If you had to sum up your thoughts on cybersecurity in 2021 in one word, “ransomware” is probably at the top of your list. There’s no doubt ransomware dominated headlines this year, and it makes sense that many cybersecurity predictions will focus on this ongoing epidemic.

While I recognize that ransomware isn’t going away anytime soon, in this predictions-focused reflection, I want to talk about a few other areas – including COVID-19, XDR, and what I like to call “The Great Migration” – that also have had a significant influence on cybersecurity this year and will impact cybersecurity in the year to come. Following are my predictions for 2022.

Prediction 1 – 2022 will be the year of “COVID security cleanup.”

When COVID-19 forced organizations to transform their business models practically overnight, companies did what they had to do to keep the lights on and their employees connected in a remote world. They deployed a voluminous number of new technologies in a sprint to sustain operations, and, in many cases, moved so quickly that they were unable to properly address security concerns. This has left CISOs stuck mopping up a big mess: plugging all the security holes introduced by organizations’ rush to digitally transform. Even with CISOs focused on COVID security cleanup, they can only move so fast, and we’re likely going to see significant fallout over the coming years (e.g., security incidents caused by cloud misconfigurations, excessive access rights and shadow IT). That said, it’s not all bad news for CISOs. A side effect of this situation will be that more CEOs and Boards will begin to see cybersecurity as a business problem – and CISOs may finally get their long-awaited and deserved seat at the boardroom table.

Prediction 2 – XDR will die on the vine as a single provider solution.

Extended Detection and Response (XDR) has made a lot of noise this year, but even though it’s a relatively new concept, it’s already losing steam. There are many different definitions for XDR, and the market is struggling to believe it’s truly the answer to all problems. The current definitions of XDR all rely on a single platform to do all the collecting, aggregating, correlating, and analyzing – preventing the need for users to collect and store data “from other solutions,” as its all already within the XDR vendor’s purview. The reality, however, is that, with today’s dispersed data and siloed security tools, no one technology provider can possibly have all the capabilities needed for security analysts to efficiently perform investigations. The only way XDR will work as intended is if XDR vendors decide to partner in areas where they don’t have convergence or capabilities, and to build native integrations with those partners, so customers don’t have to do so themselves. Only when working with a security ecosystem of partners will XDR deliver on its intended promise.

Prediction 3 – “The Great Migration” part one: to overcome the cybersecurity skills gap, organizations will look for talent in more cost-effective locations across the U.S.

The cybersecurity skills gap still exists and, according to research from Information Systems Security Association and Enterprise Strategy Group, 95% of companies believe the gap has not improved in recent years. Not only are there not enough skilled cybersecurity professionals to fill the number of vacant positions, but organizations are tired of battling the competitive talent pool in traditional tech hotspots, such as Silicon Valley and Austin. This frustration, in combination with the newfound remote workforce, will spawn a talent migration in 2022. We’ll start to see more organizations build out their teams and close the cybersecurity skills gap by tapping talent in more cost-effective locations across the U.S.

Prediction 4 – “The Great Migration” part two: more organizations will move on-premises data to the cloud.

There’s no question that the COVID-19 pandemic accelerated digital transformation over the past 18 months, but, even with cloud cost efficiencies and other business benefits, most IT assets still reside on-premises. In fact, AWS Chief Executive Andy Jassy was recently quoted saying 96% of the more than $3 trillion IT industry still resides in on-premises data centers rather than in the cloud. While many organizations made their entrance into or expanded their presence in the cloud world over the past few years, in 2022, we’ll see organizations continue to shed their on-premises footprint, further expand their cloud presence, and migrate more on-premises data to the cloud. This will certainly help organizations modernize their businesses to better meet the requirements of the new world we live in. But, as organizations expand their digital footprints, managing security across multiple vendor-supplied tools can become overwhelming and data can get lost among a variety of security environments, tools, and platforms, leaving gaping holes in security defenses. Establishing and maintaining data visibility across silos will be paramount to reaping the benefits of the cloud without any of the associated security risks.

Prediction 5 – “The Great Migration” part three: customer demand for API integrations will increase.

No one vendor can provide all the security tools organizations need to defend against today’s increasingly sophisticated threat landscape. And, as a result, no organization should be forced to rely on one security vendor for all their security needs. Because of this, market demand for security providers that offer API integrations and technologies will increase, and more companies will begin to evolve their security infrastructure to take advantage of myriad best-of-breed security solutions via APIs. Bad actors don’t operate alone; they have a team behind them. To defeat them, we in the security industry need to work collectively too, integrating our technologies to give customers the optimal cybersecurity defense and resilience strategy.

Prediction 6 – A day of reckoning will come for organizations using data centralization.

The concept of data centralization for threat detection and response had a chance of working when data volumes were small, housed on-premises, and protected by a security perimeter – but, even then, it was a lofty goal. In today’s world, it’s impossible. There are new technologies producing different data types, formats, and sources; data lives in disparate silos across many different environments, including on-premises, in the cloud, and within SaaS apps; and data volumes have skyrocketed – all of which have eradicated the reality of universal data centralization and a single pane of glass. Today, organizations must modernize their security operations to deal with decentralized, distributed data from a variety of tools and platforms, and this means thinking outside the box.

Plan with Perspective

The cybersecurity plans that we implement in 2022 will look very different than those we used even a year or two ago. As business needs and the threat landscape evolve, so too must your security tools, processes, and strategies. Being aware of current trends and predictions of what’s to come can help you build an up-to-date cybersecurity plan that battles current and future threats. Hopefully the six predictions above will prove useful as you evaluate the threats most relevant to your business and help you select the strategies that will be most effective at mitigating these risks.