December 15, 2021
New technologies and approaches are quickly becoming industry standards in a dynamic and challenging time.
Throughout 2021, cybersecurity and regulatory concerns topped corporate leaders’ priorities and influenced enterprise decision-making across the board. Some organizations have appointed C-suite executives, CISOs (Chief Information Security Officers) to address these new challenges as new working norms establish themselves throughout the economy.
We’re still working through the impact of the global COVID-19 pandemic that took hold nearly two years ago. “Hybrid work” is common enough now to simply call it “work”, which puts enterprises in a defensive position when it comes to facing the regulatory and cybersecurity challenges associated with hybrid deployments.
As a result, a great deal of experimentation took place in 2021. Some of the information security initiatives undertaken have proven more successful than others. As the industry consolidates moving into 2022, a few of the most highly promising approaches are likely to earn widespread adoption faster than others.
2021 In Review: 8 Trends Define InfoSec Priorities Today
Gartner insights have released a report on the biggest information security trends of the past year. The team at Castra has seen these trends play out over the course of the last year, and we’re fully in agreement with the consultancy’s assessment:
Now that the year is drawing to a close, the industry is positioned to move towards new priorities. These trends are likely to become the defining characteristics of InfoSec investment for 2022.
3 Upcoming Trends in the Information Security Industry
Innovative, tech-enabled enterprise leaders are finding new ways to address novel security challenges and radically redefine their organization’s risk profile.
Earlier this month, Gartner released the graphic below highlighting the upcoming trends in the information security industry, along with the top 3 most pressing trends that are affecting the industry now and will have a major impact in 2022. Let’s dig into those trends!
1. Low-Code Application Platforms (LCAPs)
LCAPs enable individual departments to develop their own applications without drawing resources from IT. Importantly, they can do this while following enterprise-wide scalability, integration, and security guidelines. The result offers a significant boost to production and deployment without compromising existing IT infrastructure or expertise.
In a traditional enterprise environment, a custom application can take up to six months, twelve full-time employees, and two million dollars to deploy. Most of these costs are associated with the expense of hiring and retaining qualified developers – who must then dedicate their time exclusively to that project.
In an LCAP-enabled enterprise environment, non-technical employees can create their own applications using intuitive drag-and-drop interfaces. IT staff no longer has to spend time on each individual deployment scenario. Instead, the IT team establishes the environment and maintains the code-free toolset that everyone else uses, while actively integrating and securing the solutions those employees create.
This could mean developing custom applications in weeks instead of months, with two or three people instead of a dozen, and with a five-figure price tag instead of seven. This frees up IT specialist talent to focus on high-impact strategic work and the optimization of deployment architecture.
2. Edge AI – and XDR Solutions to Secure It
Artificial intelligence has been consistently expanding its capabilities and business scope for years. Now, this emerging technology’s current frontier involves storage, processing, and management of AI-powered technologies on local devices at the network’s perimeter.
Most of today’s AI technologies send data back and forth from a cloud-based processing center or a centralized mainframe like IBM’s Watson supercomputer. This introduces latency, impacts privacy, and deepens security risks associated with AI applications since data is constantly traveling from one place to another.
Enterprise leaders are increasingly looking for ways to decrease their data governance load and reduce the transfer of data throughout their networks. This makes data privacy regulation easier to comply with and reduces cybersecurity risk throughout the organization. Edge AI capabilities help achieve these goals but bring security concerns of their own as well.
As a result, Extended Detection and Response (XDR) solutions are poised to become leading technologies for the edge AI workflows of 2022 and beyond. XDR technologies give edge devices a holistic suite of detection and prevention capabilities without compromising enterprise data load-reducing strategies.
3. Passwordless Authentication
Strong passwords have been the backbone of effective security for decades. However, new authentication methods are rapidly gaining steam among enterprise users who want to maximize usability without sacrificing security in the process.
The weakness of passwords often comes down to their impact on usability and efficiency. One out of every two people uses the same password for work and personal accounts. Three out of ten people do not lock their mobile phones because re-entering passwords annoys them. Most people are aware of ways they can improve password security, but simply neglect to do so.
Passwordless authentication methods, on the other hand, rely on pieces of information that are much harder to forge. In many cases, these methods rely on something a valid user owns or is. For example, one method may rely on a code generator in a smartphone app. Another may use a biometric market like a fingerprint. Many dual-factor authentication methods rely on both.
The password itself may not disappear in the next year, but enterprise leaders are looking for ways to close the gaps associated with password-only security. At the same time, they are highly aware of the impact that security has on usability, and are looking for solutions that will balance the two.
Prepare Your Organization for Tomorrow’s Security Environment
Organizations have a unique opportunity to deploy scalable, highly effective solutions to security challenges in partnership with reputable managed security service providers.
The coming year will present numerous challenges that enterprise teams must respond to. Organizations that invest in their security architecture today will be better positioned to overcome those challenges and achieve leadership in their industry tomorrow.