The Information Security Forum (ISF), a London-based authority on cybersecurity, information security and risk management has released Threat Horizon 2022, the latest in a series of annual Threat Horizon reports. Threat Horizon 2022 highlights nine major threats, broken down into three themes, that organizations can expect to face over the next two years as a result of increasing developments in technology. 

Threat Horizon 2022 focuses on particularly difficult cybersecurity challenges in a way that is relevant to senior business managers, information security professionals and other key organizational stakeholders. The three key themes in the latest report include:

Theme 1 – Invasive Technology Disrupts the Everyday: New technologies will further invade every element of daily life with sensors, cameras and other devices embedded in homes, offices, factories and public spaces. A constant stream of data will flow between the digital and physical worlds, with attacks on the digital world directly impacting the physical and creating dire consequences for privacy, well-being and personal safety.

Major threats: 

  • 1.1 Augmented attacks distort reality. 
  • 1.2 Behavioral analytics trigger a consumer backlash
  • 1.3 Robo-helpers help themselves to data

Theme 2 – Neglected Infrastructure Cripples Operations: The technical infrastructure upon which organizations rely will face threats from a growing number of sources: man-made, natural, accidental and malicious. In a world where constant connectivity and real-time processing is vital to doing business, even brief periods of downtime will have severe consequences. It is not just the availability of information and services that will be compromised – opportunistic attackers will find new ways to exploit vulnerable infrastructure, steal or manipulate critical data and cripple operations.

Major threats:

  • 2.1 Edge computing pushed security to the brink
  • 2.2 Extreme weather wreaks havoc on infrastructure 
  • 2.3 The Inter of Forgotten Things bites back

Theme 3 – A Crisis of Trust Undermines Digital Business: Bonds of trust will break down as emerging technologies and the next generation of employee’s tarnish brand reputations, compromise the integrity of information and cause financial damage. Those that lack transparency, place trust in the wrong people and controls, and use technology in unethical ways will be publicly condemned. This crisis of trust between organizations, employees, investors and customers will undermine organizations’ ability to conduct digital business.

Major threats:

  • 3.1 Deepfakes tell true lies
  • 3.2 The digital generation become the scammer's dream
  • 3.3 Activists expose digital ethics abuse

Security Magazine spoke to Steve Durbin, managing director of the Information Security Forum, about the threats we can expect now and over the next two years. 

Security magazine: How will the coronavirus impact these threats and organizations in the next year? Could healthcare organizations be expected to enforce tighter cybersecurity measures as a result of the increase of attacks on their networks during this time?

Durbin: The Threat Horizon is unique in that it is the only annual report that looks forward two years to predict the threat landscape whilst rigorously reviewing the past three years of predictions. In this way the reader is provided not only with a degree of confidence in the threats, and more importantly the mitigating actions to combat such threats, but also with an update on the veracity and accuracy of the predictions.  Before studying the predicted threats, the ISF encourages the security or business professional to assess the forecasts in the context of their own organization.  Every organization will have its own view, its own risk appetite and will have its own approach to risk assessment.  The real value of the Threat Horizon is not just in the threats but in the discussion it promotes across the organization of its ability to deal with the unexpected and to ensure that business resilience is developed and maintained.

With regard to the impact of coronavirus, on these threats, I do not believe that the virus will necessarily change the threats, what it will certainly do is change the lens through which the threats are viewed.  The pandemic will change significantly the way in which organizations view threats and risk assessment, requiring many to enhance their current approach to risk assessment and mitigation of threats with an added focus on business resilience.  In this regard, I would expect reports such as the Threat Horizon to play an increased role in the risk assessment processes and scenario planning responses at most forward looking organizations.  The value of the Threat Horizon lies in the tools it provides to assess the impact of a threat – radar assessment, understanding of vulnerabilities as they relate to departments, locations, definition of risk appetite and the associated scenario planning tools resulting in the development of a response playbook.  The threats we identify are fundamental to helping the organization think longer term and identify strategic responses to potential threats.

As for healthcare organizations, these have been hit exceptionally hard in responding to the pandemic – their focus is on saving lives.  The task of the security department is to ensure that equipment, systems are also protected to allow the core business to function in this regard.  As we have seen with ransomware attacks against hospitals, cybercriminals continue to see the ongoing disruption as an opportunity to make a dollar out of a crisis.  The challenge for security departments is how to provide an appropriate level of security to address the increase in threats whilst not hampering the ability of the organization to respond.  This requires a keen focus on vulnerabilities across the network and greater vigilance in the monitoring across the extended enterprise during this time.


Security Magazine: What can we expect in terms of new regulations or compliance to privacy laws?

Durbin: There is much discussion at the moment around the increased use of tools to monitor the population be it through facial recognition, apps or monitoring of mobility in pursuit of maintaining health guidelines and tracking those vulnerable to coronavirus along with potential sufferers.  Whilst privacy campaigners are voicing concerns over the access to and use of personal data post pandemic, I do not expect to see a significant shift in terms of new regulations or privacy laws introduction in the near term.


Security Magazine: Why will artificially intelligent malware amplify attacker’s capabilities? What’s the difference between your average malware attack and artificially intelligent malware?

Durbin: Attackers will take advantage of breakthroughs in Artificial Intelligence (AI) to develop malware that can learn from its surrounding environment and adapt to discover new vulnerabilities, exposing information including mission critical information assets.  In addition, AI may be used to spread misinformation and for social engineering campaigns.  AI has the potential to increase the sophistication of malware to the point where it is practically impossible to reverse engineer. By easily bypassing modern antivirus and malware detection software, AI enabled malware may have the ability to listen for specific words, target a user’s voice, identify advanced images and employ facial recognition.  It may also be harder to detect, employing a self-destruct mechanism and combining various attack techniques to be most effective.


Threat Horizon 2022 can be used to stimulate discussion and debate with business leaders and stakeholder and to analyze the possible impact of future threats. It also offers a basis for developing a forward-looking cyber resilience strategy. For more information, visit