New year, New dawn, and a time to innovate
When we look up at the starry night, we are overwhelmed by the beauty of our universe, but we don’t see the magic behind the scenes — the perpetual change that is the core fabric of our universe. Not only is the universe changing, but our understanding and definition of the universe is evolving as well — powered by new scientific findings.
And just like stars are born from nebulae, stellar collision gives birth to new forms like blue straggler stars, and stars eventually meet their demise in supernovas. Cybersecurity technologies follow much the same path: of creation, evolution and sunsetting.
In the galaxy of cyber tech, Atos is tracking over 100 different cybersecurity technologies. Every quarter new technologies emerge, some fade away, while others converge to create a new cyber technological field.
In 2022, we expect to see an acceleration in the evolution of the cybersecurity industry, driven by:
The convergence in cybersecurity technologies is accelerating the move from point solutions into a more integrated security model. To name a few examples, Cloud access security broker (CASB) services now include secure web gateways, remote browser isolation and data loss prevention solutions. Cloud security posture management (CSPM) and cloud workload protection platform (CWPP) services are merging as well.
Secure access service edge (SASE) is bringing both network and security services into a unified cloud platform. Similarly, digital risk protection services (DRPS) are integrating with cyber threat intelligence (CTI).
The past two years transformed the workplace and the way we utilize digital technologies. The attack surface is expanding in the #NewNormal, with exponential adoption of cloud-based collaborative tools and increasing remote connections to IT/OT environments.
Today, the attack surface is everything and everywhere. Organizations must understand how to maintain control of their security and compliance posture in a world where data is pervasive and no longer in one location.
To adapt to the changing technology trends and the expanding attack surface, organizations are increasingly adopting security services, thus reducing up-front investment and benefiting from the latest and most up-to-date security solutions — with the flexibility to change if the need arises.
By adopting a risk-driven cybersecurity program, organizations will optimize their cybersecurity investments by identifying and adopting cybersecurity technologies that mitigate cyber risks and improve their security posture.
Despite the continuously evolving cyber environment, we have identified several cybersecurity technology trends that are top priorities for organizational investments in 2022.
You cannot protect what you cannot see.
Organizations will invest in risk-based vulnerability management tools to improve internal visibility and enhance operational efficiency. Many successful cyber attacks exploited known vulnerabilities in 2020. This requires organizations to improve their vulnerability management programs by adopting vulnerability prioritization technologies and combine them with autonomous pen-testing platforms for better results. Organizations will also invest in technologies that bring external visibility to their assets, such as digital risk protection services, cyber threat intelligence and security risk rating services. Some providers integrate many of these use cases into one technology.
Never trust, always verify.
Organizations will embark and accelerate their zero trust journey in 2022 to reduce the risk of remote work and other third-party risks. There is no single path to zero trust, and organizations are initiating this journey depending on their transformation maturity — starting with remote access and SASEtechnologies, micro-segmentation or even identity management of people, devices and objects.
Hybrid cloud security
Bring trust to the cloud.
Organizations will need to implement a layer of security controls across their cloud, edge and traditional environments. This layer of trust will secure the architecture, infrastructure, applications and data across multi-cloud and hybrid cloud environments. It will also utilize native CSP security controls and cloud security solutions that help secure and measure compliance across environments such as CSPM,CWPP, container security and DevSecOps.
Privacy-enhancing computation (PEC) tools
Protect data at all cost.
PEC tools will be tested by organizations in 2022, driven by demands to protect the privacy and confidentiality of sensitive data. Such tools protect and secure data in use, going beyond the classical “data in transit” and “data at rest” conundrum. Privacy-enhancing computation is a field where many technological trends are emerging, such as full and partial homomorphic encryption, zero-knowledge proofs, and adopting trusted computation environments.
Industry-specific cybersecurity technologies
One cybersecurity does not fit all.
We do not protect medical devices with the same tools used to protect connected cars or virtual machines. Organizations will invest in industry-specific cybersecurity technologies such as industrial security solutions, connected medical device security solutions, private 5G security, automotive threat detection and extend their partner ecosystem to include industry-specific cybersecurity providers.
Managed detection and response
Turning the tables on cyber criminals.
Since many traditional security operations centers are failing to prevent the rapidly-changing techniques employed by attackers, organizations will invest in managed detection and response (MDR) solutions in 2022. Such technologies help anticipate and detect complex attacks using artificial intelligence algorithms to detect and orchestrate a response in near-real-time at scale. Advanced MDR platforms provide multi-vector threat visibility and break silos by integrating security information and event management, security orchestration automation and response, cloud security posture management, user behavioral analytics, endpoint detection response and Network Traffic Analytics within a single platform.
Just as our universe continues to expand and bring new stars to life, the cybersecurity industry will undoubtedly continue to transform and change — bringing disruptive innovations that will shape the future of our industry.
At Atos, we are actively contributing to build the future of cybersecurity, and to track these trends as they evolve and mature. For more information on the latest cybersecurity trends, you can read more about Atos Cyber Tech Radar
About the author
Vice President Global CTO – Digital security, Atos
Member of the the Atos Scientific Community
Zeina has twenty years of experience in the Cybersecurity field covering the end-to-end spectrum of cybersecurity from security advisory, to security integration, Managed security services/Managed Detection and Response, to securing digital innovations (Cloud, IoT, Edge, AI etc…) as well as risk management, compliance and privacy.
She holds a Bachelor of Engineering in C.C.E from Notre Dame University Lebanon, a M. Sc. From Telecom SudParis and an Executive MBA focused on Innovation & Entrepreneurship from HEC School of Management.
Zeina is a member of the Atos Scientific community and a Fellow in cybersecurity. She is also a Certified Information Systems Security Professional (CISSP) and a certified ISO 27005 Risk Manager. She was the recipient of Atos Innovation trophy in 2013, was named in 2019 among the “100 fascinating Females Fighting cybercrime”, was listed in the CTO/CIO/CDO French top 10 influencers and was recognized as 2020 Cyber security leader by the Cyber Security Observatory.