Virtualization Technology News and Information
vArmour 2022 Predictions: Zero Trust Truths, Ransomware Risks, IoT Threats & Reality Recognition

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

Zero Trust Truths, Ransomware Risks, IoT Threats & Reality Recognition

By Tim Eades, CEO, vArmour

2021 was the year when ransomware went mainstream, and so did the realization that much of our digital life counts as essential infrastructure for work, play and survival. For organizations dealing with cyber vulnerabilities, accelerated digital transformation and migration to complex cloud environments, the consequences of increased vulnerabilities became more stark. After a record year for both cyberattacks and enterprises transforming their IT infrastructures, don't expect to see this change any time soon.

In 2022, we can expect to see four main challenges created by organizations' lack of cyber preparedness and visibility into their IT environments.

First, Zero Trust will continue to be a high-level concept that means something different to everyone. Zero Trust is best achieved through a phased approach. But it starts with the ability to "observe reality" as it is happening now.  And it turns on its head the idea that a "trust but verify" approach can still be operated in a world with zero perimeters - or that a single, dominant security modality is all you need. More immediately, Zero Trust is a key component of President Biden's recent executive order, so expect to see the market awash in products and solutions claiming to offer Zero Trust capabilities, and CISOs and IT decision-makers under increasing pressure to invest in all manner of things promising Zero Trust. Cybersecurity experts will need to explain that Zero Trust security is not a ready-to-buy product, but rather a way of thinking and, ultimately, a systematic approach to establishing a Zero Trust architecture.

Organizations that use 2022 to begin their Zero Trust journey will do so by learning what Zero Trust is and isn't, and investing in the technology that provides the foundations for that strategy. It's unclear whether Zero Trust will become commonly adopted by the end of 2022, but we can be fairly certain that a sudden increase in Zero Trust tools will require some myth busting at the C-suite level.

Next, C-suites will continue to be threatened by the specter of ransomware attacks. Such attacks show no sign of abating, especially as many enterprises deal with dramatically expanded attack surfaces brought about by the accelerated shift to remote work and the reality that most businesses operate 24/7. We have witnessed the impact of these attacks on critical sectors of our national infrastructure including energy, food production, transportation and healthcare. For perspective, in 2020, ransomware payments exceeded $400 million, more than four times their level in 2019.

The U.S. government has taken new measures to combat this menace, including creating a ransomware task force to recommend preventative measures such as mandatory attack disclosures, and cracking down on financial institutions that facilitate cryptocurrency payments to ransomware attackers. Only time will tell if these efforts are sufficient. As companies continue to buy cyber insurance and cyber insurers continue to pay out, the threat of ransomware is not going to go away anytime soon. Ransomware represents an existential threat to organizations of every kind and should be considered and addressed as such.

Another trend that will continue to accelerate is the merging of the physical realm, e.g., the Internet of Things (IoT), and the realm of cybersecurity. In the past, cyber- and physical security have often been separate and sometimes at odds, but our increasing reliance on automation and interconnected tools, machines, devices and instrumentation mean that IoT and cyber-physical security strategies are a requirement here and now.

From internet-connected thermostats, to the components responsible for autonomous driving, the physical world is increasingly digital and prone to the real-life consequences of cyberattacks. We can expect to see an uptick in cyber-physical security attacks setting the stage for a reckoning over how to secure enterprises amid increasingly complex connectivity. 

Finally, 2022 is shaping up to be the year when observability emerges as a primary element to provide comprehensive security and increased resilience to the enterprise. This manifests as the capability to observe in real time the ever-changing relationships and interactions between applications, devices, infrastructure, data and, importantly, people. As enterprises increasingly adopt more dynamic and adaptive IT infrastructures, the security paradigms built for more static, boundary-defined perimeters become less effective, less relevant. Organizations thus need to fundamentally rethink their approach to cybersecurity, resilience and risk management, adopting both a mindset and posture that recognizes that attack surfaces have increased exponentially. With that in mind, there are new requirements and imperatives organizations must take on to control and govern the modern digital enterprise.

2022 presents the opportunity to retire old ways of working and tired technologies that no longer serve. The new year represents a great opportunity to be bold.



Tim Eades, Chief Executive Officer

Tim Eades 

With over 20 years of leadership experience in sales, marketing, and executive management at the CEO level, Tim has deep expertise in driving high growth for computing, security, and enterprise software companies. Tim joined vArmour as CEO in October 2013. Prior to that, he was the CEO at Silver Tail Systems from March 2010 until the company was acquired by RSA, the security division of EMC in late 2012. Prior to leading Silver Tail Systems, Tim was CEO of, an SMB focused SaaS company that was acquired by Proofpoint. Tim has also held sales and marketing executive leadership positions at BEA Systems, Sana Security, Phoenix Technologies and IBM. Tim holds advanced degrees in business, international marketing, and financial analysis, primarily from Solent University in England.

Published Monday, November 22, 2021 7:30 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2021>