Cybersecurity continues its evolution and organizations are focused on it more holistically, as part of business outcomes rather than as component parts, according to Theresa Lanowitz of AT&T. Lanowitz, who is the head of evangelism for AT&T Business’ cybersecurity segment, draws on insights gathered as part of the company’s annual research surveys on cybersecurity trends. What does she see ahead in 2023? The acceleration of the full-scale rollout of edge use cases, and a merging of edge with cybersecurity principals and policies.
“Cybersecurity is no longer this thing over in the shadows with just a group of very smart people focused on it. Cybersecurity is really now a part of the business,” she said, going on to add that the landscape changed significantly as a result of the Covid-19 pandemic. While the industry knew that things needed to change, the pandemic was really “that pivotal moment that really forced cybersecurity to really be part of the business.”
She continued: “Organizations are now focused on outcomes. They’re not saying, ‘How many firewalls can I put up, how many pieces of anti-virus software can I run?’ … If you think of where we are from a computing generational standpoint, we’re at this new era of compute, really underpinned by 5G and all this great technology. What that means is that everything is moving closer to where that data is generated and consumed.”
AT&T’s Cyber Insights report for 2022 surveyed more than 1,500 high-level IT professionals, and it found that across a variety of industries, there is real movement toward the edge — even if, as Lanowitz noted, different people have different definitions of exactly what “edge” is. She describes edge with three primary characteristics: A distributed model of management, intelligence and network; where applications, workloads and hosting are moving closer to where consumers are or where data is generated; and it’s software-defined/disaggregated. (“If … we’re getting better networks [and they’re software-defined], this idea of disaggregating individual point products into the network suddenly becomes doable, and suddenly becomes something very interesting to people,” she notes.)
However, there is a bit of a double-edged sword here. First, she says, “The more compute becomes democratized, the more risk we have.” However, networks that are lower latency, higher bandwidth and software-defined also offer new opportunities to build software security tools right into the network, Lanowitz says. For example: “Think about a network infected with malware. In the scenario of a disaggregated network, a new instantiation may be easily and quickly spun up and the propagation of malware across the network avoided,” she wrote in a December blog post.
“We’re in the early days of that, but I think it’s something that in 2023, that we’ll really start to see more of,” she said.
She also sees the edge becoming a focal point for cybersecurity efforts—because it’s where workloads and data (and therefore, risk) are moving. AT&T’s 2022 survey revealed that fully 75% of those surveyed said that their organization was working toward implementing edge use cases, with top edge use cases in retail and manufacturing.
Enterprises want to put edge capabilities to use in a variety of scenarios that save them money: Retail businesses want to use it for loss prevention; manufacturers want to support real-time quality inspections to avoid costly mistakes and recalls. Lanowitz said that in 2023, she expects to see additional new edge use cases, such as financial services using edge capabilities for real-time fraud detection; real-time inventory management in smart and automated warehouses; and near real-time visual inspections in settings such as passport control at border crossings, or in parking garages for information on available parking spaces.
Such use cases, she wrote in her blog post, “require connected systems from the network layer through to application monitoring/management, and require each component to be secure in order to derive the desired outcome.”
Lanowitz said that she expects to see more focus in 2023 on automation and enforcement of data governance and how to safeguard the increasingly large amount of data at the edge as edge applications increase; and application security as a top priority for businesses who move to the edge—as well as serious discussions about the security of digital twins and biometric information that is increasingly used for personal identification.
More discussion of those details in Lanowitz’s blog post here.
