There are several key areas that are shaping the cyber security industry today, according to Taariq Gaffoor, Southern Africa territory manager at Secureworks.
1. XDR
Firstly, he believes extended detection and response (XDR) will take centre stage in 2022.
“With limited visibility into their hybrid IT environments, understaffed security teams, and growing cost and complexity of managing disparate security tools, organisations are increasingly turning to XDR solutions to unify their existing security infrastructure, and provide actionable, focused insight from a single console.”
This, he says, enables security teams to investigate and rapidly respond to threats in a highly automated and rapid fashion. “XDR solutions provide comprehensive attack surface coverage across endpoint, network, identity and cloud environments to help businesses gain a full understanding of the threat scenario and quickly respond accordingly.”
2. MDR
Another trend Gaffoor sees is a growing use of managed detection and response (MDR) to gain efficiencies.
Many organisations cannot afford to build and operate their own SOC or hire a dedicated security team to provide the 24x7x365 threat monitoring and response needed to stay ahead of an evolving threat landscape, he explains.
"The dearth of cyber security skills combined with a lack of resources is seeing many companies turn to MDR services."
In addition, businesses that have security staff but are looking to scale up, will also turn to MDR service providers to expand their capabilities.
3. Risk-based prioritisation
Automation and risk-based prioritisation will become key to vulnerability management, says Gaffoor.
“Vulnerability management continues to be ineffective because prioritisation continues to be ignored. Security teams have been detecting vulnerabilities over the years and passing these to the IT teams to patch, and we have reached a stage where the IT teams are expected to patch potentially thousands of vulnerabilities on a daily basis."
By the time they get closer to the target, the next set of vulnerabilities need to be dealt with. “On top of that, there are severe dependencies on underlying application support, downtimes, and suchlike.”
The only way we can solve this problem, he says, is by having an effective and automated way to prioritise vulnerabilities to bring the number down to a figure that is practical and manageable, instead of the thousands we are dealing with today.
4. Use of AI
“AI technology is one approach that can help alleviate the exploding burden on typical vulnerability management operations teams, and we can expect to see an increase in the use of AI in the detection, prioritisation and remediation of vulnerabilities. Relying on vulnerability severity scores is no longer effective and organisations will have to shift towards prioritisation, based on the context of the environment.”
In this way, organisations will be looking for technologies that have the ability to rapidly assess and determine what should be prioritised based on the likelihood of a vulnerability being exploited, as well as the potential impact on the organisation and its overall business.
“Understanding the risk posed by vulnerabilities to an environment will be key to vulnerability management in 2022,” he ends.
Secureworks will be presenting at the ITWeb Security Summit 2022, to be held at the Sandton Convention Centre from 31 May to 2 June, and at Century City in Cape Town on 6 June.
Share