The seismic change in the world of work since the beginning of the global pandemic continued in 2021. The surge in cloud, mobility and security initiatives has proven critical for businesses to weather the emerging cybersecurity threats. The Verizon 2021 Data Breach Investigations Report documents that phishing and ransomware attacks increased by 11 percent and 6 percent, respectively, as never before have so many people worked outside of their office as in 2021.
Cyber criminals have taken advantage of the security problems posed by the new model of teleworking and collaboration. To counteract this, companies that are agile when introducing strategies for digital transformation benefit from the advantages: from better security hygiene to reduce the risk of a data breach, to improved productivity, which ultimately leads to higher revenues.
The five major trends to consider in 2022
SASE, a single vendor play
Last year, we predicted that SASE would be a major strategic initiative, design approach, and implementation standard for corporate networks and network security implementations around the world. In 2022, SASE will become the standard for companies that want consistency, flexibility, and high performance for their security and network needs.
Businesses and organizations will focus on a single SASE vendor to provide unified, consistent, and ubiquitous security, network, and business policies for every user, application, and device. This single vendor model must still allow integration with third party SASE services. Companies see the optimal implementation of SASE in the merging of connectivity and network security in a single, integrated software solution that offers consistent, centrally managed access and security from anywhere in the world. You will recognize that the use of a multi-vendor approach for SASE leads to transparency gaps and security weaknesses.
SASE the best mix of identity, endpoint and threat protection.
SASE protects users, devices and applications wherever they are and, when done well, is the best mix of identity, endpoint and threat protection. Implementing a single vendor SASE approach is critical to granular visibility and control, reduced attack surfaces, dramatically lower latencies, and unparalleled application performance.
IoT and MEC security
The increasing spread of 5G in the past year has created new opportunities for intelligent manufacturing, augmented reality / virtual reality (AR / VR) and much more. For low latency connectivity, however, multi-access edge computing (MEC) is an important paradigm to achieve many of these goals. MEC brings together network, computing, storage, security and application functions and provides them seamlessly at the edge. This brings low-latency computing power as close as possible to users, devices, and things.
However, these advances open the door to new potential threats and vulnerabilities such as kernel bypasses, DDOS attacks on 5G service interfaces, cyberattacks on the Internet of Things ecosystem (IoT) leading to zero-day exploits, software manipulation and API - lead to exploits. Such attacks have a direct impact on the availability of services and information integrity and enable data exfiltration.
Protection against data exfiltration
Top strategies for securing the MEC and the IoT gateway require security hardening against the exploitation of APIs and the ability to recognize the expansion of privileges in applications. Approaches to the holistic establishment of Zero Trust in MEC and IoT ecosystems are crucial to ensure end-to-end SLA management, contextual security and transparency.
Work from Anywhere, Forever
We predicted last year that at least 50 percent of employees would work from home, and we believe that this work model will evolve into a permanent work-from-anywhere model by 2022. As 2021 has shown that productivity can be maintained or even increased, that collaboration can be continued or improved, and that it is possible to create and measure metrics with remote workers, companies will adopt a secure model for working from anywhere .
Metrics with remote workers
Michael Wood, CMO at Versa Networks (Image: Versa Networks).
With a work-from-anywhere model, employees can easily access their Voice-over-IP (VoIP), unified communications, collaboration and video applications while enjoying the security and performance of cloud and on from anywhere in the world -Use premises applications. Regardless of whether the business application is hosted in the cloud or on-premise, appropriate security policies must also be consistently enforced over public Wi-Fi networks or on unmanaged devices. As a result, organizations need to invest in more than just a VPN to protect themselves from users who can connect from anywhere and from any device: they need to take a holistic approach to maintaining visibility and control over identities, threats and endpoints.
With a strategic network and security approach such as SASE, organizations are able to achieve performance and security as well as lower capital and operating costs by implementing a secure, scalable and optimized work-from-anywhere model.
Multi-cloud interoperability and consistency
The rapid rise of the cloud and secure SD-WAN heralded an era in which on-demand services are accessed and operational simplicity is standard. When branch and corporate offices are connected to multiple clouds, IT needs intelligent, dynamic, multipath connectivity and robust security. In 2022 it will be of crucial importance that companies can use their wide range of multi-cloud network and security functions such as routing, SD-WAN, carrier-grade NAT, DOS, IP address management, stateful firewall, NGFW, IPS, IDS Simplify, antivirus and malware in a single, interoperable and consistent view.
In order to integrate these necessary functions across multiple clouds, the WAN infrastructure must enable access to the clouds without consuming too much bandwidth. In addition, digital transformation initiatives that connect multiple clouds must be systematically expanded to all branch offices. In order to achieve the consistency of security, policies and networks across multiple clouds, the focus in 2022 will shift to implementing a strategy that is cloud-independent and significantly improves the possibility of application across multiple clouds and SaaS services.
MSPs, the competent consultants
Many of the large-scale ransomware attacks over the past year were caused by the exploitation of third-party software, as demonstrated by the SolarWinds and Kaseya hack. More than ever, managed service providers (MSPs) are in the best position to serve as specialists in all enterprise security issues in 2022 and beyond. Training on threats and vulnerabilities such as supply chain attacks will be an important component for all managed service providers who want to offer security services and software to their customers.
MSPs help manage customers securely
Service providers and MSPs will have the opportunity to demonstrate that they can effectively and securely manage their customers' environments. Securing third-party managed infrastructure requires protecting people, applications, systems, traffic, and everything in between. MSPs will be skilled service providers who will find and retain world-class cybersecurity talent and provide end users with the best training on the modern threats plaguing businesses in all industries. Well-trained MSP providers who act as consultants to companies of all sizes will lay the foundation for good safety hygiene and a strong safety strategy for 2022 and beyond.
More at Versa-Networks.com
About Versa Networks
Versa Networks, a leader in SASE, combines comprehensive security, advanced networking, industry-leading SD-WAN, true multi-tenancy, and fine-grained analytics to meet SASE needs for both small and very large businesses and service providers. Versa SASE is available on-premises, hosted by Versa-operated service providers and delivered via the simplified Versa Titan cloud service designed for lean IT. Thousands of customers around the world with hundreds of thousands of locations trust Versa with their networks, security and clouds. Versa Networks is privately held and funded by Sequoia Capital, Mayfield, Artis Ventures, Verizon Ventures, Comcast Ventures, Liberty Global Ventures, Princeville Global Fund, and RPS Ventures.