Although technologies and their impacts can change quickly, adjusting business operations accordingly often takes time. Thus, knowing about important IT developments sooner rather than later is important. It can give companies the time they need to avoid potential problems or take advantage of opportunities.
Here are three IT trends that will affect all organizations, no matter their size or industry:
1. Tech Will Become More Regulated
Technology has been advancing at a fast pace, with little legislation overseeing its use. But that’s about to change. The undesirable effects from some technological advancements are prompting an increasing number of governments to pass legislation governing their use. “In 2022, expect an avalanche of new laws and regulations attempting to govern and impose order on a dizzying array of tech developments,” said Omer Tene, a partner at Goodwin and senior fellow at the International Association of Privacy Professionals (IAPP).
In the United States, many of the new laws and regulations will deal with protecting consumers’ privacy and their personal data. Three states — California, Colorado, and Virginia — have already passed laws, laying the groundwork for others to follow. Stacey Gray, a privacy-law expert who recently testified in a US Senate hearing on privacy protection, expects that Alaska, Florida, Maryland, New Jersey, Oklahoma, and Ohio will follow suit.
The European Union is leading the way for drafting and passing many other types of tech legislation. It has several legislative proposals in the works, including the Artificial Intelligence Act (AI Act), Digital Services Act (DSA), and Digital Markets Act (DMA). “A veritable alphabet soup of tech regulation affecting digital platforms, digital services, online marketing, data intermediaries and more, is materializing and set to become law on the books,” said Tene.
The EU’s AI Act would especially have far-reaching consequences. For instance, it would prohibit using facial recognition tools in public places and using AI to create social scoring systems. In comparison, the US National AI Initiative Act, which went into effect January 1, 2021, is designed to provide “a coordinated program across the entire Federal government to accelerate AI research and application for the nation’s economic prosperity and national security.”
2. Data-Sharing Tools That Preserve Privacy Will Be More Readily Available
Using data to gain business insights requires a large amount of data. One way to obtain it is through data sharing. Gartner predicts that, by 2023, organizations that promote data sharing will outperform their peers on most business-value metrics.
With data privacy laws becoming more prevalent, companies will need to use data-sharing tools that preserve privacy. Fortunately, they will be more readily available this year. “2022 is going to be the start of us having real tools to work with people’s data while preserving their privacy,” said Eric Rescorla, the chief technology officer at Firefox. “Cryptographers have been working on technologies like multiparty computation, zero-knowledge proofs, and homomorphic encryption for years, but they’ve finally gotten good enough that they’re practical for real-world problems.”
These tools are poised to “liberate organizations and their data from privacy’s shackles,” according to experts at Deloitte. “Approaches such as FHE [fully homomorphic encryption], differential privacy, and functional encryption make it possible for organizations to reap the benefits of data sharing without sacrificing privacy.
3. Ransomware-as-a-Service Will Continue to Plague Businesses
Some ransomware gangs let other cybercriminals use their programs for a share of the profit, a practice referred to as the Ransomware-as-a-Service (RaaS) business model. The infamous Colonial Pipeline ransomware attack in May 2021 was based on this model. Cybercriminals broke into Colonial Pipeline’s network and then infected it with an RaaS variant called Darkside, according to the US Federal Bureau of Investigation (FBI).
In 2021, the RaaS model became increasingly popular among ransomware gangs and cybercriminals alike — and that trend is expected to continue.
“In 2022 and beyond, the RaaS business model will continue to dominate the threat landscape for ransomware attacks, as this model permits experts in ransomware construction to continue to build and improve their product, while giving experts in ‘initial access’ break-ins the ability to focus on this task with increasing intensity,” according to Sophos threat analysts. “We’ve already seen these RaaS threat actors innovate new ways to break into progressively more well-defended networks, and we expect to see them continue to push in this direction in the year to come.”
Other threat analysts also foresee RaaS attacks continuing on an upward trend. “In 2022, the RaaS model will see continued growth, as it has proven to be an incredibly efficient vehicle for maximizing profits,” said Troy Gill, senior manager of threat intelligence with Zix.
For many small and midsize companies, cybersecurity is a priority but not a core competency. Contact us to learn how Xantrion’s managed service offerings can free you from the burden of cybersecurity, and regulatory compliance when necessary, to ensure that your entire team, from leadership on down, can work confidently and productively.