Light Dark
January 18, 2022 By David Bisson 3 min read
Data Protection
Cloud Security
Incident Response
Risk Management
Security Services

Many organizations have cloud security on their minds going into 2022. In April 2021, for instance, Gartner predicted that global end-user spending on cloud management and security services would reach $18 million the following year. That’s a growth of 30% over the previous two years.

The forecasts discussed above raise an important question. Where exactly will these businesses and agencies be committing their cloud security spending in 2022? There are three trends to watch over the next 12 months. Keep an eye on cybersecurity mesh, hybrid and multi-cloud environments and cloud-native tools and platforms.

Cloud Security Trend #1: Cybersecurity Mesh

In its list of top strategic tech trends for 2022, Gartner defined cybersecurity mesh as “a flexible, composable architecture that integrates widely distributed and disparate security services.” It provides a means of verifying identity, context and policy adherence across all relevant environments, including the cloud. As such, it’s smart to use a cybersecurity mesh architecture as part of broader defensive approaches.

Niel Harper, a CISO, agrees.

“The goal would be to move perimeters encapsulating data centers to … identities and objects that are not on-premises or on the same network — specifically, users accessing objects from anywhere, anytime and with a variety of device form factors,” he said. “It also enables organizations to bring cloud services into their zero trust architecture and employ adaptive access control with more granular analyses of both subjects and objects.”

To put this in place, invest in a series of controls. These can help to bring zero trust, cloud security and other plans together. Harper pointed out two key cloud-related measures — cloud access security brokers and cloud infrastructure entitlement management. Endpoint detection and response and multi-factor authentication also fit in here, among others.

Trend #2: Hybrid and Multi-Cloud Environments

Cybersecurity mesh and other defense solutions advance more than just zero trust. They can also help to secure hybrid and multi-cloud environments.

Businesses and agencies are turning to these types of strategies more and more. Take the hybrid cloud, for example. Cofense reported that 90% of organizations will be using these to meet their needs by 2022. What that might look like could vary. For some, it could involve a mix of public and private cloud services. For others, it could consist of both in-cloud and on-premises assets. Others might use both.

It’s a similar story with the multi-cloud, a strategy that includes more than one cloud service. In a survey of IT leaders, 95% of respondents said they’re making multi-cloud a strategic priority for their businesses in 2022. About the same percentage (96%) reported that security was top of mind. But only 54% said that they were highly confident in the tools or skills they needed to execute that defensive program. Even more than that (76%) of respondents said that they didn’t feel that their group had invested enough in their multi-cloud project, leaving them ill-prepared to defend against digital threats.

This lack of funding makes another issue worse. That is, the hybrid cloud and multi-cloud environments introduce security challenges. They increase complexity, which reduces visibility.

In response to those obstacles, consider third-party cloud marketplaces such as the AWS Marketplace. These resources can help to provide security teams with software and services that they can use in the cloud.

Trend #3: Cloud-Native Tools and Platforms

Gartner also highlighted the importance of cloud-native platforms for 2022. These empower businesses and agencies to build application architectures that make the most of the cloud. After all, you can’t protect cloud assets the same way as on-premises resources. Internal teams protect the latter. That’s not true for the former, as the shared responsibility model dictates that infosec personnel provide security ‘in’ the cloud only. The cloud service provider is responsible for the security ‘of’ the cloud or safeguarding the physical hosts, network and infrastructure that run the cloud services. This division limits the degree of control that internal teams can have over security efforts.

To make the most of cloud-native tools and platforms, understand what part of the defensive perimeter belongs to you. Then, get the right tools for it. If you don’t, you could leave your business or agency exposed to threat actors who exploit vulnerabilities and misconfigurations in the cloud. This could also make it more costly to recover from a cloud security incident if and when one occurs. Hence the advantage of working with strategic vendor partnerships that bring security and visibility together.

Why Is Cloud Security Important for 2022?

Businesses and agencies will likely be moving more services to the cloud in the coming year. According to ITProPortal, 28% of spending in key IT segments will migrate to the cloud in 2022. This increase in cloud-based services will affect $1.3 trillion in IT spending.

In response, business leaders need to pay attention to securing their cloud-based services. Cybersecurity mesh, multi- and hybrid-cloud security strategies and cloud-native tools can help them to do that.

 |  |  |  |  | 
David Bisson
Contributing Editor

More from Data Protection
March 27, 2024

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

March 12, 2024

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

March 5, 2024

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature