“Over the past two years, the typical enterprise has been turned inside out,” says Peter Firstbrook, VP Analyst at Gartner. Driven by COVID-19, cybercrime is thriving in today’s digital world, and enterprises are paying the cost. As organizations of all shapes and sizes slowly adopt a hybrid work model, CISO’s must rethink strategies to achieve a resilient cyber defense posture. Here is a look at five cybersecurity trends that CISOs must look out for in 2022 to continue running their businesses regardless of the cyber threats they face.
1. Cybersecurity Mesh
This modern cyber defense strategy is a key component of the zero-trust network approach, and it works independently to secure devices within the respective perimeters. Enterprises can use this to secure their digital assets anywhere, and address security threats arising from the pandemic-driven shift to remote work. By 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of security incidents by an average of 90%.
2. Identity-first Security
This not-so-new security approach gains urgency as enterprises move to a hybrid work model. According to the Version 2021 Data Breach Investigations Report, 61% of data breaches involved credentials, while 70% of all misuse cases were privilege misuse. As more and more attackers target identity, it is no more a perimeter – it’s the nub of security in a world without perimeters.
3. Cyber-savvy Boards
As businesses are increasingly going digital and relying on cyber-enabled technologies, cyber threats and the need to alleviate them has become a top priority. In recognition of this huge threat to enterprises, boards are forming dedicated committees to deal with cybersecurity issues. A member with previous security experience (like a former CISO) often leads these committees. By 2025, 40% of board directors will have a dedicated cybersecurity committee overseen by a qualified board member.
4. Vendor Consolidation
Security leaders often manage multiple tools that result in complex security operations and increased security headcount. A lean and consolidated tech and vendor stack will not only improve cybersecurity, but also cause fewer silos. By 2024, 30% of enterprises will adopt cloud-delivered Secure Web Gateway, Cloud Access Security Brokers, Zero Trust Network Access, and Firewall-as-a-Service capabilities from the same vendor.
5. Breach and Attack Simulation (BAS)
This advanced computer security testing method identifies vulnerabilities in security environments and offers continuous validation and testing of security controls to organizations. Enterprises can also avail themselves of specialized assessments and use BAS to identify high-value assets at risks.