Looking Ahead: 7 Cloud Native Security Predictions for 2022

Looking Ahead: 7 Cloud Native Security Predictions for 2022

It’s been an incredibly busy year for cloud native and security practitioners! As we wrap up 2021, it’s time to look at what will shape our industry in the year ahead. In that spirit, we asked experts from across the company to share their take on what’s coming next for cloud native security and what to expect in 2022. Here’s our list of the biggest themes and trends to watch in the coming year and beyond.

#1 Severe vulnerabilities will continue to occur

The security threats we faced in 2021 aren’t going to ease up in the coming year. This December, the impact of the Log4Shell vulnerability on the digital infrastructure has been phenomenal, and the long shadow of this crisis — and its cascading effects — will continue to plague the world in 2022. However, this CVE surely won’t be the last. We can expect new severe vulnerabilities to be found next year in common applications or trivial functions. Although zero-day exploits like Log4Shell happen only once in several years, a vulnerability with similar impact could emerge in 2022 due to the velocity of modern development. Organizations that understand the need for strong cybersecurity management to improve their detection and responses will be better poised to weather the next storm.

Michael Katchinskiy, Security Researcher, Aqua’s Team Nautilus Michael Katchinskiy, Security Researcher, Aqua’s Team Nautilus

“Although zero-day exploits like Log4Shell happen only once in several years, a vulnerability with similar impact could emerge in 2022 due to the velocity of modern development.”

twitter_link_icon Share on twitter

#2 Born-in-the-cloud security will replace legacy tools

There will be continued growth of cloud adoption in general, and more specifically the move to cloud native practices and technologies (CI/CD, containers, serverless, Kubernetes). This will replace simply “lifting and shifting” existing applications. This change is rendering older security tools obsolete and requires born-in-the-cloud tools for things such as app testing,network security, runtime protection, and security information and event management (SIEM).

As a reflection of this trend, we’ll see a proliferation of cloud native application protection platforms (CNAPPs), an emerging category of security solutions recently defined by Gartner, to address security challenges of cloud native apps. The prevalence of large-scale cloud native deployments is forcing enterprises to use an approach that covers the entire development-to-deployment life cycle, embedding security controls early in the build and baking them in all the way into production.

Rani Osnat, SVP Strategy at Aqua SecurityRani Osnat, SVP Strategy

#3 Software supply chain attacks will intensify

With the wave of high-profile attacks such as SolarWinds and Codecov, the past year has thrust software supply chain security into the spotlight. Development and build environments serve as easy entry points for attackers who are looking to spread malware across multiple organizations via supply chain attacks. In 2022, adversaries will continue to seek new ways to compromise organizations’ software supply chains to deploy malicious code, infiltrate networks, and gain control over the victims’ systems. To this end, we’ll see more campaigns targeting popular software packages and open source projects.

Assaf Morag, Lead Data Analyst, Aqua’s Team NautilusAssaf Morag, Lead Data Analyst, Aqua’s Team Nautilus

“In 2022, adversaries will continue to seek new ways to compromise organizations’ software supply chains to deploy malicious code.”

twitter_link_icon Share on twitter

#4 Industry will move toward full adoption of eBPF

Linux eBPF technology is revolutionizing the industry’s approach to runtime security, but it’s still not widely accessible. Moving forward, major cloud platforms and Linux distributions will support eBPF by default, making eBPF technology easily available everywhere. For legacy systems that can’t be updated, other open source solutions will fill the gap. Together, this will allow every user to easily adopt eBPF-based solutions.

Itay Shakury, Director of Open Source at Aqua SecurityItay Shakury, Director of Open Source

#5 More organizations will use Kubernetes Cluster API

There's an obvious level of interest in maximizing the savings that organizations can gain by using Kubernetes. One way of doing this is to have large, multi-tenant clusters. However, Kubernetes was not designed for multi-tenancy, so there are a number of areas where it's challenging to design a cluster to allow for hard multi-tenancy. In 2022 and beyond, we'll see more organizations making use of Kubernetes Cluster API, which lets them create groups of clusters and manage them in the same way as applications. For situations requiring strong isolation, I think that the clusters will become the agreed-on security boundary.

Rory McCune, Cloud Native Security Advocate at Aqua SecurityRory McCune, Cloud Native Security Advocate

“In the coming year and beyond, we’ll see more organizations making use of Kubernetes Cluster API to create groups of clusters and manage them in the same way as applications.”

twitter_link_icon Share on twitter

#6 Educating the market about cloud native security will be critical

Staffing and lack of knowledge are two of the biggest challenges for cloud native security.DevOps teams aren’t familiar with security methods,and security isn’t their main responsibility. On the other hand, security teams aren’t familiar with cloud services,Kubernetes, containers, and their respective security risks and countermeasures. Educating the market and moving toward a DevSecOps transformation will be critical in 2022.

Rani Osnat, SVP Strategy at Aqua SecurityRani Osnat, SVP Strategy 

#7 Cloud native security will get prioritized on the CISOs' agenda

In 2022, we will see security teams stepping up to completely own cloud native security. It’s already happening. This means the CISO and his/her direct reports will determine the needs, set policies, and assign roles and responsibilities to everything related to choosing, implementing and running a cloud workload protection platform (CWPP) or cloud native application protection program (CNAPP).  

Rani Osnat, SVP Strategy at Aqua SecurityRani Osnat, SVP Strategy

Stay on top of the latest cloud native trends

With all these trends and more, 2022 is bound to be an exciting time. With evolving software supply chain threats, new attack vectors, further Kubernetes development, and rising eBPF technology to solve many challenges in cloud native security, there’s a lot we’ll see in the coming year.

As the cloud native space continues to move at an incredible speed, stay on top of the emerging trends by subscribing to the Aqua blog and newsletter below.

What are your predictions for the next year? Share them in the comments!

 

Lena Fuks

Lena Fuks is a Product Marketing Manager at Aqua. With a background in public relations for technology companies, Lena now writes blogs, whitepapers, and articles to help people understand the value of Aqua. She is passionate about simplifying complex things and engaging with audiences through storytelling. In her free time, Lena enjoys working out and watching beautiful Mediterranean sunsets.