Security Trends For 2022 - The Need For Talent & Cloud Migration

It’s been another challenging 12 months in cyber security with several major breaches during an already turbulent year. 
 
We saw the damaging ransomware attack on Colonial Pipeline, one of most high profile security stories of the year. The attack shut down a 5,500-mile-long pipeline on the east coast of the US, fueling fears over risks to critical infrastructure and global supply chains. 

 
In May, we saw President Biden sign an executive order designed to tackle the nation’s cybersecurity issues head-on, including supply chain security, and, perhaps the most important order of business, a call for government agencies to adopt a zero trust approach.
 
It’s also been the year of crypto currencies, deepfake technology and growth in fraud and scams associated with the pandemic.
 
As we look ahead to another 12 months in the industry, we focus on two trends for 2022.

1. Impact Of The Talent Shortage 

Microsoft  announced a partnership recently with community colleges around the US to provide free resources in an attempt to help end the shortage in cybersecurity professionals by 2025. The question is whether this shortage of readily available talent will impact the security industry over the next year or so and how technology can help to mitigate this. 
 
In the immediate future, the talent shortage will remain a problem. We have found this ourselves. It is getting better, but more investment is needed. People are recognising that security is an interesting and lucrative career, but there aren’t enough people and I think there will always be a struggle to keep up with growing demand. 
 
Look at it from a technology perspective, and it stands to reason that if there are less security incidents to manage, there is less need to recruit new talent into the industry and the impact of the talent shortage will be greatly reduced. 
 
We need to give them the tools that they were hiring services to do in the first place. The shortage is not going away any time soon so solutions need to be built around it. Better solutions will mean fewer incidents.
 
We need automation of solutions and automatic remediation. These tools will need to adapt to changing environments and to be built with a more holistic approach in mind, off-premises, on-premises, in the cloud and in a hybrid environment as work models evolve. 
 
All of this falls under the umbrella of zero trust, and this is the blueprint that businesses should be using as the building blocks to robust security. 
 
2. A Move To The Cloud Will Finally Happen 

While other industries moved operations to the cloud some time ago, there has been some hesitation to shift away from on-premises operations for security leaders. 
 
With the increase in sophisticated threats coming through as many employees work remotely, security leaders can no longer depend on legacy systems for protection, but instead need to shift to cloud native solutions. Factors, such as the increase in ransomware attacks, may influence more security leaders to finally move to cloud based solutions. 
 
But what will drive people and businesses to move to the cloud is the need to do security better. It stands to reason that if they need to improve their approach with security then the cloud is almost certainly going to be the way to go.
 
We are also seeing the pendulum beginning to swing in the favour of the user experience. The emphasis is on how you can carry out your job without negatively impacting the workflow processes and the device choice for the end user. Users must be able to work as and when they expect to and as fast as usual, but security is still implemented. 
 
This points all to the cloud because you need that scalability, you need that global view, device coverage, and you need to be in between the end user and the cloud services that they are accessing. 

Mark Guntrip is Senior Director, Cybersecurity Strategy at Menlo Security

You Might Also Read:

Cyber Security In 2022:

 

« Are Remote Contractors A Cyber Security Risk?
Education Should Focus On Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

LRQA Nettitude

LRQA Nettitude

LRQA Nettitude is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Duo Security

Duo Security

Duo combines security expertise with a user-centered philosophy to provide two-factor authentication, endpoint remediation and secure single sign-on tools.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

Ockam

Ockam

Ockam gives you the tools you need to establish an architecture for trust within your connected device applications.

SECURITI.ai

SECURITI.ai

SECURITI.ai's PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface.

Vigilant Technology Solutions

Vigilant Technology Solutions

Vigilant is a global cyber security technology company offering solutions to manage entire IT & cyber security lifecycles.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Stronger International

Stronger International

Stronger International provides expert cyber services and training to organizations and individuals to enhance IT and security knowledge.

Ethiopian Cybersecurity Association (ECySA)

Ethiopian Cybersecurity Association (ECySA)

ECySA was formed to play an influential part in the ongoing and dawning cybersecurity practices of Ethiopia, efficiently creating public and private awareness on all kinds of cyber risks and threats.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

EPIQ Infotech

EPIQ Infotech

EPIQ Infotech is a trusted consulting and implementation partner for Oracle JD Edwards and Amazon Web Services (AWS).

NSW IT Support

NSW IT Support

NSW IT Support: Your exclusive hub for comprehensive Business IT services in Sydney. Our skilled team ensures seamless technology solutions nationwide, consistently delivering top-tier IT support.

PDQ

PDQ

PDQ helps IT professionals to manage and organize hardware, software, and configuration data for Windows- and Apple-based devices.