Cloud computing and the use of cloud native architectures enable unparalleled performance, flexibility, and velocity. The speed of innovation has driven significant advancements across industries, but as digitalization continues pushing applications and services to the cloud, bad actors’ intrusion techniques have also become more sophisticated. The burgeoning threat landscape is top of mind for enterprise and midmarket business and security leaders, and should lead their decision-making—from the right solutions to implement, to the right partners to engage.
Economic conditions tightening and macroeconomic forces will continue introducing challenges in the coming year, but businesses that sustainably provide value to their customers and make security a foundational aspect of their organization will thrive.
Here are some trends I anticipate for 2023:
Cloud-native inflection point
While the last few years were dominated by early adopters who thrive in the technical playgrounds of emerging technologies, 2023 will see the ‘early majority’ of mainstream users begin adopting cloud-native architectures as the market reaches an inflection point. This inflection is driven by the accelerating accessibility and usability of the tools and technologies available, as the early majority prioritizes platforms that work easily over those with advanced functions that they likely won’t use.
“Shift left” has become a crutch
“Shift Left” DevOps models have played an important role in increasing the security and resilience of deployments. However, the industry pendulum has swung too far, leading many enterprises to believe that runtime security is unnecessary if they put enough resources into planning and testing. The reality is that a breach is a matter of when, not if, and security teams should therefore ensure their runtime security tools can rapidly identify and mitigate any intrusion attempts.
The professionalization of bad actors
The increasing availability of Ransomware-as-a-Service, a model which offers bad actors sophisticated vulnerability distribution while simultaneously isolating them from the risks of the trade, will lead to a worsening security situation for unprepared enterprises. The combined effect of readily available threats and poorly secured deployments will surely lead to high-profile breaches. In an ideal world, these breaches will finally get enterprises to go beyond the baseline regulations and make security a foundational effort.
Economic woes spotlight importance of fundamentals
Low interest rates and various macroeconomic forces led to open-source cloud-native platforms receiving significant amounts of funding from private equity investors. However, solid financial and business fundamentals have once again taken center stage as economic conditions tighten. This will lead to a wave of companies folding or merging, enabling those that sustainably provide value to their customers to rise to the top.
Partners care about security
Governments have become more aggressive in their security and compliance mandates, yet industries of all types still face regular breaches. This is because enterprises rarely go beyond meeting the bare minimum in order to save money and resources. However, we are beginning to see security become a primary concern during partnership negotiations. Enterprises want to know that the data and access they give to their partners will not cause issues down the line due to lacking proper security controls. Ultimately, a company’s bottom line is a far more effective motivator than a government mandate, which could make partnership discussions an important security driver in 2023.
Each year introduces new challenges and innovations, all of which warrant modern solutions and best practices to keep pace in an ever-changing world.
At Tigera, we are proud to work with organizations of all sizes, including Fortune 100 companies, providing our customers with a holistic way to secure Kubernetes workloads by actively reducing the attack surface, detecting threats, and deploying mitigating controls to reduce risks.
Six years ago, Tigera created Project Calico, an open source networking and security project. As containers and Kubernetes adoption grew, and organizations started using Kubernetes at scale, we recognized the industry’s need for more advanced observability and security. We responded to this need by building upon Calico Open Source to create the industry’s only active Cloud-Native Application Protection Platform (CNAPP). At Tigera, our product innovations are led by listening to our customers’ needs, understanding where the industry is heading, and staying one step ahead.
Learn how to adopt a holistic approach to container and cloud-native application security and observability by reading our free O’Reilly ebook.
This article originally appeared on VMblog.
Join our mailing list
Get updates on blog posts, workshops, certification programs, new releases, and more!