Network security tools and practices continue to evolve, especially as networks themselves change through underlying networking technologies.
The growth of the cloud, the Internet of Things, and edge technologies, as well as the increased rate of cyber attacks, are requiring the network security market to adapt.
Read on to learn about some of the trends that network security experts believe are shaping the market:
5 Trends to Watch in Network Security
- Growth of cybersecurity education and knowledge sharing
- Molding cybersecurity strategies to hybrid network infrastructure
- The push to increase third-party cybersecurity
- Leveraging AI/ML for cybersecurity log management
- Long-term planning for a zero trust architecture
Also read: Key Cybersecurity Trends
Many of the worst and latest network security breaches have happened because of user errors related to a lack of cybersecurity knowledge and best practices.
More companies are now recognizing the importance of providing resources to users at all levels, so they’ll have the knowledge to ward off phishing and other cyber attack attempts.
Theresa Lanowitz, head of cybersecurity evangelism at AT&T Business, a top provider of mobile, IoT, 5G, and fiber solutions, believes that more leaders will invest in cyber hygiene education for their employees in the next year to keep them informed about incoming attacks.
“While many employees are bringing their cyber skills and learnings from the workplace into their home environment, in 2022, we will see more cyber hygiene education,” Lanowitz said.
“This awareness and education will help instill good habits and generate further awareness of what people should and shouldn’t click on, download, or explore.”
Another way that business leaders are improving their network security knowledge base is through crowdsourced forums, where users can discuss cybersecurity best practices with other companies and standardize best practices across industries.
Adam Stern, a member of the Forbes Technology Council and founder and CEO of Infinitely Virtual, a provider of cloud technology to the SMB market, said that more user communities will grow in the next year to address new threats based on the experiences from old threats.
“Next year is all about building an ad hoc community of users who follow these threats, come up with solutions, and share information,” Stern said. “That’s the best, if not the only way, to fight and protect against a dispersed army of bad actors.
“Ad hoc may or may not mean actively coordinating. It should mean relying increasingly on forums and similar venues to share and advance best practices. In this, we’re all potentially empowered.
“Every hacked business, whatever the size, takes steps in response — steps that may entail calling on a staff member, an IT expert, a cybersecurity firm, or some other knowledgeable third party. Taking action becomes a learning experience because few tackle this alone. One organization’s misfortune can give way to shareable lessons and teachable moments.
“Indeed, as we move into 2022, responsible cybersecurity increasingly will draw on things like crowdsourcing, with or without an element of AI. Insights/intelligence from attacks of all sizes effectively trickle up and down, over time making their way into commercial antivirus/anti-malware software, and into better best practices.”
See security education resources: Cybersecurity Training Trends
Companies are increasingly leaning into hybrid network infrastructure because different network types offer distinct use cases and benefits.
However, these companies have not historically focused on finding cybersecurity solutions that work equally across their networking portfolio.
Sam Ingalls, a staff writer for eSecurity Planet, an online publication for B2B cybersecurity reviews and reporting, believes that organizations need a holistic hybrid strategy that considers cybersecurity needs across network components.
“Many organizations continue to settle on the right balance for the modern hybrid environment a decade after cloud computing took the IT industry by storm,” Ingalls said.
“What’s clear is that no organization should rely on just physical, software-defined, cloud, virtual, or edge network capabilities when each offers its advantages.
“Role-based access control and internal security policies remain critical, as sensitive and proprietary data traverse different segments for various tasks. Because this brings added complexity, organizations must be proactive in their hybrid strategy and ensure security solutions are compatible with cross-environment network segments.”
Learn more: Top Hybrid Cloud Trends
Third-party vendors may offer anything from software-as-a-service (SaaS) to billing and payroll management to industrial equipment. A variety of reasons exist for why third-party vendors may need access to company data and network components, and the majority of companies have at least some external users who can access networking features. This access is not always monitored or controlled for network security purposes.
Bindu Sundaresan, a director at AT&T Cybersecurity, said that organizations are beginning to recognize the need to assess and reevaluate third-party network permissions as well as the potential opportunity costs for engaging a vendor.
“Attacks via third parties are increasing every year as reliance on third-party vendors continues to grow,” Sundaresan said. “Organizations must prioritize the assessment of top-tier vendors, evaluating their network access, security procedures, and interactions with the business.
“Unfortunately, there are many operational obstacles that will make this assessment difficult, including a lack of resources, increased organizational costs, and insufficient processes. The lack of up-to-date risk visibility on current third-party ecosystems will lead to loss of productivity, monetary damages, and damage to brand reputation.”
Different aspects of network security management that have traditionally been handled by network administrators are increasingly being handled by highly trained machines. This shift in security management responsibilities frees up time for human staff to focus on more complex security initiatives.
Ranjan Goel, VP of product management at LogicMonitor, a top cloud-based infrastructure monitoring company, said that companies will start adopting machine learning (ML) en masse for security log and alert management.
“IT leaders are using machine learning in cybersecurity products to quickly identify malicious activities with as little human intervention as possible,” Goel said.
“The next frontier for ML deployment for most enterprises is the automated mechanism to simplify log and alert management and get to the root cause of issues as quickly as possible. This can help reduce downtime for customers’ digital infrastructure, including airline systems outages for multiple days or e-commerce apps down during the busy holiday season.”
More on network monitoring and management: Network Monitoring Trends for 2022
Few cybersecurity departments have fully strategized and applied zero trust practices to their companies, despite the rise in cyber attacks at the user level.
Ingalls from eSecurity Planet explained the value that companies will find if they start to deliberately plan out their zero trust architecture.
“Anyone familiar with implementing zero trust principles and microsegmentation knows achieving zero trust isn’t an easy or short-term project,” Ingalls said.
“Instead of tabling the discussion, organizations should consider the incremental benefits of adopting a zero trust architecture. Starting with a thorough inventory of IT assets and vulnerable network segments, administrators can gain the visibility to prioritize specific security policies.
“At the heart of a zero trust architecture is a security fabric that isolates and protects an organization’s most valuable network segments. Though administrators have a few options, the next-generation firewalls (NGFWs) on the market today offer the advanced security features needed to combat sophisticated threats.
“The strategic placement of NGFWs internally may seem unnecessary, but it’s another valuable and user-friendly layer of protection.”