Industry executives and experts share their predictions for 2022.  Read them in this 14th annual VMblog.com series exclusive.

Cybersecurity 2022: Disrupt and Conquer

By Kurt Roemer, Chief Security Strategist for Citrix

As the journey towards digital transformation continues, IT will leverage innovative technologies to transform the user experience and fuel competitive advantage

Cybersecurity has taken center stage. In the wake of attacks that have crippled business and threatened our daily lives, calls are growing louder for IT to shore up defenses. The last year introduced a new set of really tough problems, as the pandemic forced companies to embrace remote and hybrid work and expand the use of cloud-based solutions to support it with unprecedented speed and scale. And many challenges remain. But they can be overcome.

Organizations that leverage disruptive technologies can transform user experience and deliver the secure environments required to keep employees safe, happy and performing at their best in the new world of flexible work. What will security look like in 2022?

Patching Becomes Instantaneous

Corporate policies often dictate that patches are thoroughly tested - which can take weeks that IT doesn't have.  IT departments will ditch this practice and enable automated and verified patching across their workforce and technologies using cloud services that are continuously patched and updated so they can move at lightning speed. 

More Servings of Alphabet Soup

From AI/ML (Artificial Intelligence / Machine Learning) to CASB (Cloud Access Security Broker), EDR (Endpoint Detection and Response), SASE (Secure Access Service Edge), SWG (Secure Web Gateway), WAAP (Web App and API Protection), XDR (Extended Detection and Response) and ZTNA (Zero Trust Network Access), more acronyms will emerge to support cybersecurity. And they will introduce a new level of complexity across IT, that will require hard-to-find-and-retain personnel and additional computing resources, budget and coordination between organizational silos to effectively support.  To simplify things, savvy organizations will focus on unification and interoperability, demanding products that work together as a platform to increase visibility and control while reducing resource consumption.

AI Emerges from the Hype to Disrupt and Conquer

Think of the toughest cybersecurity problems. Areas where innovation is essential to disrupt the status quo.  Business issues where applying traditional resources would be infeasible or deliver incomplete results. In 2022, AI, will live up to its hype and help tackle these challenges and enhance cybersecurity capabilities in the following areas:

• Detecting the rise of malicious insiders across the workforce and supply chain
• Identifying security misconfigurations in applications, networks and cloud services
• Actively seeking out opportunities for increasing cyber resilience
• Determining behavioral effectiveness of the cybersecurity portfolio
• Performing continuous pen testing - especially with complex API dependencies
• Defining roots of trust, trust chains and trust relationships for tech and processes
• Evaluating experience to determine the optimal balance of security, productivity and cost

Zero Trust Evolves into Digital Trust

Zero Trust has taken the cybersecurity world by storm. At its most basic level, Zero Trust is a stance dictating that all trust must be earned. Trust is never assumed, never an afterthought.  Trust is carefully instantiated, measured and verified to be commensurate with risk. And it will be a key driver of the digital transformation of trust, accelerating the journey to expressing, consuming and codifying trust across the organization.

Fewer Passwords will be Used

Passwords are the zombies of the internet - the undead that continue to haunt us. And IT will begin to move away from them. According to a recent study, 72 percent of security leaders say a password-less environment is "very" or "moderately" important to them.

In the year ahead, the security fragility of passwords and costs associated with their continued use will drive organizations to utilize credentials and trust factors including Multifactor Authentication (MFA) and FIDO2. And APIs and services that facilitate deprecating passwords will drive needed change and bring an expanded focus on contextual access and usage. 

There's no doubt substantial progress has been made on the cybersecurity front. Leading organizations that leverage innovative technologies and policies to support them can sustain the momentum and turn security from a critical threat into a competitive advantage and move their business forward.

##

ABOUT THE AUTHOR

As Chief Security Strategist for Citrix, Kurt Roemer leads security, compliance, risk and privacy strategies for Citrix products. As a member of the Citrix CTO and Strategy Office, Roemer drives ideation, innovation and technical direction for products and solutions that advance business productivity while ensuring information governance.

An information services veteran with more than 30 years experience, his credentials include the Certified Information Systems Security Professional (CISSP) designation. He also served as Commissioner for the US public-sector CLOUD2 initiative and led efforts to develop the PCI Security Standards Council Virtualization Guidance Information Supplement while serving on the Board of Advisors.