2022 Predictions: Embracing Low-Code Security Automation

By on
Read more about author Cody Cornell.

There was one headline-grabbing breach after another this year. As we head into 2022, we sat down to reflect on 2021 in order to predict what key themes enterprises should expect to see in the new year. Amid rising threats and an ongoing skills shortage, we believe companies will increasingly embrace low-code security automation in 2022 to centralize security processes and cut down on process and data fatigue.

We also expect to see ransomware payments double amid the proliferation of ransomware-as-a-service (RaaS), and a large-scale software supply chain attack will take down a major cloud computing service. Additionally, as the midterm elections approach, hacking for a political or social cause will increase by a double-digit percentage, and congress will fail to take action on reigning in social media companies. 

Let’s explore further. Below, find two of my predictions for 2022, followed by more from my team.

Cody Cornell, Chief Strategy Officer & Co-Founder, Swimlane:

Organizations will increasingly adopt low-code security automation. In 2022, low-code security orchestration, automation, and response (SOAR) will grow beyond the Security Operations Center (SOC) to serve as a system of record for the entire security organization. As companies struggle to adequately staff security teams – and fallout from “The Great Resignation” adds additional stress across the organization – low-code automation will help security operations overcome process and data fatigue, and keep teams highly engaged. Companies will seek to use low-code automation to harness the collective knowledge of their entire security organization and form a centralized system of record for operational data.

Biden’s threat hunting mandate will create new federal cyber positions. Under President Biden’s Executive Order on Improving the Nation’s Cybersecurity issued in May, Federal Civilian Executive Branch (FCEB) Agencies must coordinate with the Cybersecurity and Infrastructure Security Agency (CISA) to proactively conduct threat hunting activities. This requirement was introduced to help agencies formulate a more coordinated response to cyber threats. While threat hunting will have a long-term positive impact on the federal government’s cybersecurity posture, in 2022 we can expect it to cause growing pains as federal agencies seek to increase visibility, determine a scalable strategy, hire and train threat hunters, and update procedures. 

Nick Tausek, Security Solutions Architect, Swimlane:

Attacks on companies for social justice will increase by a double-digit percentage. This year, we have seen an increase in both internal and external actors breaching companies, highlighted by Epic and Twitch, for “ethical” reasons versus purely financial intentions. In 2022, there will be a significant increase in hacking for a political or social cause. Most organizations in this position will fail to adequately respond to the threat of exposure by focusing only on “clamping down” internally to prevent leakage rather than addressing problematic business cultures that make employees want to go rogue.

The federal government will fail to begin regulating social media companies ahead of the midterm elections. Facebook whistleblower Frances Haugen’s testimony before Congress in October cast a spotlight on the need for social media regulations. Many see the latest allegations of widespread negligence as the final straw. Social media companies like Facebook that carry large fractions of the world’s communications, from personal messaging to business traffic, can no longer be trusted to self-regulate. The need for greater transparency into social media companies’ moderation practices has been clearly highlighted to Congress and the general public. There needs to be insurance that they are not being influenced by entities hostile to the United States, such as when Facebook sold political ads to accounts that paid in Russian rubles leading up to the 2016 election. Although numerous pieces of legislation will be proposed in the House and Senate after the conversation was reignited, the flame will quickly die out in 2022 as political gridlock keeps Congress from officially taking the oversight process into their own hands to curb disinformation tactics.

Josh Rickard, Security Solutions Architect, Swimlane:

A large-scale software supply chain attack will take down a major cloud computing service. As organizations add more third-party SaaS and IaaS providers to their technology stack, the impact of cyberattacks on centralized cloud services will have a broader impact. In 2022, we will see cybercriminals take advantage of misconfigured SaaS APIs to exploit private data at an unprecedented scale. This will lead to a large distribution of core software code becoming compromised and impacting thousands of organizations across the globe.

The average ransomware payout will double as ransomware-as-a-service (RaaS) proliferates. Over the last several years, we have seen ransomware groups such as DarkSide and REvil successfully franchise their ransomware services to attackers. Similar to how cybercriminals have developed phishing kits to launch attacks with minimal effort, ransomware groups will seek to grow the RaaS ecosystem and improve infrastructure. In 2022, this will make it even easier to deploy ransomware attacks and will lead to a rise in more sophisticated attacks such as double extortion.


In our current landscape, every company is a technology company regardless of their offering, which means lacking the right cybersecurity tools can dramatically influence the bottom line. The new year is a time of reflection. It serves as an excellent opportunity for organizations to evaluate their cybersecurity posture against the threat landscape and make strategic changes to stay ahead of the adversary. 

Leave a Reply