starting to emerge and, in many instances, home working seems to be on parity with office working and, in some cases, proving a benefit. However, organisations must now look at the often-temporary measures rushed out to support home workers that are now becoming standard. Where masses of laptops were hurriedly deployed, and cloud based filesharing systems were utilised to help teams collaborate – these devices and platforms need to be audited for security and compliance to standards such as GDPR. This will inevitably trigger more use of cyber security as a service – especially as the current shortage of skilled IT and Infosec staff grows.
Knowing where to start with your organisations cyber security can be confusing. Have you considered a dedicated cyber security platform to help reduce the risk of a cyber incident?