Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Profile
    • Privacy & Cookie Policy
    • Terms of Use
    • Contact Us
    • Advertising
    • Submit Post
    • Latest News
    • Research Reports
    • Press Release
    • Awards▾
      • About the Awards
      • Awards TimeTable
      • Submit Nominations
      • Testimonials
      • Media Room
      • Award Winners
      • FAQ
    • Magazines▾
      • Global Banking & Finance Review Magazine Issue 79
      • Global Banking & Finance Review Magazine Issue 78
      • Global Banking & Finance Review Magazine Issue 77
      • Global Banking & Finance Review Magazine Issue 76
      • Global Banking & Finance Review Magazine Issue 75
      • Global Banking & Finance Review Magazine Issue 73
      • Global Banking & Finance Review Magazine Issue 71
      • Global Banking & Finance Review Magazine Issue 70
      • Global Banking & Finance Review Magazine Issue 69
      • Global Banking & Finance Review Magazine Issue 66
    Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

    Global Banking & Finance Review® is a leading financial portal and online magazine offering News, Analysis, Opinion, Reviews, Interviews & Videos from the world of Banking, Finance, Business, Trading, Technology, Investing, Brokerage, Foreign Exchange, Tax & Legal, Islamic Finance, Asset & Wealth Management.
    Copyright © 2010-2026 GBAF Publications Ltd - All Rights Reserved. | Sitemap | Tags | Developed By eCorpIT

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    Home > Business > Cybersecurity threats challenging businesses in 2022
    Business

    Cybersecurity threats challenging businesses in 2022

    Published by Jessica Weisman-Pitts

    Posted on November 24, 2021

    5 min read

    Last updated: January 28, 2026

    An informative graph depicting the projected growth of the Health Caregiving Market from USD 233.02 billion in 2025 to USD 521.61 billion by 2032, highlighting a CAGR of 12.2%. This image enhances understanding of the market dynamics discussed in the report.
    Graph illustrating growth of the Health Caregiving Market to USD 521.61 billion by 2032 - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Quick Summary

    Ransomware and other cyber threats pose significant risks to businesses in 2022. Effective security controls and staff training are crucial for protection.

    Cybersecurity Threats Businesses Face in 2022

    By Dan Tremeer, NET Reply

    1. What is the top one or two cyber risks to companies right now? 

    Ransomware and the damage it causes is rightly making a lot of headlines right now and is the leading cyber risk to companies. Digging deeper, exploitable risks that require addressing are as follows

    1. There are many security products which do excellent jobs when they are fully configured and wrapped within high quality security operations. A high percentage of attacks are preventable with existing security controls with the right configuration and training of cyber staff. A worrying statistic is that on average it takes a business over 200 days to identify a breach, meaning controls are not effectively identifying bad actors’ presence. It is tough to find initial access and reconnaissance activities which skilled attackers apply.
    2. Security improvements over the past decade mainly focus on technology and tooling, but without providing security awareness to staff who often have access to sensitive data, server access or social media systems, many businesses put themselves at risk, and these staff are seen by attackers as the weak link to access organisations.
    3. Organisational resilience in the face of a major problem is a big problem for many businesses. If attackers were to take offline a major digital supplier for a significant period how many companies can confidently activate their disaster recovery (DR) plans efficiently? The recent Facebook disruption showed how many small businesses were totally dependent on it, and that is nothing compared to those relying on Azure or AWS.

      2. How do bad actors exploit the risk(s)? What techniques do they use?

    There are highly organised crime syndicates with numerous roles of varied sophistication. Gaining legitimate account credentials is the first step, so phishing and credential stuffing are two initial techniques which bear fruit and are sold or passed up the food chain. Bad actors with evasive hacking capabilities gain a foothold into target business they expect will have either highly sensitive data, or cannot operate significantly without their digital infrastructure (health services being one example). With companies offering so many access points for attackers to probe and analyse for weaknesses from the outside, businesses have to consider an attacker will have at least low level credentials, making the typical outside equals bad and inside equals good mindset is not a viable strategy, if it ever was in the first place! Another consideration is how capable a business is to defending against a major attack, this leads to smaller organisations being a tastier target for attackers than you might think. Larger organisations will more likely be able to activate DR, or have better controls to detect and respond.

    1.  How can organisations protect against the risk(s), both with technology and staff education?

    With adversaries becoming increasingly sophisticated and prevalent, modern security services are necessary for businesses to have a chance of successfully defending against persistent attacks across adapting and complex infrastructures. To identify bad actors earlier, Net Reply recommends businesses move to automated, machine learning solutions that leverage real time behavioural analysis and threat intelligence feeds, wrapped with effective controls, processes and staff training. Businesses should develop a data driven approach to understanding the effectiveness of their security controls by continuously testing their infrastructure and people. For the former, continuous security testing is a new service offering which solves many limitations of vulnerability scanning and manual penetration testing. There are a few different names – Threat Modelling, Breach & Attack Simulators (BAS) and Automated Penetration Testing provide consistent and constant testing and many provide clear reporting and remediation support. For the latter, developing a layered security awareness campaign using various formal and non-formal training techniques creates a culture of good security inside the organisation which have far reaching business value such as reduced overheads on service-desk and security staff.

    Businesses also need to test their DR plans and also carry out yearly incident preparedness exercises. Table-top walk-throughs are a minimum level of preparation, but practical testing is more likely to reveal problems. No-one wants to activate untested procedure for the first time during a real and live attack.

    1. How do you see the risk(s) evolving in the coming years?

    Over the past many years it has been demonstrated that crime does pay and Ransomware is likely to continue to be a major risk for businesses and agencies. We are seeing a trend that security vendors are working more collaboratively together to help reduce the impact of bad actors. and it’s now on government leaderships agenda’s so there are some signs it’s getting more attention, relying upon effective state level support is not a recommended strategy however as their chances of eradicating the problem are slim to none. We will see an unprecedented level of technology advancement in many fields which will have an impact on security such as AI, quantum computing etc. which will of course be leveraged by bad actors as well. With everything becoming connected, how long will it be until threat actors figure out ways to disable medical devices such as pace-makers, automatic blood sugar patches or insulin delivery etc. or gain access to a water facility, all could have drastic harmful consequences.

    Businesses are becoming more understanding of the areas of risk they maintain and are doing more about it such as putting assurance and governance processes in place to cover supply chain risk, cyber risk, insider threats, and disaster recovery planning, Staff are having to become more security savvy in their home and digital lives and will welcome having more advice from the business will go a long way to help businesses be more resilient to attackers

    Key Takeaways

    • •Ransomware is the leading cyber risk for companies.
    • •Many attacks are preventable with proper security controls.
    • •Phishing and credential stuffing are common attack techniques.
    • •Smaller businesses are often more vulnerable to attacks.
    • •Automated, machine learning solutions can enhance security.

    Frequently Asked Questions about Cybersecurity threats challenging businesses in 2022

    1What is the main topic?

    The article discusses cybersecurity threats challenging businesses in 2022, focusing on ransomware and other risks.

    2How can businesses protect against cyber threats?

    Businesses can protect themselves by implementing automated security solutions, enhancing staff training, and conducting continuous security testing.

    3Why are smaller businesses more vulnerable?

    Smaller businesses may lack the resources for robust security measures, making them more attractive targets for cyber attackers.

    More from Business

    Explore more articles in the Business category

    Image for Empire Lending helps SMEs secure capital faster, without bank delays
    Empire Lending helps SMEs secure capital faster, without bank delays
    Image for Why Leen Kawas is Prioritizing Strategic Leadership at Propel Bio Partners
    Why Leen Kawas is Prioritizing Strategic Leadership at Propel Bio Partners
    Image for How Commercial Lending Software Platforms Are Structured and Utilized
    How Commercial Lending Software Platforms Are Structured and Utilized
    Image for Oil Traders vs. Tech Startups: Surprising Lessons from Two High-Stakes Worlds | Said Addi
    Oil Traders vs. Tech Startups: Surprising Lessons from Two High-Stakes Worlds | Said Addi
    Image for Why More Mortgage Brokers Are Choosing to Join a Network
    Why More Mortgage Brokers Are Choosing to Join a Network
    Image for From Recession Survivor to Industry Pioneer: Ed Lewis's Data Revolution
    From Recession Survivor to Industry Pioneer: Ed Lewis's Data Revolution
    Image for From Optometry to Soul Vision: The Doctor Helping Entrepreneurs Lead With Purpose
    From Optometry to Soul Vision: The Doctor Helping Entrepreneurs Lead With Purpose
    Image for Global Rankings Revealed: Top PMO Certifications Worldwide
    Global Rankings Revealed: Top PMO Certifications Worldwide
    Image for World Premiere of Midnight in the War Room to be Hosted at Black Hat Vegas
    World Premiere of Midnight in the War Room to be Hosted at Black Hat Vegas
    Image for Role of Personal Accident Cover in 2-Wheeler Insurance for Owners and Riders
    Role of Personal Accident Cover in 2-Wheeler Insurance for Owners and Riders
    Image for The Young Rich Lister Who Also Teaches: How Aaron Sansoni Built a Brand Around Execution
    The Young Rich Lister Who Also Teaches: How Aaron Sansoni Built a Brand Around Execution
    Image for Q3 2025 Priority Leadership: Tom Priore and Tim O'Leary Balance Near-Term Challenges with Long-Term Strategic Wins
    Q3 2025 Priority Leadership: Tom Priore and Tim O'Leary Balance Near-Term Challenges with Long-Term Strategic Wins
    View All Business Posts
    Previous Business PostGet to Know Your IT Admin
    Next Business PostThree strategies for any SMB to get started with data science