Dr. Srinivas Mukkamala is Senior Vice President of Security Products for Ivanti. He was the founder and CEO for RiskSense until Ivanti acquired the company in August 2021. He is a recognized authority in the artificial intelligence (AI) and neural networks communities and was part of a think tank that collaborated with the U.S. Department of Defense on applying these concepts to cybersecurity problems. Dr. Mukkamala is responsible for Product Management for all Ivanti Security products and will continue to drive innovation in integrated security solutions across all company pillars: ITSM, Security, and UEM. Dr. Mukkamala was also one of the lead researchers for CACTUS (Computational Analysis of Cyber Terrorism against the U.S.) and holds a patent on Intelligent Agents for Distributed Intrusion Detection System and Method of Practicing. Dr. Mukkamala holds a Ph.D. and a Master of Science in Computer Science from New Mexico Institute of Mining and Technology.
The past two years have accommodated a significant measure of piecemeal solutions and “we’re doing the best we can.” The onslaught of disruptive forces – a global pandemic, the war on talent, rampant cyberattacks, supply chain issues – don’t feel like they’ve abated, and yet businesses have to find a way to move forward. While we may still have plenty of excuses for reactivity, that doesn’t mean we should lean into those excuses.
Navigating the new business landscape demands bold leadership and a willingness to adopt new trends. And what new trends should you be watching out for? Here are five of them.
Trend: Migration…to the watering hole?
Businesses are scrambling to move to the cloud for resiliency. We’re now living in the world of software and APIs, and on-premises operations have been relegated to legacy status.
This migration to the cloud and reliance on APIs is optimally suited for our current shortage of IT workers since it reduces the human element. The rapid uptick in APIs mean that the vast majority of data transfers today do not involve humans. Rather, it’s machines talking to machines.
The problem: This year, we’re going to see that migration open up a massive attack surface that we haven’t yet thought through. While your APIs are convenient for the sake of migration, they’re also leaving everyone vulnerable.
Think of it like this: Business rely on APIs because they need them in this new landscape, but the attackers know that, and they know exactly where to go. It’s like animals congregating at the watering hole because they need the water. Who else is there? Carnivores. They know exactly where to go to prey on the unsuspecting animals. And access barriers don’t ask “are you going to attack us or not?” In far too many cases, if you have a credit card, you have access.
The moats and perimeters of the past are no longer relevant, and to succeed in 2022, businesses will have to take on the responsibility of discovering, mapping, protecting, securing, and making devices and data available. It’s a big task and requires continuous monitoring of attack surfaces.
As digital transformation ramped up, many IT/security tools were made available to support company’s objectives – but those tools were largely siloed. Each tool delivered within its own niche, but there was a lack of functional interoperability. Every company went out and sourced a siloed tool, often from a dozen different vendors.
In 2022, we’re going to see a convergence of solutions. Businesses are looking for ways to improve continuity, efficiency, and ease of use. That means seeking vendors with multifaceted capabilities that can seamlessly address the entire lifecycle.
The need for convergence is particularly acute in cybersecurity, where businesses with siloed tools struggle to maintain visibility and management across endpoints, applications, and networks. Any disruption in visibility is a critical weakness that makes the enterprise vulnerable to increasingly sophisticated and frequent cyberattacks.
Trend: Solution as a Service
The trend toward convergence doesn’t preclude the need for external support. Instead, we’re going to see the opposite. You’ve seen Compute as a Service and Software as a Service, and now we’re entering a phase of Solution as a Service.
Businesses no longer want to leverage 12 tools from 12 different vendors, but they absolutely want to outsource pain points, and that will ramp up in 2022.
In security, we’ll see an uptick in managed security services. Across the business landscape and in nearly every conceivable department and industry, we’ll see businesses offer up problems and vendors will deliver a completed solution.
We were already moving toward Solution as a Service pre-pandemic, but the war on talent has significantly accelerated this trend. This creates significant opportunity for businesses that are able to address contemporary pain points.
Trend: AI bias
2020 was a year of reckoning when it came to racial bias. There is a long way to go on the human front, to be sure, but there’s another problem that still hasn’t been addressed to nearly the extent warranted: AI bias.
People may assume that software and systems are not racial, but that simply isn’t true. Software is written by humans. The systems are running the software. The systems learn from the trainer.
We’re starting to see that when you look at a global movement around race from a human perspective, it’s very geocentric and takes a long time to spread. But when racial bias is infused into an algorithm, it can have a rapid, global impact. We’re seeing evidence of this in elections, in how aid is distributed, and in a growing number of other examples where data sets were inherently biased.
Researchers are becoming aware of the problem and are working to diversify samples and improve data. This has been coming to a head for a long time, but 2022 must be the year when the world comes to terms with the powerful impact of AI bias.
When you tune the algorithm, you determine the fate of a company serving millions or billions of people who consume that software. Who gets to tune that algorithm? What are their biases? What are their data sets? Which companies can afford an ML or AI Ph.D., so they have a voice to even have an influential algorithm? Whom do those companies benefit? We’ll be asking all of that in 2022.
Trend: AI ethics
It used to be that the people who owned the most oil were the richest. Today, the people who own the most data are the richest. Data feeds the systems and as described above, has a global impact that’s almost impossible to overstate.
And yet, there is one significant difference between oil wealth and data wealth: When the former leaks, the government is quick to hold leaders accountable, implementing fines and regulations. When the latter leaks, the same accountability doesn’t apply.
In 2022, we’re going to see more executives being held responsible for both cybersecurity and data integrity. Optimally, any company adopting AI would undergo a monthly review of who is on the team, how they’re using the data, and how they ensure it’s unbiased and secure.
The bottom line: 2022 is going to be a year when extreme digitization and automation go up against the very human elements of bias and accountability. It doesn’t have to be a battle. The real victors will be those who navigate both sides for the betterment of all.