19 Dec Security predictions for 2022: part one
As 2021 draws to a close, security experts are trying to guess at what the threat landscape may look like next year. We speak to some experts to take their predictions and invaluable insights into the coming trends we could be seeing in 2022.
Connection across hybrid environments
To the end user, the architecture being used to deliver services has become invisible. Whether processing takes place on a device, local server or in a remote data centre, everything is connected. Given that ‘connected’ has become the default, we do believe that most surveillance solutions will ultimately be hybrid; combining cloud, on-premise server and edge technologies. Axis Communications
Enterprises will increase their investment in identity security solutions
The rise in third-party attacks, remote working security risks, and the continuing evolution of ransomware have driven home the fact that traditional security solutions are no longer enough. Enterprises need to invest in Identity Detection and Response (IDR) solutions capable of providing expanded exposure visibility and detection specific to credential misuse, excess entitlements, privilege escalation, and other common identity-based attack activities. Attivo Networks
Two clear paths to SASE emerge
As SASE deployments enter the early majority stage of the adoption lifecycle, the market will see a clear split in approaches. Small and medium size enterprises are likely to be attracted to the all-in-one SASE offerings, where simplicity and ‘one throat to choke’ take priority over advanced capabilities. On the other hand, large enterprises will remain unwilling to compromise on security, reliability, or the quality of user experience. They will look to a dual-vendor approach, pairing a best-of-breed SD-WAN partner for on-prem security and WAN facing capabilities, with a fully-fledged cloud-delivered security partner delivering secure web gateway (SWG), cloud access security broker (CASB), and zero trust network access (ZTNA) services. HPE Aruba
More white noise means greater opportunities for stealth
Because of the rise of VPN technology used to deliver remote-working facilities, threat hunters now have considerably more data to sift through when looking for suspect processes. Because this makes intrusion detection more difficult, next year’s malicious parties will enjoy more time between entering an environment and being discovered. BeyondTrust
XDR: Improving Protection with AI
With the shift to work-from-home or hybrid work models, the rollout of 5G wireless, and the explosion of IoT (Internet-of-Things) devices, virtually everything is connected today. This connectivity provides a variety of benefits in terms of productivity and convenience, but it also exposes organisations to significant risk which makes Extended Detection and Response (XDR) crucial.
There is almost universal agreement that XDR is the next thing, but the definition of what XDR is and the best way to achieve it is still being debated.
The industry will reach some consensus in 2022 and leaders will emerge as the dust settles in the XDR market. Regardless of how we define XDR, the scope and volume of threats demands that artificial intelligence (AI) play a central role in making it effective. Cybereason
The unifying of OT and IT security
As complexity continues to be the bane of regional security teams, stakeholders across departments understand that cybersecurity must extend to all technology used by the business. As far along the road as we are in the Fourth Industrial Revolution, it is inevitable that sooner or later we would have to think of OT and IT under a single umbrella.
The risk to physical equipment has been apparent in the region for years. Not only have petrochemical companies long been the targets of threat actors, but this year’s Colonial Pipeline incident in the US served as a stark lesson to organisations that use any solution that exposes physical machinery to the lawlessness of the public Internet. As such, 2022 will be the year when a single CISO becomes responsible for OT and IT security. Qualys