UPDATED 12:25 EST / APRIL 12 2023

SECURITY

Zero trust, AI and the cloud: The new frontiers in cybersecurity

In today’s technology-driven world, cybersecurity has grown more important than ever. Global cyberattacks increased by 38% in 2022 compared to 2021, and the world is facing global cyberthreats that have serious implications.

These increasing cyberthreats have also led to an increase of companies seeking solutions, which has also led to fragmentation within the industry. That has made it difficult for organizations to pursue standardization and integration.

Security professionals must juggle legacy and emerging tools to keep up with constantly evolving threats. Despite this, market leaders in cybersecurity hold low single-digit market share, making it more challenging for companies to find and implement effective solutions.

“The challenges for cybersecurity professionals are dead simple to understand. Solving them is not so easy,” theCUBE industry analyst Dave Vellante wrote in a recent edition of his Breaking Analysis series.

Among those market leaders in cybersecurity with low single-digit market shares is Palo Alto Networks Inc., which has earned a reputation as the leader in security. 

“Despite its position as the No. 1 player, Palo Alto has maybe 3% to 4% of the total security market, depending on your denominator. Regardless, the leader has only a tiny slice,” Vellante wrote.

Fragmentation is just one of the many challenges ahead for the industry. In advance of the RSA Conference, where SiliconANGLE Media’s roving newsdesk theCUBE will be livestreaming, companies find themselves maneuvering talent shortages, the impact of artificial intelligence and increasingly sophisticated attacks. Simultaneously, there have been some positive emerging developments in observability, defense options such as cloud and more, making the road ahead for cybersecurity all the more fascinating.

The cybersecurity challenges ahead

Companies have been faced with the challenges of ransomware attacks in recent years. As more businesses turn to digital platforms and technologies, so do cybercriminals who develop more advanced ransomware attacks.

That’s translated into high costs for companies. Recently, security leaders reported that they have seen more cyberattacks and outages, with 52% of organizations saying they had suffered a data breach in the past two years, according to a report by big-data analytics company Splunk Inc. That’s an increase from 49% in 2022 and 39% in 2021.

There’s also been increased awareness about the importance of cybersecurity in a global context, especially in the wake of Russia’s invasion of Ukraine. Organizations are underprepared to handle cyber warfare, according to security company Armis Inc. But much of the urgency to address this threat can be traced back to the significant 2020 cyberattack of SolarWinds Worldwide LLC, which provides software to the U.S. government.

“The SolarWinds hack was a seminal moment underscoring industry vulnerabilities,” Vellante said. “There are extremely sophisticated attacks today.”

Compounding these challenges is the ongoing talent shortage in the industry. The nonprofit International Information System Security Certification Consortium released a study in late 2022 that suggested that the industry is currently seeing a workforce at an all-time high, with 4.7 million professionals working in the field. That’s an increase of 464,000 throughout 2022.

That same data revealed, however, that 3.4 million more cybersecurity workers were required to secure assets effectively.

“As a result of geopolitical tensions and macroeconomic instability, alongside high-profile data breaches and growing physical security challenges, there is a greater focus on cybersecurity and increasing demand for professionals within the field,” Clar Rosso, chief executive officer of (ISC)², said in a statement.

Of course, much like all of the technology space, cybersecurity is also evolving as a part of trends tied to artificial intelligence. It leaves an open question: Is artificial intelligence helpful or hurtful to cybersecurity?

“Artificial intelligence can be helpful, but hackers can also use artificial intelligence to identify vulnerabilities,” Vellante said. 

Opportunities emerge

For every challenge emerging in the space, so do opportunities, often tied to the same sector. Some companies have sought ways to transform the industry for the better. Take recent initiatives from cloud security company Lacework Inc., which has worked to inspire more women to join the space.

Meagen Eisenberg, chief marketing officer of Lacework Inc., recently told theCUBE about a new initiative that would soon be launched for women in the cybersecurity community.

“We’re launching Securedbywomen.com, and it’s very much focused on women in the industry,” she said. “We’re going to be taking nominations and sponsoring women to go to upcoming security events. It’s to celebrate women in security and help them with continual learning.”

To meet the increasingly challenging threats emerging in the space, cloud has emerged as the first line of defense, including through endpoint security solutions.

“At the same time, there’s another layer of complexity, especially for multicloud. Vendors are responsible for physical security or portions of the S3 bucket, for example,” Vellante said. “But the customer remains responsible for securing the application and using tools properly. That’s a shared responsibility, but the models can vary across major cloud platforms.”

Zero trust has also become a big buzzword, and there’s also been a huge trend from Palo Alto and other major players — including Fortinet Inc., CrowdStrike Holdings Inc., Okta Inc. and Microsoft Corp. — for bespoke solutions across cloud, on-prem and supercloud architecture, irrespective of physical location, Vellante noted.

Microsoft has become a huge player in the space in recent years. The tech giant said in early January that its security offerings are now a $20 billion a year business.

“Even in this economically challenging time, organizations … everyone sees security as the top priority,” Vasu Jakkal, Microsoft corporate vice president of security, compliance, identity and management told Yahoo Finance. “This is an asymmetric war as … [customers] do not want to cut security budgets. They are investing heavily, because protecting an organization is key for an organization to deliver on its mission, on its innovation and serve their own customers.”

Though Amazon Web Services Inc. does not have as extensive a footprint, it too has offered its views on how to build a cyber resilient security stance, and Google LLC continues to make strategic acquisitions to boost its integrated security capabilities. 

What comes next?

The cybersecurity industry is facing concurrent challenges of a talent shortage, increasingly sophisticated AI-powered attacks and widespread fragmentation. What exists in the space right now is not sufficient. Only three out of 10 organizations claim to be highly effective at cybersecurity, according to a biannual study sponsored by Hewlett Packard Enterprise Co.

“Our ability to defend our technology infrastructure is not keeping pace with the volume and sophistication of attacks,” the company wrote in its report.

So, what comes next? In a January Breaking Analysis, Vellante noted that vendor PR pros often reach out to influence theCUBE’s predictions, and this year there was a heavy focus on cybersecurity, as expected.

“In our view, the market conditions, with private company valuations down 10% to 40%, and funding drying up, make acquisitions more attractive for these companies, and there will be a lot of movement leading up to the RSA Conference in April,” Vellante wrote. “We would also expect mergers and acquisitions action for cybersecurity firms with a specialty in machine learning and artificial intelligence.”

Such trends, and in considering what the study commissioned by HPE turned up — including the fact that 42% of companies said they were planning to implement artificial intelligence as a critical part of their cybersecurity strategy — begins to signal what the year ahead could bring in what is becoming a pivotal moment for companies looking ahead to the future.

Image: peshkov/Getty Images

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU