This post is part of our 2023 cybersecurity prediction series.
A few of Lightspin's executives on what to expect next year across the cloud/cybersecurity landscape.
Vladi Sandler, CEO, Lightspin
Companies will aim to maximize their cybersecurity budget to get more functionality for less.
The current level of economic uncertainty will result in organizations placing more scrutiny on technology spend next year, while investments in cloud products and services will not entirely dip. This means we’ll see growth in platform offerings instead of point solutions
Organizations will place more emphasis on understanding the shared responsibility model.
Adoption will continue into 2023. Given Gartner’s assertion that through 2025, 99% of all cloud security failures will be the customer’s fault, those that do not understand the complex web of connections between all identities, identity chains, excessive permissions to data will succumb to vulnerabilities within their environment.
Or Azarzar, CTO, Lightspin
Next year we’ll see an increased focus on multi-cloud and resiliency.
Two-thirds of organizations will have adopted at least two cloud providers by the end of 2023. This will prevent organizations from becoming too tied into one ecosystem. As organizations are more mindful of investments, we’ll see more emphasis on use-cases, and prioritization of the “right cloud for the job.”
Application security and cloud security will be brought together contextually to prioritize true risk.
Organizations will buy into the idea that there's no such thing as cloud security, but that the infrastructure exists to support applications and those applications being exploited or impacted for uptime are the true business risk. Cloud security providers will need to provide contextual understanding of application security vulnerabilities and risks together with cloud security misconfigurations, overpermissive roles and more to determine true prioritization of a security team's time and efforts to reduce risk.
Jonathan Rau, CISO, Lightspin
The hype around the cybersecurity skills gap gets amplified.
The truth is that a lot of the skills gap is self-inflicted and has been for some time. The traditional cadre of hiring managers require too many certifications or too much work experience than necessary for the job. Next year, with most hiring budgets being slashed and many teams only being able to hire for one position, we’ll see even more demands placed on new roles.
DataSecOps will be the future of security engineering.
Five years ago, it was a requirement to be able to code. Now, given the massive scale of cloud environments, there is more data being generated than can be adequately managed. In 2023 we’ll see greater emphasis being placed on data engineers who can analyze big data platforms. Engineers will be forced to better understand how to work with data.
###