Top 6 Security Predictions for 2023
The pandemic created a huge shift in the workforce. Users got up from their desks, went home, and decided to stay there. As a result, users, devices, and data are now everywhere. This new way of working causes those of us in networking and security major challenges. The old castle and moat design no longer works and legacy security tools that worked in the past become ineffective in this new reality. This has made it very difficult for network and security teams to keep users and businesses safe from attack.
The pandemic was also responsible for rapid technological innovation, faster than we have ever seen before. Businesses today are at a crossroads and many teams need guidance on what direction to take. Do we stick with what we know or do we evolve along with this new form of work? This presents businesses with an opportunity to improve and grasp innovation with both hands. With these things in mind, Axis released industry-first data with its Security Service Edge (SSE) Adoption Report, from which we have derived six security predictions for 2023:
Prediction 1: Hybrid work is here to stay.
Even though the pandemic is slowly starting to come to an end, users are not returning to the office at the rate at which they left. Many companies have realized that happy staff are efficient staff and are allowing employees to continue to either work from home or provide flexible work options. 78% of companies confirmed that they are supporting a hybrid work model with an additional 10% supporting a fully remote workforce.
This change to a hybrid workforce leads us to our first prediction. We predict that securing remote users will be top of mind during 2023. The tools we used in the past to connect users to applications and give visibility into these connections do not work in this new world. Companies are starting to consider how to do this in the future. The pandemic created rapid technological advances and there is a large selection of tools built specifically to secure this new hybrid workforce. Gone are the days of needing multiple pieces of hardware and software in a data center to get the job done. No longer do you need to feed and maintain software and hardware, pay renewal fees, and struggle with complexity.
Prediction 2: Balancing security, productivity, and visibility
To reiterate, we believe hybrid work is a permanent reality for many businesses, as a result, this creates a lot of new risks given the tools of the past no longer work as they once did. The report findings highlight that the biggest challenges with securing this new modern workplace are (1) adopting a zero-trust access strategy, (2) ensuring user productivity, and (3) having adequate visibility into user and application traffic.
In the past, teams have had to choose between security, productivity, and visibility, yet teams today must have all three with no compromise. Our second prediction is that security and networking teams will adopt tools that will fix these three core issues in the simplest way possible. Teams will not want to purchase multiple tools from multiple vendors and struggle to connect them together when an easier way is available. If this can be done in a single product from a single vendor this is the direction people are going to take.
Prediction 3: Prioritizing consolidation of security tools
The results show that 63% of businesses have three or more different security solutions in their environments with 22% having six or more different solutions. Managing these different solutions is complex and costly since teams need to learn, administrate, and troubleshoot across multiple user interfaces and pay for new hardware during renewal cycles.
This leads us to our next prediction. Security and networking leaders will look to purchase solutions that allow them to consolidate and remove as many network-security solutions as possible. Teams want to remove both complexity and cost, meaning they need a tool that doesn’t sit alongside their existing security infrastructure (like a VPN) but one that can fully replace it. As many organizations consider solution consolidation, many are turning to Security Service Edge (SSE) solutions.
As businesses consider the consolidation benefits of SSE platforms, 63% are looking for SSE to eliminate or reduce the need for enterprise VPN, 50% for SSL inspection, and 44% for DDoS, along with a continued list of other inbound and outbound security stack solutions.
Prediction 4: SSE adoption will skyrocket
In just under two years, Security Service Edge (SSE) has become a popular and well-known technology category with 71% of cybersecurity professionals being familiar with the term. In fact, 65% of businesses stated that they plan to adopt SSE in the next 24 months with 43% planning to deploy by the end of 2023.
SSE has quickly become a strategic initiative with 67% of businesses planning to start SASE implementation with SSE versus WAN Edge Services. Additionally, respondents ranked SSE as the #1 most critical element of a zero trust strategy, outranking SSO and MFA, endpoint security, and SIEM providers.
Further, with 47% of respondents stating they will begin SSE adoption with Zero Trust Network Access (ZTNA) technologies, we predict that many organizations’ first step on their SSE journey will be leveraging use cases like hybrid employee access as well as agentless third-party access. From there, many will move to a full enterprise-wide VPN replacement project and then a wider SSE platform deployment including SWG, CASB, and DLP. They will want this to be from a single vendor and within a single platform.
Prediction 5: SSE architecture will be a big factor
SSE platforms often fall into two architecture categories. You have SSE platforms that have PoPs hosted in their own data centers while other vendors have PoPs hosted in Public Cloud Providers. When asked which architecture type they would prefer, 60% of organizations preferred SSE platforms that leverage the public cloud in some way, whether PoPs are fully hosted in public cloud or having a mixture of private and public PoP locations.
This leads us to predict that more and more people will pick SSE platforms from vendors that are either fully hosting their PoPs in the Public Cloud Providers or have a hybrid form of PoPs to ensure that they have access to the flexibility, reliability, and redundancy of established cloud giants.
Prediction 6: Digital Experience Monitoring (DEM) will be an SSE staple
The move to hybrid work means that old tools used in our castle and moat architectures no longer work. We can no longer see what our users are doing, making it very difficult to protect them from the growing number of cyber threats. In fact, ensuring user productivity and increasing visibility are the second and third biggest challenges the business experiences when securing the modern workforce. This is why 90% of businesses believe that a DEM offering is an essential element in a holistic SSE platform.
Our final prediction is that visibility is going to become critical to companies when choosing an SSE platform. Having all the information in a single data lake that makes reporting easy will be important. With the users, data and applications now everywhere this will be something not only your network and support teams will require but also your security team. This will make visibility a core requirement.
This year focus on…
It’s clear that this hybrid workforce is here to stay. For many IT and Security folks, this will be seen as an opportunity to consolidate a number of legacy tools they are using and move towards a more modern form of secure access. If your team hasn’t considered the business impacts of an SSE platform, I highly recommend you check out the Definitive Guide to SSE. Or if you’re interested check out the full findings of the 2023 SSE Adoption Report.