EDITOR ’ S QUESTION
We can at least hope that 2022 is the year when we put the pandemic behind us . But where the notion of a COVID-free world may at least be possible , the thought of one without cyberthreat actors is , sadly , unrealistic . Organisations will see many changes over the next 12 months as they continue the fight to secure their perimeters .
The decline of cyber insurance
There are now strong indicators that a proportion of cybersecurity investment may go towards insurance , even as the quality of coverage declines .
Clauses on cybersecurity are making their way into property and liability coverage throughout the following year . But in 2022 , we can expect the customers of cyber-insurance providers to reevaluate the effectiveness of such clauses .
Integration rather than consolidation
The complexity of the hybrid environments that followed the surge to the cloud made ‘ consolidation ’ even more alluring . The truth is security tools specialise in different areas and comprehensive threat postures mean using multiple solutions .
In 2022 , expect to see a greater emphasis on integration .
But there is still a need to integrate tools effectively to achieve a level of visibility that allows tight control over the digital environment .
As research on this area progresses , we are discovering that the more tools that are deployed , the less effective a security team may become in detecting threats .
The new umbrella CISO will have a lot of challenges to overcome to prepare physical infrastructure for the modern threat landscape .
In 2022 , expect to see a greater emphasis on integration . CISOs will concentrate on the fundamentals by using the right tools to automate basic tasks , such as upgrades and patching , while freeing up security professionals for more strategic endeavors .
The unifying of OT and IT security
The risk to physical equipment has been apparent for years . The Colonial Pipeline incident in the US served as a stark lesson to organisations that use any solution that exposes physical machinery to the lawlessness of the public Internet . 2022 will be the year when a single CISO becomes responsible for OT and IT security .
OT security playing catch-up with IT security
The aforementioned merging of OT and IT security cannot come soon enough . OT infrastructure is notoriously behind other software-enabled business functions when it comes to security .
Between the less-than-optimal account polices and the slew of unpatched vulnerabilities in OT assets , the new umbrella CISO will have a lot of challenges to overcome to prepare physical infrastructure for the modern threat landscape . p
HADI JAAFARAWI , MANAGING DIRECTOR , QUALYS
www . intelligentcio . com INTELLIGENTCIO EUROPE 37