Virtualization Technology News and Information
Sumo Logic 2023 Predictions: Leaders to Rethink Security Strategies in 2023


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

Leaders to Rethink Security Strategies in 2023

By Dave Frampton, SVP and General Manager, Security Business Unit, Sumo Logic

Over the past few months, security operations centers (SOC) have been dealing with the problem of information overload. Now, cybersecurity threats and the increased sophistication of attacks are exploding by the minute. The shifting data landscape, remote work, and macroeconomic pressures will require cybersecurity leaders to reinvent and reevaluate their security tools, automation and overall approach in the below ways in 2023.

Companies Will Prioritize Security at Executive Levels

The number of bad actors is growing, and so is their skill level and the scope of breaches. MFA (multi-factor authentication) fatigue attacks are a serious threat to organizations in addition to ransomware attacks (particularly on supply chain), Trojan horse malware via mobile, unsecured credentials, and exposed internal calendars.

Therefore, cybersecurity leaders will urge their organizations to not only continue to prioritize security, but treat security as a business necessity rather than a cost center. This pivot and increased visibility of SecOps and digital transformation owners into possible threats allows organizations to be more proactive and focus on monitoring and preventing attacks.

Security Teams Will Continue to Grapple With the Human Element of Remote Work

Organizations got a crash course in hybrid and remote work at the start of the pandemic. While many of the related security and technology issues have been ironed out, challenges will remain in the new year. The threat landscape is beyond the enterprise perimeter as employees continue working from known places and unknown places, which may be in regions where organizations don't have a security posture. Therefore, they also lack clear communication channels for tracking employee locations, making it difficult to detect anomalies. Security teams will need to deploy solutions that make it easier to detect patterns in this data without false positives.

Demand for SOAR Will Continue, but Integrate With Other Platforms

Security orchestration, automation and response (SOAR) will continue to exist but will be increasingly absorbed into other security platforms and the term will die out as it becomes baked into overall security. Such platforms are still needed for a self-healing and self-protecting environment, but SOAR will converge with security information and event management (SIEM) and acquisitions will continue to contribute to vendor consolidation. In turn, SOAR and automation orchestration are going to expand beyond the cyber use cases.

Investments in Cloud Security Will Rise

Most organizations are moving to the cloud, and presence in the cloud is only going to accelerate. This means cloud security investments will be just as important to security leaders as on-premise because of the volume of data and assets in the cloud. The industry will develop many security products to solve these challenges, and data-driven analytics will also continue to help. Automation and built-in application security will also remain essential.

Security Leaders Double Down on DevSecOps Because Offense is the Best Defense

Some adages may be old, but they're relevant for today's security leaders more than ever as the digital transformation process creates new threats. "The best defense is a good offense," and, "You have to be right one hundred percent of the time, and the bad actor only has to be right once." Cybersecurity is by nature defensive, but leaders should also make it a point to be on the offense. Moving forward, the best-in-class security will feature built-in protection. The more teams get ahead of security threats, the more they can learn and build security into development to bridge data and team silos.

This also means DevSecOps will continue to evolve so that teams can design products with security in mind from the beginning of the process. Shifting left allows teams to focus on sharing knowledge and goals, see anomalies in near real-time, and improve processes so they can work better together.

Security is going to get increasingly complex as hybrid work, cloud migration and digital transformation show no signs of stopping in the new year. It will quickly become more challenging to scale businesses and meet security standards and compliance requirements. In order for innovation and security to go hand in hand, security leaders will look to new strategies that encourage cooperation not only between developers and security teams but across organizations. This includes product teams and those in charge of both corporate and customer-centric environments.




Dave Frampton is the SVP/GM Security Business Unit at Sumo Logic, the leading cloud-native machine data analytics platform. He leads the development of security analytics solutions that solve the emerging challenges of cloud and modern application architectures. Before joining Sumo Logic, Dave was the Founder and CEO of FactorChain, a security startup acquired by Sumo Logic in 2017. With over 20 years in networking and security, his previous roles include general manager of several businesses at Cisco, spanning Security Access Management, Application Performance, and Enterprise Infrastructure. In addition to operating roles, he is an active advisor to several early- and growth-stage start-ups. Dave holds an M.S. in electrical engineering, an M.S. in engineering management, and a B.S. in electrical engineering, all from Stanford University. Outside of work, he enjoys traveling with his wife and three children, mountain biking, CrossFit, and ice climbing.

Published Tuesday, January 31, 2023 7:35 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2023>