Virtualization Technology News and Information
Devolutions 2022 Predictions: 5 IT Security and Cybersecurity Trends in 2022

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

5 IT Security and Cybersecurity Trends in 2022

By Maxime Trottier, VP of Sales & Marketing, Devolutions

We can no longer use the analogy of riding a roller coaster to describe what we are experiencing in the age of coronavirus. At least a roller coaster ride comes to an end - and many riders are so exhilarated, that they race back in line so they can experience the thrills and chills yet again. But for us, we have no idea when COVID-19 will leave the headlines. And once it does, absolutely nobody will be pining for the "gool ol' days" of lockdowns, physical distancing and masks.

Still, as legendary motivational speaker and positive thinking guru Zig Ziglar advised, when it comes to the future "expect the best, prepare for the worst, and capitalize on what comes." In this spirit, here are five technology trends that we think will dominate in 2022 - and which we encourage organizations to "expect, prepare for, and capitalize on" accordingly: 

1. Securing Remote Access Will Become a Mission-Critical Priority

Well before COVID-19, it was important for organizations to ensure that remote workers, on-site technicians, field sales reps, and other "road warriors" accessed apps and networks in a secure manner. However, in a matter of weeks - and for some companies, days - the pandemic exponentially increased the number of remote workers; and consequently, the volume of vulnerabilities that hackers and rogue users could exploit.

The good news is that in the last year, some organizations have plugged these gaps through a mix of tools and platforms, such as a multifunction authorization (MFA), virtual private network (VPN), password manager, privileged access management (PAM), and identity access management (IAM). But the bad news is that other organizations - including many SMBs - still have a shockingly weak remote access infrastructure.  

In 2022, these organizations need to make addressing this problem a mission-critical priority. According to IBM's Cost of a Data Breach Report 2021, the average price tag of a single breach has surged to USD $4.4 million per incident - which is the highest level in the 17-year history of the report. What's more, the average cost of a data breach in SMBs has climbed to USD $2.98 million per incident, and 60% of SMBs go out of business within six months of getting hacked.

2. Cybersecurity Spending Will Rise   

Conventional advice says that cybersecurity spending should represent about 7-10% of the overall IT budget. There are two major problems with this traditional guidance.

The first problem is that the cyberthreat landscape has become much worse in the last few years, as evidenced by the alarming rise of ransomware, phishing/spear phishing, and supply chain attacks such as the notorious Solarwinds breach. And as mentioned earlier in this article, hackers have stepped-up their attacks on remote workers during the pandemic.

The second problem is that many organizations - and again, especially SMBs - do not have a sufficiently large enough IT budget to begin with. As such, allocating 7-10% towards cybersecurity may be appealing in theory, but insufficient in practice.

And so, how much should organizations spend on cybersecurity? There is no magic number or generic formula. The right amount supports a robust posture. While there is no way to completely eliminate the possibility of breaches and hacks, there certainly are proven and practical strategies, technologies, policies, and processes that mitigate the risk in a responsible, reasonable, and cost-effective manner.

In 2022, we predict that more organizations will realize that they are vulnerable (and likely have been for several years), and as such will increase their cybersecurity spending, both absolutely and as proportion of the overall IT budget. In our recently published State of Cybersecurity in SMBs in 2021-2022 Survey report, 56% of respondents indicated that they would be boosting cybersecurity spending in the future. We expect the bulk of new spending will go towards password managers and PAM solutions, which have shifted from being nice-to-have options, to essential tools.  

3. The "Turnover Tsunami" Will Force a Review (and Possibly Re-Invention) of Employee Access De-Provisioning

The so-called Turnover Tsunami - also referred to as the Great Resignation - is upon us. According to the U.S. Bureau of Labor Statistics, 4 million Americans quit their jobs in July 2021. And according to Gallup research, 48% of employees are actively looking to make a change.

However, it is a potentially catastrophic mistake to only view this migration as a workforce matter - because it is also an information security risk on a scale and magnitude that most organizations have never experienced, or even imagined.

Specifically, organizations need to establish and enforce a comprehensive employee de-provisioning process that locks - or better yet, deletes - access to accounts, networks, and other digital assets the moment an employee is headed out the door; or if that is not practical (i.e., many employees will provide two weeks' notice), then as soon as they no longer require access.   

Currently, this is a practice that many organizations are neglecting. In fact, a recent survey by passwordless security company Beyond Identity revealed that 1 in 4 workers could still access accounts from past jobs - including former IT staff and managers who had the proverbial "keys to the kingdom" (i.e., access to privileged accounts). In 2022, we expect this to become a much higher priority given the potential costs and consequences.

4.  Automation, Automation and More Automation

In 2022, more organizations will use automation to strengthen their defenses, establish visibility, and reduce the size of the attack surface. The impact will be particularly beneficial for SMBs, which do have the budgets to establish a fully fledged SOC or hire a team of security engineers - especially given that the already-massive shortage of qualified cybersecurity professionals is growing larger and larger (and costlier and costlier!).

5. Blockchain Meets InfoSec

In the mainstream, conversations and commentaries about blockchain generally revolve around cryptocurrencies. However, there are many exciting and potentially paradigm-shifting blockchain applications in the cybersecurity space, and in 2022 we expect to see significant developments in this area.
For example, blockchain can be leveraged to take passwords off a centralized server and use biometric and password-free solutions - ultimately making IoT devices virtually impossible to hack. This is vital for both consumers and companies alike, since the proliferation of connected devices has created a cybersecurity blind spot that is enabling hackers to launch zero-day attacks and compromise routers, printers, TVs, webcams, and more.    

The Road Ahead

Predicting the future has always been tricky. But in the shadow of COVID-19, predicting the next quarter or month can be tough. Some things have, can, and probably will change at a moment's notice - including shifts that seemingly come out of nowhere.

Still, the future marches on, and we must travel with it. And regardless of what the year ahead has in store - what we can imagine, and what we cannot - it is a safe bet that the five cybersecurity trends described above will accelerate the pace and set the tone; not just in 2022, but for years and decades to come.

All we can really say with absolutely certainty is: stay seated and keep your hands and feet inside the vehicle at all times, because the roller coaster ride is far from over!



Max Trottier 

As VP Sales & Marketing at Devolutions, Maxime Trottier leads the company's international market research and development efforts, along with customer relations and overall business development. He's driven to bring innovative and cutting-edge solutions to Devolutions' customers around the globe - this includes secure remote access management, secure digital vaulting, secure password management, MFA, and security automation. All of Devolutions' solutions are affordable for SMBs, and are simple to deploy, configure and use.

Published Wednesday, January 05, 2022 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>