New threats, new apps, new players, but data plays the biggest role in shaping the future.
2021 Attacks Set New Records
You may get tired of hearing all the doom and gloom of hooded cybercriminals and potential threats. But the reality is, your data, your company, and your personal identity is at continued risk.
Just looking back, 2021 had its fair share of cybersecurity incidents, and some incredibly resounding ones at that. There was the Colonial Pipeline breach, where suddenly, the U.S. fuel supply was at risk of coming to a grinding halt. A ransom of $2.3 million in Bitcoin was paid to avoid that catastrophe.
In the land of social media, tens of millions of Facebook, Instagram and LinkedIn profiles were exposed due to an unsecured database. The monolith that is Facebook went down, along with Instagram.
Even online retailers were targeted. Bonobos, a popular men’s clothing retailer, was hacked and a cybercriminal snatched addresses, phone numbers, and partial credit card data belonging to over 7 million shoppers.
Not to mention the added impact of COVID-19, and the number of healthcare organizations that were opportunistically attacked at a time when they were stretched way too thin.
So where is all this going in 2022?
You can likely expect a continued rise in attempted attacks and new methods of targeting. But the one element to the advancement of security measures that will make a huge difference next year is data. And more specifically, cloud data.
According to Techjury, it’s estimated that 1.145 trillion MB of data is created per day. On average, every human created at least 1.7 MB of data per second in 2020. Per second, think about that. And 2021 saw over 4.66 billion active internet users. That’s 60% of the world’s population. Data is the key treasure in every situation and having a plan to safeguard yours is paramount.
The Top 5 Cloud Security Predictions (Plus a Bonus One)
1- Increased Investment will Lead to Better Cloud Security
Each and every year we see more and more investments in cloud security. And that’s a good thing!
According to tech analyst Gartner, worldwide spending on information security and risk management technology and services was forecasted to grow 12.4% in 2021 to reach $150.4 billion in 2021. That’s nearly double the spending growth from 2020, at 6.4%. This aligns with Gartner’s 2021 CIO Agenda survey, where 61% of those surveyed stated increasing investment in cybersecurity was their top priority.
And the spending spree won’t slow down for a while. Cybersecurity Ventures is predicting that, because of the need to protect increasingly digitized businesses, IoT devices, and consumer data, global spending on cybersecurity products and services will rise to $1.75 trillion cumulatively for the five-year period from 2021 to 2025.
More specifically, cloud security is growing faster than the rest of the security market. According to Gartner, cloud security spending is projected to increase 41.2% between 2020 and 2021. Cloud security was the “smallest, but fastest growing” market segment, expected to reach $841 million this year.
What does all of this mean? Better cloud security.
While the spend is astronomical, the need is there. Data protection is the highest priority for many organizations, especially since much of the data is housed in the cloud. Consumers and businesses expect protection and they will weigh in with their dollars. It’s essential for companies, governments, and other entities to continue to invest in data protection in order to reach a better outcome; enable the democratization of data, but safely.
In short, life will be better, business will thrive, and cybercriminals will begin to be thwarted as more investments are made.
2 – Cloud Data Protection Will Make Strides to Keep up With Data Democratization
Digital Transformation. While that phrase is being batted around a bit frivolously, the reality is there: Every organization, no matter how big or small, is changing the way they operate through digital technology. And the majority of these changes involve taking processes and data to the cloud and making data accessible to everyone in the organization. This is data democratization.
How does one define data democratization? In our view, it’s the ongoing process of enabling everybody in an organization, irrespective of their technical know-how, to have universal access to data, to work with data comfortably, and as a result, make data-informed decisions in their roles, creating new opportunities and improving customer experiences.
Simply said, in our continual movement toward digital transformation, data is the new currency. It becomes the critical factor in making informed business decisions, making the right investments, and delivering personalized experiences that consumers are not only anticipating, but expecting.
Think about how many organizations exist solely for the data they have. Companies like Facebook (now Meta), YouTube and Twitter offer free services but bring in huge revenues from advertising based on the customer data they hold. Many companies rely on, and pay significantly for, access to the customer data. So as more data moves to the cloud, and more access is gained, the need for data protection increases.
Also in our view, we recognize how important data is, and how even more important it is to protect it. Protecting and monitoring your data is crucial to survival.
You have to know the answers to five very important questions:
- Where is my data?
- Who has access?
- What’s the security posture?
- Who owns the data?
- Where is my data going?
Right now, data democratization is outpacing data security, as developers have more freedom and agility with shift left, data protection teams have been left behind. But one sensitive breach can bring a company to its knees. So as more investments are made in the digital transformation, more investments are going to be made in data security and risk management.
2022 will see cloud data protection begin to keep pace with data democratization.
3- Cloud-Native Security Tools Will Become Mainstream
As more data is moved to the cloud, more workloads, processes and solutions are being natively built and run there.
A cloud-native tool or application is a program that is designed for a cloud computing architecture. These applications are run and hosted in the cloud, and are designed to capitalize on the inherent characteristics of a cloud computing software delivery model.
Security solutions built for the cloud, in the cloud aren’t totally mainstream yet, but are growing much faster than their legacy counterparts. In 2022 we’ll start to see many more of them arise and mature.
Some larger and established organizations recognize this and are beginning to add capabilities to keep up. Many have made huge investments in acquisitions to try and re-define themselves as cloud-native and serve customers better.
There are many advantages to security apps that are built and run in the cloud, and we will see that become mainstream in the course of the next year.
4 – Security Teams Will Move from Gatekeepers to Enablers
In many organizations, the security team is deemed the gatekeeper. The ones that stop business teams from launching their newest project, or forcing developers to pass through rigid steps before finishing their application. It’s incumbent upon the security team to ensure every process follows strict security protocols, so historically, they are viewed as a barrier or hindrance within the organization; the ones stifling progress for rules that everyone else doesn’t understand.
You might have had this experience. Frustrating, right? Even when you know there is a legitimate reason, it’s still keeping you from finishing your project the way you had intended. The security team has always been thought of as the “you can’t do that” department, but we want the security team to be the “I want you to do that but in a safe fashion“.
Well, 2022 is going to see that change, as security teams move from being the ever-scorned gatekeepers, to the much-adored enablers.
Why is this? Because as mentioned in item number three above, more applications are being built in the cloud, as opposed to on-premises. Cloud application developers don’t have as many restrictions, and don’t have to wait on a vast array of stakeholders to move to the next phase. At the same time, security teams are beginning to deploy cloud-native solutions that continuously monitor and enforce policy enabling a “trust but verify” stance. This way developers are not hindered and security teams can also move at the speed of cloud.
Businesses need to move fast. They have to adapt, adjust, and grow to keep up with market demands, go after opportunities when they arise, and meet their customer’s ever-changing expectations. They can’t afford to have security shut them down. So to continue the digital transformation yet stay secure, the once-restricted gatekeepers will harness the power of cloud development and become enablers. Everyone wins.
5 – Best of Breed Tools Will Continue to Emerge, not Consolidate…Yet
Take a guess at how many cybersecurity vendors and solutions are out there. 250? 1,000? 2,000?
According to The Cyber Research Databank, there are more than 3,500 cybersecurity vendors in the market. And that’s likely a conservative number.
If you’re a security leader, you’re probably getting bombarded with offers, ads, and pitches for the necessity of every vendor’s solution. There’s no way to pay attention to it all. And you may wish there was just one tool that was best-of-breed and was the one-stop-shop for all of the features and capabilities you needed. How nice it would be to have one tool as opposed to 10.
Yes, consolidation is happening. Yes, it would be great to have more consolidation. But we think proliferation and more best of breed will continue to dominate in 2022..
Why is that?
Let’s take Covid-19 as an example. Think of the virus as a new breach. When that breach hits, people scramble to build the defense to battle it, keep it at bay and hopefully defeat it. You develop a vaccine and are feeling good, but then, the Delta variant pops up, and you scramble again. Hoping to quell that slight variant, the next one, Omicron, arises. And on it goes. How many variants will appear before we feel we’ve completely addressed each and every threat? There is no real way to tell, so you keep building your defenses to stay safe.
The security tool world is similar: Each year we see new tactics arise, new threats that weren’t predicted, and we scramble to build the tools to combat them. It’s a bit of a cat and mouse game, chasing new threats as they arise. And until these breaches slow down, there will continue to be new tools in the market.
6 – Bonus! Analyst Firms Will Come up With at Least Three New Acronyms That are Must-Haves for Your Cloud Security Toolbox
SPITS (Security Protocol Infrastructure Technology), SAPPY (Secure Access Protection Platform Yeti), CATS (Cloud Application Testing Security). These are all must-haves! At least that’s what the analysts will tell you. They need to weigh in on this, right?
Yes, we made those up. But they could be real someday. 2022 will keep the analysts cranking and keep you trying to keep up with all the new tools you need! We can pretty safely predict that.
The Year that Data Matters More
Data truly is the key element for business survival. And it’s also the element you need to protect the most. It is the new business currency and something everyone benefits from when harnessed securely.
2022 will see better cloud security as investments continue to rise. And as data democratization continues to expand, cloud data protection needs to keep pace. The increase in protection, and the proliferation of cloud data, gives rise to more cloud-native tools, which, in turn, allows security teams to become enablers, not gatekeepers.
In this cloud-first world, where digital transformation is happening fast and complexity is high, where development is happening in new realms, traditional methods are falling away. The ability to discover, classify, and categorize all the data within your public cloud environment is a necessity to stay safe and nimble.