Skip to main content

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | Pardot Privacy Policy | Oktopost Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Assess and improve your security posture in 2022

Organizations are faced with a surge of cyber threats that are becoming increasingly sophisticated. We have experienced some major changes in the last few years, especially regarding the workforce. Companies have moved to hybrid and remote environments, thus making it more difficult to establish concrete workplace boundaries for companies and their employees. The hybrid world is creating new opportunities for bad actors and increasing challenges for IT teams. The pandemic changed the way we work, the interaction space we have and the environments in which we work.

The key for any organization to stay ahead of adversaries is to improve its security posture.

An assessment of their security posture is critical for organizations to take note of their existing assets, realize their current risk exposure and defend their IT systems. This may include maintaining a catalog of their cloud and hybrid inventory, infrastructure discovery and security measures.

In light of the benefits, here are the main trends for 2022 which will shape the need to improve the organization’s security posture:

1.

Hybrid environment and multi-cloud management

Since most organizations are already using at least two cloud providers, multi-cloud management has emerged as the latest trend. With that in mind, security posture solutions with extensive hybrid and multi-cloud capabilities will soon become the norm.

2.

Boundaryless collaboration

In complex organizational environments, it is no longer sufficient to protect just the boundary of an organization. To go beyond perimeter security, every access to an organization should answer three questions:

  • Who are you?
  • What do you need to do?
  • How much do I trust you right now?

Answering these three simple questions can help organizations push the boundaries of collaboration outside the perimeter, assuring strong posture management at the same time.

3.

Analytics

Security posture will be more and more about analytics. Security analytics will make all the difference, using AI/ML to provide a different perspective on the different aspects of security posture and enable the organization to take immediate and/or proactive decisions.

4.

Shift towards edge

As mentioned above, multi-cloud is the first step, but governance of access rights across the entire stack will be critical. Secure access service edge (SASE) helps identify individuals and devices, apply policy-based security, and provide secure access to the relevant application or data. This method enables businesses to implement secure access, regardless of where their users, apps or devices are. According to Gartner, “By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.” This will force posture management solutions to provide monitoring of every device and to become a single pane of glass — a unified management console or dashboard — to detect any security drift.

5.

Zero trust

It is a popular term that encompasses three main aspects:

  • Log all traffic and analyze the collected logs for insights
  • Allow only known traffic or known application communications
  • Use the principle of least-privileged access

This will impact cloud posture management tools by enforcing compliance and regulations across the stack, as well as identifying and solving overprivileged users and identities.

6.

Confidential computing

This type of collaborative encryption addresses privacy and data protection in a highly distributed world. Confidential computing is a new method of encrypting workloads while they are processed. It restricts access and ensures 360-degree data security by utilizing trusted execution environments (TEEs) to preserve data and code confidentiality. It also allows data encryption to be performed in memory without exposing cloud data to the entire system.

7.

Automation

This is another trend which will reduce the security team’s workload by automating security events. Approaches like extended detection and response (XDR) enable an enterprise to go beyond typical detective controls by providing a simpler, holistic view of threats across the entire technology landscape. XDR delivers real-time information about threats to business operations needed for better and faster outcomes.

8.

Simplification

The final general trend in posture management is simplification of the tools used in the organization’s landscape. Gartner’s 2020 CISO Effectiveness Survey revealed that:

  • 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolio
  • 12% have 46 or more tools

When you have too many security vendors, you end up with more complicated security operations and more security personnel. Most companies look to vendor consolidation to improve security, with 80% of them having previously achieved it or being interested in doing so. As a response to this initiative, large security vendors have started to provide better-integrated products.

As a leading provider of digital transformation, Atos is the right partner for organizations looking for security control. We believe security should be available at your fingertips to help you protect what you value most — your data.

Share this article

About the author

Elena Albu

Global Cloud Security Architect

Experienced architect working in presales and delivery in front of customer, counting over 14 years in IT industry, Elena is ambitious and diligent with a drive for perpetuating Atos’ mission and values. She is Azure Cloud and Oracle Cloud Professional Architect certified, TOGAF 9 Certified, and condensed MBA graduate working for different customers around EMEA, across several industries.