Under the thumb of the pandemic, enterprises and IT leaders had to look for tech solutions that were resilient and agile to empower the remote workforce. To sustain business continuity plans, organizations shifted workloads to the cloud. According to GartnerOpens a new window , spending on public cloud services will grow by 21.7% and hit $482 billion in 2022. This means as organizations mull new hybrid workplaces, reliance on cloud infrastructure will gain momentum.
As much as cloud adoption offers flexibility and productivity, it also exposes organizations to cyber threats and data breaches. A recent IDC surveyOpens a new window bears this out – a whopping 79% of companies have experienced at least one cloud data breach. Another study by IBM and the Ponemon InstituteOpens a new window shares that data breaches in the hybrid space cost organizations an average of $3.61 million.Â
There is a significant rise in the cases of cybercriminals targeting specific individuals in companies with carefully crafted socially engineering attacks, explains Chandra Kalle, vice president of engineering, LeanTaaS. As a thumb rule, technology leaders must consider cloud security as a strategic requirement.Â
In order to help tech teams plan a better 2022, Toolbox asked security and cloud leaders to weigh in on the top cloud security trends that will shape 2022.Â
Check out these 10 cloud security trends for 2022 that tech leaders should lean on to reduce security incidents in the cloud:
1. CISOs Will Focus on Building Visibility in the Cloud To Overcome Fragmentation
Deepak KolingivadiOpens a new window , director of product management, security operations BU, ServiceNow
“When it comes to cloud security, in the year ahead security leaders will be even more focused on overcoming fragmentation, risk-based prioritization and scaling remediation. The cloud is made up of numerous platforms, including multi-cloud and hybrid environments. This fragmented network increases and complicates the attack surface, making it difficult to monitor, protect, and respond. Visibility across the entire cloud environment is a critical initiative to overcome fragmentation and reduce cyber risk, which should be a priority for security teams.â€
See more: Five Major Cloud Security Challenges Businesses Should Prepare for in 2022
2. IT Leaders Will Take a Data-Centric Approach for Cloud Security Based on Zero Trust
Nataraj NagaratnamOpens a new window , IBM fellow and CTO for cloud security, IBM
“As cyberthreats grow and regulations get stringent, organizations increasingly adopt a hybrid, multi-cloud approach to mitigate vendor concentration risk. With data protection top of mind, IT leaders will increasingly take a data-centric approach based on zero trust in the year ahead. This will include defining standardized enterprise controls framework, protecting sensitive data with confidential computing, and continuously monitoring their security and compliance posture across development and operations. They will also prepare to enable business with secure AI on confidential data and for the even longer-term future, especially as quantum computing grows stronger.â€
See more: Why Hybrid Cloud Is Today’s Business Imperative: Tech Talk With the CTO, IBM Cloud
3. Containers Will Become Mainstream To Support the Cloud Explosion in 2022
Danny AllanOpens a new window , chief technology officer, Veeam
“Containers will become mainstream to support the cloud explosion of 2021. Businesses wrongly predicted that employees would return to the office, as normal, in 2021. Instead, remote working continued, and companies were forced to develop long-term remote working strategies to ensure efficiency, sustainability and to retain employees seeking flexibility. This remote work strategy demanded cloud-based solutions, resulting in an explosion of cloud service adoption. To meet this moment, containers will become mainstream in 2022, making the generational shift to cloud much easier and more streamlined for organizations.â€
See more: 7 Multi-Cloud Challenges and How To Overcome Them
4. IT Leaders Will Expect To See Dramatic Growth in Hybrid and Multi-Clouds Next Year
John AnnandOpens a new window , analyst and director of the infrastructure team, Info-Tech Research Group
“Enterprises must invest in process discipline as well as skills and culture change. Hybrid cloud, private cloud once quickly passed over as being inferior to the public giants are now easier than ever to implement and manage. Hybrid and multi-cloud solutions allow the business to choose the best fit for their workload without compromising the fidelity to their service management and integrations. There has to be a realization that it makes more sense to share expertise and act as a community against common threats rather than treat security as a product differentiator.â€
5. CISOs Will Implement Borderless Security Based on a Zero-Trust Architecture
Stan WissemanOpens a new window , chief security strategist North America, Micro FocusÂ
“Remote work is here to stay, and the concept of securing a perimeter has essentially ended. CISOs will need to think strategically and implement borderless security based on a zero-trust architecture (ZTA). For business continuity, organizations must enable access of mission-critical assets to employees wherever they are located. Employees are probably accessing these resources from personal, shared devices and unsecured networks. As a result, CISOs need to redesign their security controls and identity and access management policies to reflect the shift to ZTAs. To this end, they must have full visibility into connected devices and the rapidly expanding endpoints in the enterprise.â€
6. Organizations Will Pivot Investments To Protect Business Impacting Data on CloudÂ
Rob AragaoOpens a new window , chief security strategist, CyberRes (a Micro Focus line of business)
“In the past couple of years, we saw a shift from prevention to detection and response capabilities as driven by continued increase in sophistication of cyber-attacks taking place. Going forward organizations globally will pivot to prioritize their cyber investments on how to protect “business impacting†data. By truly gaining an understanding on the “business impacting†data across an organization and then providing the means to continuously assess where this type of data is being introduced into the environment, whether it be cloud, SaaS solutions, core applications, third party relationships, will drive a more resilient approach to cybersecurity programs and minimizing risk for organizations.â€
7. IT Leaders Will Invest in an Identity-Defined Security Strategy in 2022
Heather Gantt-EvansOpens a new window , chief information security officer, SailPointÂ
“Investing in cloud security hardening and monitoring. As companies continue to push to the cloud, we must acknowledge that there is still ownership on the customer to harden and monitor their cloud environment even with the most advanced cloud service providers. Security misconfigurations in the cloud comprise a large attack surface that is getting bigger daily. Ensure that you are investing in an identity-defined security strategy. The perimeter-defined security of the past is no longer sufficient in today’s working world where employees are not just bringing their own devices but bringing their own environments.â€
See more: Building Security Into Products, People, and Processes: Tech Talk With SailPoint’s CISO
8. Bringing Security Tooling Into the Automation Process of Cloud Will Be Vital in 2022
Nicko Van SomerenOpens a new window , CTO, Absolute Software
“One trend that has been going on in the cloud space is a march towards more automation, resulting in better elasticity and flexibility. In 2022, we will see a lot more of this trend bringing security tooling into the automation process of cloud deployment. Companies that operate services in the cloud will be hardening those services by putting more security automation into the deployment process. Automating more of the security testing and the configuration will bring better protections for services operating in the cloud.â€
9. DevSecOps Tooling Will Avoid Huge Risks and Breaches in the Next Year
Chandra KalleOpens a new window , vice president of engineering, LeanTaaSÂ
“This year we’ve seen a new trend where attackers are placing malware in the software supply chain and amplifying their attacks. Cloud deployments are complex, still nascent in their evolution, and lack comprehensive DevSecOps tooling. So, this trend is likely to continue and poses a huge risk. In line with the second point above, setting up and configuring cloud infrastructure is complex and filled with vulnerabilities that can lead to inadvertent exposures such as a leaky S3 bucket exposed publicly. In the past few years, this has been a major source of breaches, and this is likely to be the case next year as well.â€
See more: The Role of Cloud in Managed Print Services: Tech Talk With the CIO of Toshiba Business
10. SASE Framework Will Push Network Security and Access Close to Users
Manikandan ThangarajOpens a new window , vice president of program management, ManageEngine
“Organizations will look to secure access service edge (SASE), a security framework with network controls placed at the cloud edge. Instead of connecting to multiple platforms individually, users can connect to the corporate network located at cloud data centers to use enterprise applications. This gives IT administrators the ability to monitor access and exercise granular controls over the network. With zero trust as its core component, SASE grants access to networks, applications, and data only if the user’s identity has been verified, and all authorization requests are approved on a need-to-know basis. Also vital is a centralized access policy control defined by the organization to deliver unified security measures across all platforms. Being cloud-native, SASE pushes network security and access close to users, which is especially critical now.â€
Which of these cloud security trends are you following in 2022? Comment below or let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d love to hear from you!