Light Dark
January 18, 2022 By David Bisson 3 min read
Cloud Security
Data Protection
Incident Response
Risk Management
Security Services

Many organizations have cloud security on their minds going into 2022. In April 2021, for instance, Gartner predicted that global end-user spending on cloud management and security services would reach $18 million the following year. That’s a growth of 30% over the previous two years.

The forecasts discussed above raise an important question. Where exactly will these businesses and agencies be committing their cloud security spending in 2022? There are three trends to watch over the next 12 months. Keep an eye on cybersecurity mesh, hybrid and multi-cloud environments and cloud-native tools and platforms.

Cloud Security Trend #1: Cybersecurity Mesh

In its list of top strategic tech trends for 2022, Gartner defined cybersecurity mesh as “a flexible, composable architecture that integrates widely distributed and disparate security services.” It provides a means of verifying identity, context and policy adherence across all relevant environments, including the cloud. As such, it’s smart to use a cybersecurity mesh architecture as part of broader defensive approaches.

Niel Harper, a CISO, agrees.

“The goal would be to move perimeters encapsulating data centers to … identities and objects that are not on-premises or on the same network — specifically, users accessing objects from anywhere, anytime and with a variety of device form factors,” he said. “It also enables organizations to bring cloud services into their zero trust architecture and employ adaptive access control with more granular analyses of both subjects and objects.”

To put this in place, invest in a series of controls. These can help to bring zero trust, cloud security and other plans together. Harper pointed out two key cloud-related measures — cloud access security brokers and cloud infrastructure entitlement management. Endpoint detection and response and multi-factor authentication also fit in here, among others.

Trend #2: Hybrid and Multi-Cloud Environments

Cybersecurity mesh and other defense solutions advance more than just zero trust. They can also help to secure hybrid and multi-cloud environments.

Businesses and agencies are turning to these types of strategies more and more. Take the hybrid cloud, for example. Cofense reported that 90% of organizations will be using these to meet their needs by 2022. What that might look like could vary. For some, it could involve a mix of public and private cloud services. For others, it could consist of both in-cloud and on-premises assets. Others might use both.

It’s a similar story with the multi-cloud, a strategy that includes more than one cloud service. In a survey of IT leaders, 95% of respondents said they’re making multi-cloud a strategic priority for their businesses in 2022. About the same percentage (96%) reported that security was top of mind. But only 54% said that they were highly confident in the tools or skills they needed to execute that defensive program. Even more than that (76%) of respondents said that they didn’t feel that their group had invested enough in their multi-cloud project, leaving them ill-prepared to defend against digital threats.

This lack of funding makes another issue worse. That is, the hybrid cloud and multi-cloud environments introduce security challenges. They increase complexity, which reduces visibility.

In response to those obstacles, consider third-party cloud marketplaces such as the AWS Marketplace. These resources can help to provide security teams with software and services that they can use in the cloud.

Trend #3: Cloud-Native Tools and Platforms

Gartner also highlighted the importance of cloud-native platforms for 2022. These empower businesses and agencies to build application architectures that make the most of the cloud. After all, you can’t protect cloud assets the same way as on-premises resources. Internal teams protect the latter. That’s not true for the former, as the shared responsibility model dictates that infosec personnel provide security ‘in’ the cloud only. The cloud service provider is responsible for the security ‘of’ the cloud or safeguarding the physical hosts, network and infrastructure that run the cloud services. This division limits the degree of control that internal teams can have over security efforts.

To make the most of cloud-native tools and platforms, understand what part of the defensive perimeter belongs to you. Then, get the right tools for it. If you don’t, you could leave your business or agency exposed to threat actors who exploit vulnerabilities and misconfigurations in the cloud. This could also make it more costly to recover from a cloud security incident if and when one occurs. Hence the advantage of working with strategic vendor partnerships that bring security and visibility together.

Why Is Cloud Security Important for 2022?

Businesses and agencies will likely be moving more services to the cloud in the coming year. According to ITProPortal, 28% of spending in key IT segments will migrate to the cloud in 2022. This increase in cloud-based services will affect $1.3 trillion in IT spending.

In response, business leaders need to pay attention to securing their cloud-based services. Cybersecurity mesh, multi- and hybrid-cloud security strategies and cloud-native tools can help them to do that.

 |  |  |  |  | 
David Bisson
Contributing Editor

More from Cloud Security
November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

October 3, 2023

The importance of Infrastructure as Code (IaC) when Securing cloud environments

4 min read - According to the 2023 Thales Data Threat Report, 55% of organizations experiencing a data breach have reported “human error” as the primary cause. This is further compounded by organizations now facing attacks from increasingly sophisticated cyber criminals with a wide range of automated tools. As organizations move more of their operations to the cloud, they must also become increasingly aware of the security risks and threats that come with it. It’s not enough anymore to simply have a set of…

September 14, 2023

How I got started: Cloud security engineer

3 min read - In today’s increasingly cloud-focused business environment, cloud security engineers are pivotal in protecting an organization’s critical data and infrastructure. As experts in cloud security, they leverage their expertise to ensure that the ever-expanding amount of cloud data is safe from emerging threats and vulnerabilities. Cloud security professionals combine their passion for technology with a deep understanding of security principles to design and implement robust cloud security strategies. What experience do these security experts have, and what led them to the…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature