Virtualization Technology News and Information
Zimperium 2022 Predictions: The Future of Security is Mobile

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

The Future of Security is Mobile

By Richard Melick, Director of Product Strategy, Endpoint at Zimperium

With the calendar page rolling into 2022, taking a look back at 2021 and using those insights to help guide decisions for the new year is a tradition across the industry. In December of 2020, the industry discovered one of the most far-reaching supply chain attacks it had ever experienced. Throughout 2021, news of new, sophisticated supply chain attacks continued to make headlines. Further, ransomware attacks appeared to grow exponentially across all industry verticals.

In response to the increased severity and number of these attacks, President Biden published Executive Order 14028 "Improving the Nation's Cybersecurity" (EO), mandating that agencies modernize their IT infrastructures and adopt zero trust security models. With all of these changes over the last twelve months, a look into 2022 might bring lessons for enterprise organizations across the private sector. 

Prediction 1: IT and Cybersecurity Modernization Is Mission-Critical

Remote work appears to be here to stay. According to the Wall Street Journal, employees want to remain remote, and many companies realize that remote or hybrid models are tenable. This shift in work model accompanies IT modernization initiatives. 

Maintaining a remote or hybrid workforce model means that companies need to continue on their cloud-first or cloud-only paths. As part of this, they need to address the new risks that these models create. 

As organizations continue to modernize their IT infrastructures to enable these work models, they also need to modernize their approach to cybersecurity. 

Prediction 2: Attacks Will Continue to Focus on Device and Application Vulnerabilities

Malware seeking to exploit vulnerabilities in applications was on the rise in 2021. Over the last year, data around malware targeting mobile devices and leveraging malicious websites continued to increase. 

A brief overview of 2021 that can give some hints into what 2022 might look like includes:

These numbers indicate a strong likelihood that malware targeting websites and mobile devices will continue to increase over the next year. 

Prediction 3: Zero Trust Architecture Will Become the New IT Normal

Where the government goes, so goes the nation. However, the move to Zero Trust Architecture (ZTA) is mission-critical for enterprise organizations who plan to remain predominantly remote for the foreseeable future. Each new endpoint increases data breach risk. According to the 2021 Cost of a Data Breach Report, remote work and digital transformation increased the average cost of a data breach was $1.07M. 

The remote and hybrid work models that rely on access mean that organizations need to focus their security initiatives more purposefully on protecting their networks from compromised devices. Device security is a fundamental pillar to a successful ZTA implementation that mitigates risks arising from malware and ransomware attacks. 

Ultimately, endpoint detection and response (EDR) capabilities will become increasingly important as organizations look to implement the right set of technologies to help them protect their remote and hybrid workforces. 

Prediction 4: Mobile Device Security Will Become Increasingly Important

Mobile devices are integral to remote and hybrid workforce productivity. While many people use corporate provided laptops, they also use mobile devices to stay connected. However, this connectivity comes with its own security issues that will need to be addressed more purposefully in 2022. 

Research notes that mobile devices were key to remote work productivity during 2020. Some statistics include:

  • 62% of respondents polled by TRUCE Software agreed mobile devices were fundamental to their productivity.
  • 36% of respondents polled by TRUCE Software noted that using mobile devices at work increased more or significantly more than the previous year.
  • 40% of consumers only use the same mobile phone for both personal and work life
  • 70% of employees still use personal devices for work

While Bring Your Own Device (BYOD) policies work for on-site employees, they may not be as effective with distributed workforces who can connect to cloud resources. Continued productivity as part of a successful ZTA implementation will require ensuring that users can securely access resources without interruption. 

Prediction 5: Complete EDR Coverage Will Be Fundamental to IT Modernization and Distributed Workforce Security 

Building out robust device security as part of modernizing IT infrastructures and implementing ZTA strategies will be the cornerstone of a modernized cybersecurity program. According to research released in August 2021, the EDR market is expected to reach $6.72 billion by 2026, a CAGR of 25.15% for the period 2021-2026.

While EDR solutions can protect traditional devices, they often lack the ability to secure mobile endpoints for several reasons, including:

  • Lack of visibility arising from locked down kernels in mobile OS's
  • Inability to detect risky or malicious networks
  • Disabled cloud-based detection by network attackers
  • Inability to assess privacy and security risks in legitimate (non-malicious) mobile apps

Further, while Mobile Device Management (MDM) solutions offer the ability to give organizations control over mobile devices, they also leave behind several security gaps, including the inability to detect and resolve issues associated with:

  • Advanced threats
  • Mobile phishing attacks
  • Device health, particularly in real-time
  • Cloud application security
  • Malicious applications downloaded from untrusted sources

To modernize IT infrastructures and cybersecurity programs, organizations will start to look for mobile device security solutions that give them the complete EDR coverage necessary to implement a robust ZTA strategy. 

The Future of Security is Mobile

For organizations in 2022 and beyond, attracting the best talent requires maintaining, at minimum, a hybrid workforce model. To ensure continued productivity, companies need to allow end-users to connect their own devices to corporate networks. Securing these networks requires organizations to ensure user and device security prior to granting access. Because of more people are using their mobile devices as part of remote work, organizations need to invest in security solutions that mitigate risks arising from these devices.

In 2022, it's imperative for companies to modernize their security to meet the future of work where their users are - on their mobile devices.



Richard Melick 

Richard Melick is the director of product strategy for Endpoint Security at Zimperium. Richard has spent over a decade advancing through the security industry with his considerable experience and focus on the stories surrounding ransomware, hacking, and cyber attacks. He has been a security speaker on five continents and has even advised royalty on how to make and distribute ransomware.

Published Thursday, January 13, 2022 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>