Steve Jobs famously said, “Let’s go invent tomorrow instead of worrying about what happened yesterday.” If the pace of change is any indicator, the tech industry took that sentiment and ran with it.
We’re at the halfway point of the 2020s decade, one punctuated by massive amounts of change. The Covid-19 pandemic ushered in an evolution in how we work and play, paving the way for innovation at breakneck speeds. In just five years, we’ve seen significant shifts in certain areas of security, in particular. Understanding these trends is key as we move forward into 2025.
1.SIEM is out; security data fabrics are in. The majority of Fortune 500 enterprise organizations we work with have told us they’ve definitively decided to move away from their SIEM. Almost all are moving to a security data fabric and data lake for the myriad cost, efficiency and analytical benefits. Some aren’t sure exactly when, how or if they’ll buy one or build one, but they’ve made the choice to begin this effort.
So, what will happen in 2025? More companies will have a security data lake strategy. Some will build their own, while others will purchase off-the-shelf proven data lake solutions. All of them will have to mature their outlook on security data management and analysis. This is a daunting task for many. One of the things I frequently hear most from companies is that they don’t think they’re “mature” enough to begin making better use of their security data. Unfortunately, this is a problem of “paralysis by analysis.” In 2025, we’ll see more companies seek to help themselves by enlisting the expertise of others who have successfully moved to a security data fabric and lake model. Practitioners who’ve done so successfully will have a bigger voice on the vendor stage, especially since a security data fabric and data lake is often comprised of multiple home-grown or off-the-shelf solution.
2.VPN is out; zero trust is in. It’s hard to find anyone these days who still uses a VPN and isn’t thinking about how to get away from it. With legislation like Executive Order 14028 and other paradigms set for zero trust models, almost everyone seems to realize that the cornerstone of a solid zero trust solution is connectivity that facilitates user access to applications regardless of the network they are on. There are a handful of leading providers of zero trust services, some being pureplay public cybersecurity companies that have mature and reliable solutions. The next frontier of zero trust is bringing into the fold non-standard assets like those for OT/IoT, as well as enabling connections between devices to be performed in alignment with zero trust protocols.
In 2025, we’ll see more companies look to upgrade their solutions to best-of-breed zero trust connectivity models, as well as look to harness data from those solutions for security analysis. Products that leverage exchange platforms to make user-to-application connections may have a wealth of logs that can be combined with other security signals to produce insights on risks and threats.
3.SaaS is not out, but on-premises purchasing models are back. Between 2016-2022, SaaS was all the rage. However, for security, privacy and cost reasons, the largest of enterprises are retrenching on SaaS and looking to keep or repurchase on-premises solutions. Many large companies find on-premises more beneficial from an accounting perspective and, long-term, they often are indeed more affordable. Control of where their data resides is becoming paramount in our ever-changing regulatory environment, especially in the face of some new regulations that may place more accountability on CISOs and companies for security or privacy violations. Those who were holdouts on migrating from SaaS to on-premises are relishing the fact that they triumphed in their assumption that on-premises was a better model for them, after all.
In 2025, we’ll see companies that are exchanging SIEMs for data lakes and retiring older network detection and response (NDR) solutions for new-age methods of network monitoring, place at least the data storage components on-premises, or at minimum under their control, where possible. This will enable them to have better confidence in their ability to protect security and privacy of data that transits these solutions for analytical purposes.
The tech industry is inventing tomorrow so quickly that today is struggling to keep pace – particularly when it comes to keeping digital assets safe. New regulations and new technologies, with both positive and negative implications, always require new strategies and tactics for organizations to thrive. Some of the tools and technologies that have been foundational to enterprise cybersecurity programs for years—SIEM, VPN, SaaS and others—are caught in the midst of a security data (r)evolution that is necessary in the new age of AI-fueled threats and global uncertainty.
Take stock of your current security posture and determine whether security data fabrics, zero trust and on-prem solutions should be part of your security organization’s evolutionary process.
The views and opinions expressed by the individuals herein are their own and do not reflect any official policy or position of Comcast. These views and opinions are provided for illustrative purposes only and Comcast makes no warranties, whether express, implied, or statutory, regarding or relating to the accuracy of such statements.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!
