Trends for the digital transformation 2022

top cybersecurity companies

Persistent chip shortages, hybrid working, ransomware, Zero Trust, 5G and Edge will shape the year 2022, says Nathan Howe, VP Emerging Technologies, 5G at Zscaler, in a guest post.

The worldwide pandemic situation ensures that the hybrid working world with commuting between Home Office and office presence is still on the agenda and multicloud environments are also picking up speed. Accordingly, the IT infrastructure must be scrutinized with regard to the new requirements of cloud environments, IT security, performance and availability. In addition, holistic digitization strategies are subject to new trends that are shaped by edge computing, 5G and the merging of information technology (IT) and operational technology (OT) security. The Zero Trust security concept is there to meet these requirements.

  1. The global chip shortage will lead to a re-evaluation of hardware-based security

The pandemic sparked a run on firewalls to protect networks as companies had to expand their security infrastructures. On the other hand, there are still noticeable effects of the global shortage of chips, which will continue to lead to delayed delivery times for security hardware in 2022. As the security of the new hybrid work environment will remain a dominant issue, a rethink will set in. IT security departments will increasingly be less willing to accept long delivery times of 6 to 9 months. In order to reduce the dependency on hardware, cloud-based security solutions based on Zero Trust are starting to replace them. Established security approaches for perimeter security will become less important when it comes to flexibly securing multicloud environments and mobile employees.

  1. Hybrid working will lead to the restructuring of the IT infrastructure

The pandemic has changed the way workers organize their personal and work life. In the future, the decision will be in favor of employers who make it possible to work from anywhere. Flexible workspaces will lead to investments in collaboration tools and wireless connectivity as well as accelerate cloud-agnostic technologies. Hybrid work is becoming the new normal, which is why companies will accelerate their digital transformation in order to ensure fast and secure access to cloud resources. The introduction of cloud-native services that enable access from anywhere is of central importance for such a modernization of the infrastructures. Security policies and practices to protect flexible working practices will be adjusted accordingly to suit user-friendliness requirements to support application access from all locations.

  1. Protection against ransomware remains a top priority

The threat posed by ransomware remains high as companies adjust to hybrid work and adapt their IT infrastructure and security protocols to the new world of work. With ransomware attacks becoming more sophisticated and dizzying costs for businesses, the focus must be on ransomware prevention and data recovery in order to avert the risk of reputational damage. It starts with anti-ransomware tools, which quarantine and analyze files before they run to prevent infection, as well as checking encrypted traffic to reduce risk. Insight into all traffic will become critical in the fight against ransomware.

  1. Zero trust requires a clearer definition

Different zero trust interpretations cause more confusion than clarity and jeopardize the sensible introduction of rule-based security. Even so, companies will continue to accelerate the proliferation of Zero Trust in response to the ongoing threat of ransomware and other types of cybercrime. A holistic approach is necessary to take full advantage of Zero Trust: IT teams that are only influenced by the Zero Trust hype, without a thorough understanding of the approach, have to beware of “tick box” purchases . There is a great need for education in order to clarify the risk tolerance approach of Zero Trust and to do away with the implicit trust in traditional networks. Without the restriction of trust in accessing applications and data, zero trust will be doomed to fail.

  1. Real-time requirements will drive 5G and edge computing

IoT services, which require almost real-time data exchange, will challenge 5G to deliver on the promise of data transmission speed. The demand for latency reduction will be addressed in a number of ways, e.g. B. through edge computing. Edge technology brings applications closer to end users and 5G makes it possible to process information where it is collected. Similarly, security for the end user must be located where users access devices and apps. Machine-to-machine applications will have access to the same type of access, in which all connections are checked and secured on a rule-based basis. 5G promotes a cloud model, as devices not only have to connect to a cloud edge or a data center, but can also support a wide range of applications at the same time.

  1. Automation can get smarter through artificial intelligence and machine learning, but opinions also differ

Artificial intelligence and machine learning will help identify and respond to modern cyber threats. These technologies will be used to automate processes and support decision making on a larger scale. However, for some applications that do not set clear boundaries for the protection of privacy, they will lead to uncertainty and divide public opinion. The debate about artificial intelligence will therefore continue to raise questions about the protection of privacy, for example with the use of biometric face recognition. The public will want clarity on how their privacy is protected and without further developments in this regard, the wider adoption of such technologies will be hampered.

  1. Workload orchestration is becoming a priority

The orchestration of workloads across the cloud, the edge and the data center will become more important as these workloads follow the user across a wide range of areas. Organizations will recognize the need to protect workload data as it moves through cloud environments. Accordingly, security mechanisms must be linked to the workload and not to the cloud platform. Multi-cloud implementations therefore require governance models that help determine who can access what and where the data can move. Cloud-agnostic multi-vendor strategies require clear IT and security guidelines.

  1. Companies will learn to be better informed about their data flows to the Internet when the internal network takes a back seat

The importance of the corporate network will continue to decline, while at the same time the Internet is advancing to become a connective tissue for companies and will replace the classic corporate network. The culture of location-independent work and the greater focus on cloud services will stimulate the demand for connectivity as a service model with improved IT security, usability and increased control functions. As companies move towards connectivity as a service, security-as-a-service technology will provide advanced security functions from the cloud, thereby simplifying IT infrastructures. In this context, a rule-based access model to applications is becoming more important, since users increasingly access their required applications from anywhere.

  1. Operational technology will be modernized

Operational Technology (OT) is lagging behind IT when it comes to modernizing its security and continues to provide increased attack surfaces. Due to the dovetailing of OT and IT, OT represents a higher risk for IT and must be modernized so that the risk to business continuity is kept to a minimum. Costly security incidents endanger production facilities and will damage companies’ reputations. Manufacturers of OT systems have to be more willing to integrate security into their products, test them consistently and consistently demonstrate security. With the increasing spread of digitized OT, such a viable security approach will advance to best practice in order to meet modern requirements.

  1. Technical contaminated sites will endanger companies

VPNs, remote desktops, jump boxes and other solutions that are rushed into the network to meet the connectivity needs of a workforce working from anywhere pose an increased risk to corporate IT infrastructures. Hastily introduced solutions meet their purpose, but can quickly become a burden if their implementation is not assessed for security risks together with the entire IT infrastructure. Technical debt is often difficult to resolve, and the associated security challenges will therefore increase unless companies regularly analyze their attack surface. Measures to eliminate incorrect configurations must therefore be placed on every IT security agenda.

Leave a Reply

Your email address will not be published. Required fields are marked *