After a two-year hiatus, the Gartner Security and Risk Management, London is back! I had the privilege of attending a number of sessions, spending time talking with analysts and digesting some of the latest cybersecurity trends and strategies, including the Top Cybersecurity Predictions for 2022-2023 from Gartner. Two themes that stood out to me were security service edge (SSE) and extended detection and response (XDR) Below are some of my key takeaways from this year’s conference.

My first interaction with a firewall was with a TIS Gauntlet that I compiled on a Sun workstation in 1994. Since then, I have worked with firewalls from Checkpoint (back when configuration files were clear text flat files and they only had support out of their headquarters in Israel), Raptor, Pix (when they booted from a 3 ¼” floppy), and finally the Cisco ASAs, FortiGates, and Palo Alto firewalls of today.

Modern organizations are built on data. It enables collaboration and helps us engage with customers. But that same helpful data is also sprawled across countless apps, making it difficult to secure. Ransomware attacks are on the rise — 57% of security leaders expect ransomware to compromise their organization within the next year — which makes data protection more essential than ever.

Many of today’s security tools are built to secure cloud services. But we need to keep in mind that many organizations still require configurations that don’t have direct connection to the cloud. Organizations that have numerous branch locations — like convenience stores, school districts and banks — often use a software-defined wide area network, or SD-WAN.

The education systems, including K-12 school institutions, are in the crosshairs of increasingly frequent and sophisticated cyberattacks. In just one month of 2021, educational organizations suffered more than 5.8 million malware incidents. Teachers, administrators and students are also targets as they use various devices such as laptops and smartphones to browse social media or send messages with friends and family.

It seems like every week another household brand announces that they’ve been the victim of a data breach. Recently, cloud communications company Twilio announced that its internal systems were breached after attackers obtained employee credentials using an SMS phishing attack. Around the same time, Cloudflare, a content delivery network and DDoS mitigation company, reported that its employees were also targeted but their systems were not compromised.