The cybersecurity landscape has matured. The attack vectors have evolved and adapted to changing security protocols and parameters with ransomware and online fraud becoming a menace in the region. However, this maturity also extends to the organisation as the strategies and approaches implemented to defend against these attacks have grown more sophisticated and capable. Shilpi Handa, Associate Research Director at IDC, points out that even though the pandemic introduced rapid digitalisation and cloud adoption and brought the risks along with it, organisations are now past that phase and well into securing the enterprise across multiple touchpoints.
“Today, more organisations are acknowledging the newer security requirements that are required to fit within hybrid operating infrastructure,” she adds. “Security has moved to become a board-level discussion and is getting the attention and budgets it needs to ensure it remains a strategic and valuable investment.”
One of the primary reasons why security has shifted gears is because of the consumer. The latter are more informed and are aware of the fact that data breaches put their personal information at risk. This risk not only has financial implications but can lead to safety concerns as well, which means that people are more focused than ever on their privacy and on the measures that companies put in place to secure that privacy. The situation is further challenged by regulatory authorities and compliance expectations – mandatory disclosures force companies to report incidents and this leads to stakeholder scrutiny and potential losses across investment and reputation.
“To establish a solid security foundation and improve overall security maturity, companies should focus on several touchpoints,” says Handa. “Building security operations should be an important area of investment for all organisations today. For long people have been the centre of our SOC but with the advancement of threats and tools to identify these threats, the amount of data that SOC needs to handle has increased exponentially. This is augmented by the challenge of the biggest skill gap in the industry today. AI/ML-based automation of security functions, playbooks, and responses will become a need of every organisation a few years from now. Extended detection and response will get wider adoption over the next few years.”
“Cloud security and application security are also important areas that will need to come under the laser-like focus of the organisation,” says Handa. “The applications' microservices architecture demands a ‘shift left’ approach to application security that warrants innovative solutions that are capable of integration across CI/CD pipelines and that are capable of addressing and resolving vulnerabilities early in the lifecycle.”
This introduces one of the keywords to define security awareness in 2022 – visibility. When married with control, it is the core component of decision-making. Visibility provides decision-makers with the insights they need to guide their decisions, while admins and IT staff can use this visibility into every function across the organisation with a comprehensive understanding that will allow them to take the right actions across the attack surface.
“Control is imperative alongside visibility as it ensures that security can achieve one of its broadest goals – containing threats and breaches by deploying the right safeguards, countermeasures and parameters,” says Handa. “If you don’t have the right visibility, you can’t take control.”
Finally, companies need to pay attention to transformative technologies that can support their objectives of agile security. Zero trust is one of the heaviest hitters right now, relying on the reality that identity has become the future of security resources and access decision-making. Zero trust network access (ZTNA) can help organisations to secure access for the remote workforce and many vendors are coupling ZTNA with cloud access security broker, secure web gateway and Firewall-as-a-Service (FWaaS) to deliver security from the edge.
“These tools not only reduce latency for SaaS and cloud access but introduce improved control and visibility while cutting back on complexity,” says Handa. “Exposure management is another technology area that’s worth looking at as it offers better visibility into assets that are rarely available due to siloed business functions. These are some of the technologies that are worth looking into for organisations to gain richer control over their security posture and hygiene and to implement robust strategies to overcome the most significant threats.”