32 Experts Share Predictions for Information Security in 2022

31 Experts Share Predictions for Information Security in 2022

As part of our Information Security Insight Jam, we got in touch with several experts and asked for their advice and predictions for information security in 2022. These experts represent the top cybersecurity vendors, security hardware and software providers, and IT software companies, and have decades of combined experience with securing and protecting user and company devices. We’ve compiled 38 quotes from 32 experts on where they see the field of information security in 2022 and beyond.

Thanks to all of these experts for submitting their quotes and predictions — and be sure to follow us on Twitter all day for insights, advice, and best practices on cybersecurity during our #InfoSecInsightJam!

Onkar Birk, CTO, Alert Logic

“In 2022, we’ll see developers commit to “security first.” Why? Because they know that – every time they introduce a new version of an app or software – they could introduce a new exploit. Development is about discovery, after all, so they’re constantly learning as they go. This community is slowly recognizing that thinking of security as an afterthought only encourages vulnerabilities, attacks, and subsequently, damaging turbulence. By committing to “security first,” developers will build protection into products from the start instead of bolting it on after the fact. They’ll come up with pocket-sized versions of detection – micro detection – that they embed into apps at the source. In this sense, we can think of these apps as tiny streams feeding into large rivers and, ultimately, oceans. You want to stop “pollution” at the stream level before it reaches the river, not after. The same thinking applies to the safeguarding of apps and software before they are widely distributed within our enterprises.”


James Carder, Chief Security Officer & Vice President of Labs, LogRhythm

“Cyberattackers commonly use lateral movement techniques to move through an organization’s network after carrying out the initial breach. We have already seen the Russia-linked REvil ransomware-as-a-service group leverage Kaseya’s network management and remote-control software to move not only within Kaseya’s network but extend its reach to its customers. In 2022, we will see hackers seek to up-level the lateral movement concept for internal networks and apply it to an entire partner network using misconfigured APIs, which serve as a doorway from the internet into a company’s environment.”


Cody Cornell, Co-founder and Chief Strategy Officer, Swimlane

“In 2022, automation will grow beyond the Security Operations Center (SOC) to serve as a system of record for the entire security organization. As companies struggle to adequately staff security teams–and fallout from ‘The Great Resignation’ adds additional stress across the organization– automation will help employees overcome process and data fatigue. Companies will seek to use low-code automation to harness the collective knowledge of their entire security organization and form a centralized system of record for operational data.”


Sam Crowther, Founder and CEO, Kasada

“Over the course of 2021, bots have been tremendously successful in aiding resellers of sneakers and other wanted goods (such as PS5s, tickets, graphics cards, etc.) at securing inventory they can then flip at an incredible markup. These successes have gained mainstream publicity, increasing overall awareness of bots themselves. Because it is so difficult to find desired goods right now, I predict that mainstream consumers will begin to turn to bots to get gift items that are unavailable on store shelves. The success they have will push bot usage beyond high-end, limited edition goods to basic consumer goods when an arbitrage opportunity exists in 2022. This will also have the effect next year of increasing the urgency of retailers in investing in solutions that can stop bot usage, as non-bot-using consumers will publicly express their frustrations at not being able to purchase items without a bot – and will turn their dissatisfaction to the retailers themselves.”


Kevin Dunne, President, Pathlock

“In 2022, Zero Trust will shift from a nice to have to a need to have item on every CISO’s agenda. The federal government has already mandated that all agencies employ a Zero Trust approach, and agencies are moving quickly to put these safeguards in place. However, today’s approach to Zero Trust is mostly an application of Least Privileged Access, and a rudimentary one at that. Organizations are providing what they believe to be the least amount of privileges required, but they are not monitoring after the fact to see what is actually used and removing what is not used. Monitoring of entitlement usage at the transaction level will be a critical capability to ensuring that Least Privileged Access is a reality and not simply an assumption.”

“Cloud adoption will continue to accelerate in 2022. As the post-pandemic dust settles, organizations will realize that cloud investments drive better company performance, agility, and resiliency regardless of work from home or in office culture going forward. While much of the focus is placed on lifting and shifting in-house built applications to the cloud, the majority of cloud transformation is being unlocked through SaaS adoption. In today’s world, there is an application for everything, and most of those applications live in the cloud. The number of integrations and connections between SaaS applications in the enterprise is exploding. The risk will increasingly be of compromise to one of these SaaS applications or to one of the transport mechanisms between applications. Therefore, additional focus and emphasis should be on understanding what applications exist, and securing communication between these applications.”


Brian Foster, Chief Product Office, ReliaQuest

“2022 will be the return to basic cyber hygiene and cyber resilience. While Zero Trust and additional security models will have an effective impact on preventing future data breaches, it can be argued that these architectures have become increasingly necessary because the basics of cyber hygiene have not been implemented properly. Rarely are organizations getting the fundamentals of cybersecurity, like identity and authorization, right. Companies are chasing new technologies to try and enhance their cybersecurity posture. However, none of these will have a significant impact if there is not a strong foundation of cyber hygiene for further support – especially if any of these shiny technologies prove to fail. Cyber resilience also requires more than just the right products and fundamentals – it calls upon resiliency in terms of people as well. Team resilience during a cyberattack, including fast response and mitigation, must remain a critical focus for organizations over the next year.”


Sascha Giese, Head Geek, SolarWinds

“The explosion in data available to a company has made the use of artificial intelligence (AI) and machine learning (ML) a critical competitive advantage, but the talent and resources required to build solutions in-house is still prohibitive. Ultimately, a machine is faster than a human—or even a group of humans—which means shifting to AI/ML services also allows for cost savings. Yes, purchasing or subscribing to an AI service and integrating it doesn’t come cheap, but it’s still far more efficient than a team of 20 data analysts. In 2022, we’ll start to see AI and ML featured more prominently in organizations’ IT environments through the adoption of off-the-shelf AI/ML services. As businesses look to strengthen their security postures in response to the evolving threat landscape, for example, they may look for security tools leveraging AI/ML to perform tasks. Meanwhile, offerings from cloud service providers, like Amazon® SageMaker® or Google® TensorFlow™, will similarly see widespread growth by reducing the barrier to adoption and implementation for tech pros. We may also see companies become proficient at building AI algorithms and start to monetize them through licensing, data streaming ingress, or even by renting those algorithms out to other businesses.”


Christina Hoefer, VP of Global Industrial Enterprise, Forescout

“Cybersecurity skills shortage will drive more orchestration and automation. While there has already been an ongoing skills shortage in IT/IoT security, the skills shortage in OT security is far more drastic. Very few professionals and college programs focus on OT cybersecurity, and that will take years to fix. As a result, enterprises will need to rely on more automation in data exchange and decision making, including a heavy focus on visualization and analytics of all available data. Data analysis and incident response currently have many technology solutions targeted at them. The challenge in 2022 will be to shift from technology to processes for efficient incidence response, SOC setups and hybrid setups that see enterprises sharing capabilities with their managed service providers (MSPs). With so many cybersecurity point solutions in place and so few people to manage them (especially in OT), enterprises struggled in 2020 and 2021 to incorporate enterprise-wide cybersecurity. For that reason, enterprises will move away from siloed, stand-alone cybersecurity solutions to either platform-based software or tools that can provide integration with many other tools.”


Fei Huang, CSO, NeuVector

“2022 will continue to see accelerating enterprise adoption of containers for application development, but I think we’ll also see growing recognition that container security cannot be an afterthought. The risks of insufficient container security are too high, as headlines continue to show. In particular, expect enterprises to increasingly implement container security automation in 2022; I suspect that’ll be especially true for those under the purview of strict regulatory frameworks such as PCI-DSS, HIPAA, and GDPR. Due to their vast scale and dynamic nature, automated security responses offer the only suitable strategy to maintaining secure and compliant cloud native container environments. Look for enterprises in 2022 to utilize automated scans of YAML files and other Kubernetes resources to identify and mitigate misconfigurations and other risks. Enterprises will similarly implement zero-trust models using policy-as-code and CRDs, blocking all unauthorized run-time network, process, and file activities as a default protection.”


Casen Hunger, CTO and Co-founder, Symmetry Systems

“In 2022, the deployment of zero trust architecture will skyrocket. In our recent research with Osterman, we found that zero trust is anticipated to have a 144% greater impact on the ability to stop data breaches and double the efficacy of existing cybersecurity protections. We expect organizations to put a stronger emphasis on a data-first approach with zero trust initiative to protect their external parties as a result of the staggeringly high number of supply chain breaches in 2021, like the Colonial Pipeline attack.”


Martijn Loderus, Vice President of Solution Engineering & Delivery, Symmetry Systems

“According to our recent Osterman research, we expect that through 2022, most organizations will have incorporated data security into their Zero Trust architecture initiatives. Focusing on Zero Trust for data will be critical to combatting high-profile ransomware incidents and security issues resulting from the hybrid or completely remote workforces. In the coming year, we can anticipate that organizations will seek cybersecurity measures that harden their defenses against future threats. The recent escalation in ransomware attacks and data leaks has forced business leaders to expect that involvement in a breach is high.”


Dan Maksim, Software Engineer, Beachhead Solutions

“2022 is the year that proactive and automated security risk responses become an absolute necessity for businesses. Ever-expanding threats to systems and data (that go well beyond ransomware) will drive businesses to adopt deeply customizable preset protections that they tune to their own unique work environments and risk areas. Strategies supporting zero-trust policies will flourish. Businesses will similarly place a premium on approaches that prevent employee-based risks while remaining transparent to employees. An example is geofencing-based protections that automatically warn the user if a device travels outside expected locational limits, and remove data access if it goes further astray. In 2022, businesses will be better prepared for threats than ever, because they’ll need to be.”


Eve Maler, CTO, ForgeRock

“Identity access management (IAM) has become an essential ingredient for delivering successful digital services. Identity solutions originally focused on ‘protection,’ and now they are acknowledged to contribute equally to ‘personalization.’ Balancing security and experience is a false choice, as these two areas share many requirements, including fostering privacy and mutual trust; this is why a no-compromises approach is paramount. In 2022, IAM will become yet more important as it addresses new requirements in two newer areas: It’s essential for ‘payment’ (and everything surrounding trade and transactions) as well as for ‘people’ (for example, consumer-to-consumer sharing).”


Andrew Maloney, COO and Co-Founder, Query.AI

“When COVID-19 forced organizations to transform their business models practically overnight, companies did what they had to do to keep the lights on and their employees connected in a remote world. They deployed a voluminous number of new technologies in a sprint to sustain operations, and, in many cases, moved so quickly that they were unable to properly address security concerns. This has left CISOs stuck mopping up a big mess: plugging all the security holes introduced by organizations’ rush to digitally transform. Even with CISOs focused on COVID security cleanup, they can only move so fast, and we’re likely going to see significant fallout over the coming years (e.g., security incidents caused by cloud misconfigurations, excessive access rights, and shadow IT).”

“The cybersecurity skills gap still exists and, according to research from Information Systems Security Association and Enterprise Strategy Group, 95% of companies believe the gap has not improved in recent years. Not only are there not enough skilled cybersecurity professionals to fill the number of vacant positions, but organizations are tired of battling the competitive talent pool in traditional tech hotspots, such as Silicon Valley and Austin. This frustration, in combination with the newfound remote workforce, will spawn a talent migration in 2022. And, we’ll start to see more organizations build out their teams and close the cybersecurity skills gap by tapping talent in more cost-effective locations across the U.S.”

“In 2022, we’ll see organizations continue to shed their on-premises footprint, further expand their cloud presence, and migrate more on-premises data to the cloud. This will certainly help organizations modernize their businesses to better meet the requirements of the new world we live in. But, as organizations expand their digital footprints, managing security across multiple vendor-supplied tools can become overwhelming and data can get lost among a variety of security environments, tools, and platforms, leaving gaping holes in security defenses. With this in mind, establishing and maintaining data visibility across silos will be paramount to reaping the benefits of the cloud without any of the associated security risks.”


Carlos Morales, SVP of Solutions, Neustar Security Services

“News cycles in 2021 have been dominated by organizations falling victim to cybercrime, and attacks are now so common that it is no longer a case of if a business will be on the receiving end, but when it will happen for the second, third, or even fourth time. With the cost of prevention now far outweighing the cost of risk, we can expect to see security spending on tech, outsourcing, and talent rise in 2022 as part of wider investments in the Security Operations Center (SOC). As a result, SOC spend will make its way firmly onto the c-suite agenda and into board-level discussions. We will see a rise in SOC outsourcing. The typical enterprise tech stack is now so sprawling, complex, and interwoven that managing the entire attack surface has become too big for any one organization to handle. Despite inherent reticence to outsource security, the need for always-on cyber resilience and the capabilities to respond to all manner of advanced attack vectors will push in-house SOCs to bite the bullet and ask for help. Trust in third party providers, track records, peer endorsement, and of course leading class services will all rise in value, as third-party support becomes standard practice.”

“We will continue to see a lot of activity around small DDoS attacks – typically sized 5 Gbps or less – that are capable of evading defenses and targeting specific infrastructure, applications, and even APIs. These attacks can deliver the kind of outcomes hackers aim for with larger attacks while flying under the radar of traditional mitigation strategies and can therefore persist for quite some time. This stealthy approach broadens the scope for more specific protocol attacks which target elements of the system that sit between the public internet and the target network, whether designed to add undue load to the router’s CPU or target load balancers to limit site usability. Precision DDoS methods can create opportunities for attackers to fulfill their actual goal, and in some cases, degrade website performance over the long term. Organizations must be aware of attackers’ changing tactics, and businesses must evolve their defensive methodologies to be ‘always on’ when it comes to mitigation.”

“API attacks pose an often-overlooked security risk, and we expect to see a continued increase in attackers targeting APIs to disrupt business and harm organizations. One big hazard comes from the fact that APIs have become so ubiquitous that some enterprises may not be aware of where they are, or the function that they perform. While this can cause problems for the backend site when an external API is overwhelmed, it can cause huge issues in the cases where that API is connected to another inside the application. Since they can’t simply cut APIs out of the infrastructure, security leaders need to set safe practices. Start by limiting requests and monitoring traffic rate, and then utilize a more robust application security strategy that includes APIs.”


Brian Murphy, CEO and Founder, ReliaQuest

“If this past year taught us anything, it’s that cyber attacks are only increasing, so it’s paramount that organizations have the best talent to prevent and address these breaches when they occur. In 2022, the industry will need to make substantial progress in addressing the cybersecurity skills gap as efforts thus far haven’t shown the progress we need to properly address increasing threats. (ISC)2’s recent report made it clear – there aren’t yet enough cyber pros to build secure tech, implement protections or respond to breaches. While it’s great to see the efforts of the private sector prioritize training in cyber skills, and making cyber awareness training accessible to everyone, I hope, and expect, the industry will direct more of its efforts into tackling the broader skills transfer issue. There are plenty of people ready to raise their hand and help with this ongoing problem, but we need to better equip them with the right skills. I hope to see more companies in the new year investing in meaningful skills initiatives, like Microsoft’s work with community colleges and ReliaQuest’s work with 3DE high schoolers. These education-based efforts aim to encourage the next generation of the workforce to take interest and gain critical skills to shape the future cyber workforce.”


Mike O’Malley, SVP — Strategy, SenecaGlobal

“As more organizations shift their operations to the cloud, some are not as focused on third-party access risk and, as a result, expose their networks. This year, organizations will reprioritize third-party remote access and be more discriminating to pick the “right” cloud provider to ensure their long-term success. As many businesses continue to outsource critical business processes to third-parties, I foresee that they will do a better job of assessing their third-party partners’ security and privacy practices before granting them access to sensitive and confidential information.”


Nilabh Obol, Ph.D, Vice President of Data Strategy, FiVerity

“Synthetic identity fraud (SIF) is one of the best kept secrets of the financial world. It’s clearly a big deal – it’s currently the fastest-growing financial crime, responsible for $20B in theft from U.S. banks. It’s a relatively new threat, however, and is extremely hard to detect – so few banks have a robust strategy in place to counter it. I predict that next year, in addition to SIF’s continued growth, government-led efforts will increase awareness of this cybercrime. The Federal Reserve provided a definition just a few months ago, followed by FinCEN prioritizing SIF and other forms of fraud in its fight against money laundering and terrorist financing. In early 2022, the Fed is expected to release a SIF ‘toolkit,’ covering the importance of data accuracy and reporting of this crime, which will only stand to increase the attention directed toward preventing SIF.”


Murali Palanisamy, Chief Solutions Officer, AppViewX

“Looking ahead to 2022 and beyond, there will be an emphasis on seamlessly managing digital certificates and implementing a zero trust model. Due to the surge of digital technologies, the number of machines or digital assets has grown tremendously. Securing these distributed assets and their communication is critical for data security. As such, the need for automation will become even more pressing in the context of digital certificates, which vary in type (SSL/TLS, S/MIME, etc.) and source (IoT devices, containers, workstations, etc.). Aside from the heavy workload and significant expertise needed for manual certificate management, the risks of mismanagement that can lead to security compromises are high. Certificate lifecycle automation can bolster activity by allowing for faster deployment, better visibility, and a cycle of renewal. Enterprises need a managed solution with automation of the certificate lifecycle at its core. Implementing a next-gen certificate lifecycle automation solution is a key initiative towards achieving a fully functional zero trust model.”


Jason Pfieffer, Chief Strategy Officer, ReliaQuest

“In 2022, we will see an increase in cyberthreats that will impact critical infrastructure. Society and economies both at a local and global scale will continue to see a more direct impact on their day to day lives due to poor cyber hygiene, such as bringing daily commutes and travel to a halt for a period of time. Supply chain attacks will also become more prolific in 2022, as threat actors continue to target organizations with access to larger target populations. It’s very likely a large and well-known software vendor will be targeted and its software used to proliferate attacks across its customer base within the next year. Good cyber hygiene, cyber resilience, and a zero-trust mindset are all crucial for organizations to prioritize to help ensure they don’t become the next cyberattack victim, or at the very least, mitigate damage when a data breach occurs.”


Craig Ramsay, Senior Solution Architect, Omada

“This shift to more and more autonomy in these processes is a trend I envisage growing throughout 2022. Right now, Identity Management is stuck in a hybrid of manual and semi-autonomous actions. Whilst there will always be a need for some level of human decision making when it comes to the most critical applications and sensitive data, a unified approach to identity will greatly reduce manual effort. This will be realized through increased automation and intelligent decision support where automation is not suitable.”


Josh Rickard, Security Solutions Architect, Swimlane

“As organizations add more third-party SaaS and IaaS providers to their technology stack, the impact of cyberattacks on centralized cloud services will have a broader impact. In 2022, we will see cybercriminals take advantage of misconfigured SaaS APIs to exploit private data at an unprecedented scale. This will lead to a large distribution of core software code becoming compromised and impacting thousands of organizations across the globe. Similar to how cybercriminals have developed phishing kits to launch attacks with minimal effort, ransomware groups will seek to grow the RaaS ecosystem and improve infrastructure. In 2022, this will make it even easier to deploy ransomware attacks and will lead to a rise in more sophisticated attacks such as double extortion.”


Ashok Sankar, VP of Product and Solutions Marketing, ReliaQuest

“Zero-trust has been one of the biggest buzzwords of 2021. The surge of recent high-profile cyber attacks has ushered this concept to the forefront for many security leaders and organizations. In 2022, we will see zero-trust adoption speed up, however mass confusion will remain unless we treat it as a mindset shift and a concept versus a product solution. About half (48%) of security leaders say they are prioritizing implementing zero-trust principles as part of their security strategy. That number is expected to only increase in the new year, but too many leaders still don’t understand it to its full extent. Zero-trust can’t be thought of as a single-packaged solution; it’s essentially rethinking enterprise security and cutting across silos. It’s an evolution of the security paradigm that requires continuous monitoring. The industry must do its part over the course of the upcoming year to educate organizations on the ins and outs of zero-trust, as destructive attacks are not slowing down.”


Jackson Shaw, CSO, Clear Skye

“With the new, distributed post-pandemic workforce, companies are having an increasingly difficult time harmonizing their tools and technologies. Additionally, they’re struggling to capture and optimize new revenue streams. As a result, a workplace suite approach, in which all the solutions needed are incorporated in one place, will define the next generation of software. All signs are pointing to a shift from multiple, disconnected best-of-breed SaaS solutions, to a comprehensive, fully integrated platform approach. In addition to streamlining security and risk management best practices across business functions throughout an entire organization, a platform approach will also help cut down context switching, reduce friction, and increase efficiencies. We’ll start to see a greater emphasis on this approach in the coming year.”


Daniel Smith, Head of Security Research, Radware

“The evolution to a remote workforce was inevitable. The pandemic accelerated the digital transformation timeline. With the shift to a remote workforce, the attack surface has evolved and expanded in favor of threat actors. Protecting the remote workforce in 2022 from service degradation will be critical to maintaining a productive work environment. In addition, organizations will continue to hire remote employees who they have never met. This will raise concerns around their knowledge base, security hygiene, and exposure to social engineering attempts, resulting in the move towards a zero-trust model.”


Adam Stern, Founder and CEO, Infinitely Virtual

“In 2022, look for the status quo in cybersecurity to remain both fluid and precarious. State actors — or actors supported by states – continue to represent the most insidious ongoing cyber threat, largely through aggressive moves to attack tech companies upstream. The trend is disconcerting and will almost certainly accelerate in 2022. Rather than targeting individual organizations and businesses, infiltration is now happening on a grand scale, with risk effectively globalized, per the recent Solar Winds, Colonial Pipeline and Microsoft attacks. Here’s what keeps IT pros up at night: the systems upon which enterprises rely are themselves undermined. When code finds its way into vast networks, conventional means of protection cease to be effective.”


Nick Tausek, Security Solutions Architect, Swimlane

“This year we have seen an increase in both internal and external actors breaching companies such as Epic and Twitch for “ethical” reasons versus purely financial intentions. In 2022, there will be a significant increase in hacking for a political or social cause. Most organizations in this position will fail to adequately respond to the threat of exposure by focusing only on “clamping down” internally to prevent leakage rather than addressing problematic business cultures that make employees want to go rogue.”


Tilo Weigandt, Co-founder, Vaultree

“With the responsibility for data security threats broadening, there is a strong case to be made for most companies to invest in their internal security team and to hire a CISO. I foresee companies ensuring their senior IT management staff also have a holistic understanding and approach to cybersecurity as an organizational-wide risk issue with a focus on the legal and regulatory implications of cyber risks as they relate to a company’s specific circumstances. This includes identifying which risks to avoid, accept and mitigate, as well as implementing specific plans for each potential threat and how these are communicated to senior management.”


Darren Williams, CEO and Founder, BlackFog

“In the past year, we’ve already seen ransomware gangs morph into savvy businesses with sophisticated organizational structures, with one going so far as to create a fake company to recruit talent. In 2022, we’ll see this trend continue to pick up steam, with greater coordination between gangs, double extortion evolving to triple extortion and short selling schemes skyrocketing. While many companies hit with ransomware opt to pay up to quickly resolve the situation and get back to business, they’ll find themselves paying in other ways when it comes to the court of public opinion. Consumer trust of organizations that pay the ransom will continue to erode and lawsuits will abound as organizations are thrown under the bus for not doing enough to prevent data exfiltration.”


Landon Winkelvoss, Co-founder, Nisos

“With security incidents and breaches skyrocketing, the security industry is looking for value-based metrics that show return on investment. In 2022, threats will continue to rise and will include increased targeting of small to medium sized businesses that are important to the supply chain of larger enterprises. One way to accomplish this is by attacking the identities in the supply chain including mergers and acquisitions that have the least sophisticated security posture. Given past success, we can expect to see nation states continue to conduct aggressive attacks similar to the SolarWinds attacks of 2020. To combat these threats, the security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile. Findings and security alerts should be qualified based on the impact on particular companies and not just tied to various industries. Attacks should be prioritized based upon the most impactful outcomes.”


Greg Woolf, Founder and CEO, FiVerity

“Although fraud analysts express interest in collaborating with their peers to identify fraud, a range of regulatory and competitive concerns hold them back. This will begin to change out of necessity in 2022, as the losses across banks (most from many of the same fraudsters) reach untenable levels. Banks lost an estimated $20B last year to synthetic identity fraud (SIF) alone, with a single SIF profile opening an average of nine trade lines at multiple banks. Simply sharing information on suspected fraudsters (which is not only legal but encouraged by FinCEN) is a highly effective means for banks to root out a range of cyber fraud. Momentum is already building, with nonprofits dedicated to information sharing and organizations such as FS-ISAC and Cifas adding new banks to their coalitions. Meanwhile, private companies are offering tools like double-blind encryption to protect consumer privacy while collaborating.”


Erkang Zheng, CEO and Founder, Jupiter One

“One clear trend we will continue to see in the security field is the resource and skill shortage. It’s absolutely a concern and focus we should have in 2022, with the caveat that we are potentially looking for the wrong skill sets in security. Security practices and tooling are changing to more cloud-native, more automation and data-driven, in order to provide greater efficiency and efficacy for continuous cyber governance. As a result, we should focus on hiring security talents with engineering and automation skills in addition to security analysis and testing.”

“Ransomware has gotten scarier, and I expect we will see a lot more of that problem which will escalate as another unfortunate trend for cybersecurity. To some extent, we have seen insurance companies coming out with some complicated policies to address ransomware, either by not paying out the ransoms or demanding extreme security requirements to issue their insurance policies. I think that is a good impulse. The previous trend was that we needed to simplify compliance, which was not a good thing. The unfortunate reality is, money always talks — so, until there is a breach, security is often viewed as preventing nothing. So for many, the only immediate driving factors are compliance or cyber insurance policies.”


Our Buyer’s Guide for SIEM helps you evaluate the best systems for your business use case and features profiles of the leading profiles, as well as a category overview of the marketplace, questions you need to ask your organization and your potential SIEM providers, and a Bottom Line Analysis for each vendor profile.

Daniel Hein