What Does 2022 Hold For Your Cloud Security Practice?

The end of the year is upon us and as we face the approach of a new one, we’re thinking ahead and reflecting on the state of cybersecurity. For us that means predictions.

It’s become a tradition for teams to pause, take a breath, and look forward with the goal of helping others understand what they could be facing next year. Managing your business and its data is a constant challenge and the stream of new threats, technologies, and projects to keep tabs on never seems to slow down.

Cybercriminals Continue Unabated

Lacework Labs has published their predictions based on their research, experience, and unique data sets. The high level takeaway will surprise no one.

Cybercriminals will increase their efforts with a strong focus on the cloud.

And why wouldn’t they? Cybercrime is a low risk, high reward criminal activity. Yes, some criminals have been arrested and others shut down. But there are relatively few arrests and fewer still convictions of cybercriminals.

The team’s predictions go into more depth so please take a few minutes to read their full forecast for the year.

Knowing that risks are on the rise, I wanted to focus on what we do next. What are we, the security community, doing to counter these moves? How are we reducing the overall risks to our organizations?

Businesses Build Faster

Defenders have a hard job. Cybercriminals aren’t the only ones doubling down on their success. Businesses have seen great success with digital transformation initiatives and this has changed their approach to IT for the better.

By adopting a DevOps philosophy, builders are solving customer problems faster. And these solutions are usually better than previous efforts!

The concept of “stop throwing things over the wall and start working together”, shouldn’t be as disruptive as it is. However, businesses and IT are grateful for the changes. IT service delivery is reaching new heights thanks to this work.

If we combine that with the rate of change in the cloud, we start to understand the benefits for business. The big three cloud service providers are constantly releasing new features.

Teams are collaborating more. They are working faster and there are more technologies available to work with. Taken together, this has created a boom cycle for solving business problems.

Defenders Adopt Modern Practices

The increased business success is putting extra pressure on defenders. They have to keep pace with cybercriminals and organizational change. That’s a tall order for a team stuck in fire fighting more. A team that’s struggling to keep up with their current responsibilities.

I say that not to disparage the security community after all we’re here because of thirty years of logical decisions and thirty years of technology changes. We need to accept that and address these challenges.

That’s why I expect that we will see huge changes in how defenders run their security practices. In the coming year, defenders having the most success will focus on three areas;

  1. Creating a culture of security thinking
  2. Automating security tasks
  3. Driving security decisions with data

Security Culture

We’ve heard that “security is everyone’s responsibility” for a long time. The security community hasn’t done enough to make that a reality.

This year that changes. And not in the “this is the year of Linux on the desktop” type of way.

Teams are more effective when they have ownership over a system end-to-end. That ownership needs to include the security aspects of a system too!

Teams building and running a system are ideally positioned to make informed decisions about security. The security team needs to educate those teams and provide support to help that become a reality.


Security practices haven’t kept up with the rest of the business and there are a lot of logical reasons for that. Chief among them is that we’re constantly fighting fires. It’s time to put a stop to this reactive approach by relying on automation. Doing this will help you gain more time to modernize your practice.

Working in the cloud means that everything is available for automation. There are so many opportunities to lighten your immediate workload. This will help improve your organization’s security posture.

Start with a simple task you do often. Then tackle the next. And the next. Before you know it, you’ll have a strong runbook and playbook driving your security practice.


The third area to focus on is data. The wealth of data available in cloud environments can be overwhelming. You’ll want to make sure you have strong tooling in place to help you.

But once that analytical and data management tooling is in place, watch out. The insights you can draw about not only the current state of your environment are amazing. But that’s just the first step. With all of this data driving your decisions, you can start to model it to find complex interactions and even predict future states.

Use this data to drive better decisions, prioritize your efforts, and help your organization reach new heights.

What’s Next?

Take a few minutes to dive into the details of the Lacework Labs predictions. Use them to inform your decisions about what types of security controls you should implement in the coming year.

To go even deeper, watch the replay of the live stream I did with the team over on the Lacework LinkedIn page.

For a broader industry view, Úlfar Erlingsson (Chief Architect, Lacework), and I will be discussing the team’s predictions and the future of cloud security today. From the threats, the challenges, to the business opportunities. You can sign up to watch live or on demand.

Copyright 2021 Lacework Inc. All rights reserved.