Image
5 Key Cyber Regulatory Predictions for 2022

5 Key Cyber Regulatory Predictions for 2022

Cybersecurity regulations were long viewed as an esoteric afterthought, even as technology exploded into every corner of our lives. But that's no longer the case, as governments and businesses seek to get a better grip on privacy regulations and data protections.

At Egnyte, we track legal and regulatory trends closely so we can better serve our customers and respond to changes. Based on those observations, here are our cybersecurity regulation predictions for 2022.

1. Privacy Regulations Will Continue to Expand and Businesses Will Get Involved

Privacy regulations are rapidly expanding everywhere, and there’s little doubt this trend will continue to gain traction next year. The U.S. federal government has often lagged behind other parts of the world, including the EU and UK, which have spearheaded privacy policies in Europe with GDPR. However, the U.S. is catching up, mostly at the state level.

In 2022, expect local governments such as city councils to begin to pass their own regulations, wherever possible. This will make an already confusing regulatory landscape even more confusing, which will lead vertical industry consortia to propose their own set of privacy best practices in hopes of stalling more complex (and potentially expensive) regulations.

2. Insurance Companies Will Have Greater Influence

Notable payouts have been recorded as business-risk insurance companies begin to cover ransomware losses. Some customers may see policies cancelled, but most will see major rises in premiums to cover insurance losses. 

Expect business insurance companies to become even more prescriptive and require clients to follow cybersecurity best practices to keep rates down. As a result, insurance companies will begin conducting more assessments to determine security posture and reduce risk. 

Finally, as major insurance companies converge on the policy requirements, conformance to best practices will begin to be treated as de facto regulations. 

3. Cyber Risk Management Will Become Integral to Business Risk

Corporate financial reporting obligations will include risks to customer and partner data as part of standardized reporting. In fact, the American Institute of CPAs, the largest member association for accounting professionals, already places greater emphasis on cybersecurity during financial audits.

As a result of more stringent cybersecurity risk reporting, more boards of directors will set up formal risk management sub-committees to address cyber risk and hold company executives accountable.

4. New Ransomware Laws Will Emerge

Egnyte has observed political discussions in various countries that are considering passing laws and regulations on ransomware payments. In the U.S., bounties are being offered for ransomware criminals, but some smaller countries are taking it a step further. They are considering outlawing ransomware payments altogether to discourage the activity. These countries have begun to view ransomware attacks on major companies as attacks on critical economic infrastructure.

5. Contract Language Around Risk Will Standardize 

In the wake of recent supply chain attacks, legal teams will develop much more detailed contract terms to manage cyber risk in 2022. Indeed, clauses defining and assigning liability for cyber risk will become part of standard terms and conditions in routine contracts going forward. 

As a result, arbitration will become much more technical, which is likely to increase the cost of settlements and prolong business negotiations. 

Prepare Your Business for What’s To Come

No matter what happens, regulations are expected to become even more complex in 2022, making compliance even more difficult for companies like yours. Egnyte will continue to provide updates on our support of additional regulations and standards that help our customers manage their data effectively, including adding to our list of pre-defined regulatory policy filters. 

To learn more about how Egnyte can assist with this process, check out our risk dashboard and reporting capabilities.

And for more predictions, check out our companion piece on the new cyberattack threats and trends we expect to emerge in 2022.

 

Share this Blog

Don’t miss an update

Subscribe today to our newsletter to get all the updates right in your inbox.

By submitting this form, you are acknowledging that you have read and understand Egnyte’s Privacy Policy.