The Growing Cybersecurity Market
In an article published in TechCrunch recently Kara Nortman shone a light on what’s next for the cybersecurity industry. In particular, the growing opportunities in cybersecurity, that are exploding in this age of multi-cloud, perimeter-less networks. The fact is the likes of cloud businesses AWS and Azure have added $23 billion in run-rate revenue during the last year, she points out, estimating that overall new market value could sit around the $100 billion mark by 2025, bringing the total market value up to around $280 billion. It’s hardly surprising then, that Kara Nortman and Upfront are searching for unicorns – in particular in the areas of:
- Data security
- Zero trust
- Supply chains.
The article challenges enterprises to think of data security as foundational – at the bottom of the stack – versus something you might add onto the top. Data is expanding at an alarming rate and securing it at scale and speed requires “smart passive mapping, along with heuristics and rules to pull the signal from the noise,” she says. This shift in mindset is likely to drive new platform companies in the data security space, as control shifts from the network layer to the data layer.
As a Zero trust solutions provider we are especially interested in the outlook for this area. Zero trust means exactly that: the assumption that anyone accessing your applications, systems and devices could have malicious intent. It’s the founding philosophy of the extensive development we have channeled into Britive’s dynamic permissioning platform, which grants users just in time (JIT) access privileges. These are are automatically revoked on closing the session, leaving zero standing privileges. By replacing credentials allowing always-on, privileged access with dynamic, temporary privileges the attack surface is significantly reduced and cybersecurity dramatically improved.
“We want to back simple, elegant solutions to instill ZBT (Zero Based Trust) elements into common workflows,” says Kara.
Modern software is generally open-source, connected into its environment via public code packages and third-party APIs. This is the supply chain, and attacks directed towards it are called supply chain attacks. Existing security tools can provide some supply chain protection – through security scanning and the automated detection and remediation of misconfigurations, for example. But that’s not enough in a modern multi-cloud world.
The attack that caused so much trouble for the SolarWinds ecosystem started with a tiny altered code, which allowed it to proliferate to 18,000 companies. This brought to light the whole question of how to protect the entire supply chain. And as a member of that chain, how to feel safe from the threat of malicious code being passed down from a trusted vendor. It’s why Kara is predicting supply chain to be another key area of focus for cybersecurity across the next few years.
If you’d like to read Kara Nortman’s article in TechCrunch in full, you can access it here.