While most of us are celebrating the holiday season, cyber attackers are planning their next wave of breaches. Sad, but true. So what should security experts be planning for?

Every year technology makes things a litter faster, cheaper or both. It’s the wonder of innovation – and it’s been this way for two hundred years. But new every advance brings some downside. And in the digital era, it’s cybercrime. Regrettably, for all the benefits ushered in by online connectivity, there are criminals dreaming up thefts and deceptions that take advantage of flaws in data storageidentity and encryption.

Every year the number of attacks appears to grow. In 2021, for example, the FBI 2021 Internet Crime Study reported 847,376 complaints in the US alone. That’s a seven percent increase from 2020. Meanwhile the Anti-Phishing Working found that in Q1 2022 there were 1,025,968 attacks — the worst quarter for phishing to date.

And the financial damage is growing too. In 2022, the average cost of an attack reached $4.35 million – up 2.6 percent on the previous year, according to IBM’s Cost of a Data Breach Report.

On the flip side, cybersecurity experts are developing new tools to repel attacks. Also, awareness of the risks is growing. And given that criminals target employees as much as they do systems, this is an important development.