When it comes to protecting corporate data, the pandemic created a host of new challenges. Employees are increasingly working remotely, and organisations are likely to continue supporting remote work for at least two more years.
To complicate things further, attacks on networks are increasing, and several reports find that remote workers increase corporate security risks. To put it mildly, 2021 has been challenging for many organisations; however, as we look ahead to 2022, some trends are clearly on the horizon.
#1: AI regulation is imminent
With AI regulation coming down the pike, companies will need to take a proactive approach to how they handle the data in their AI systems. To a certain extent, U.S. regulators are dragging their feet on AI regulation, although the White House Office of Science and Technology did publish an Algorithmic Bill of Rights in November.
In all likelihood, the European Union will lead the way. Just as the EU set the gold standard for data privacy with GDPR, it's likely that European legislators will direct the global framework for AI regulation as well. The EU's recent Proposal for a Regulation on Artificial Intelligence ("AI Act" or "AIA") takes a risk-based approach to regulation, meaning that AI systems that cause physical or psychological harm will be banned, and algorithmic decision-making models that are not fair, equitable, and transparent may be fined. Like GDPR, the proposed fines are consequential, as corporate violations can net penalties up to €300m or 6% of annual turnover, whichever is higher.
Undoubtedly, this proposed regulation will eventually affect businesses' AI systems. In 2022, all companies using algorithmic decision-making will need to take a proactive approach, ensuring that their AI systems are explainable and auditable. Importantly, all consumer data being fed to such algorithms needs to be protected and anonymized.
#2: Confidential computing will continue to be popular
Given that bad actors will continue to target AI systems and other networks, confidential computing will also thrive in 2022. Through the use of trusted execution environments (TEEs), confidential computing protects corporate data, even during computation (while the data is in use). These TEEs are secure, isolated environments that offer protection for corporate data at rest, in use, and in transit.
With confidential computing, data isn't decrypted until the absolute last moment, providing a high level of protection for organisations. All major cloud providers have made confidential computing available, and it will become increasingly popular, especially for organisations with a great deal of sensitive or regulated data.
Seeing as bad actors will target life-or-death AI systems, such as self-driving cars, it is vital that these companies give their data the highest level of protection available. As world-renowned AI expertLance Elliothas suggested, self-driving cars' over-the-air updates and patches (OTA) can theoretically be hacked, but computational computing makes the hackers' lives much more difficult. For especially complex AI systems, such as those powering level 4 and 5 self-driving cars, confidential computing is a must.
#3: OpenTelemetry and traceroute tools will continue to be an important component of network latency monitoring
As many companies now operate with a predominately remote workforce, it's as important as ever that networks run at peak performance. OpenTelemetry - the open-source set of tools, APIs, and SDKs that IT personnel use to collect telemetry data (logs, traces, and metrics) - will be supported by nearly all vendors in 2022. Once analyzed, such telemetry data helps organisations improve their networks' performance.
Additionally, traceroute tools, which are used to check connectivity and continuity issues within a given network, will be vital as well. To ensure network efficiency, IT personnel will increasingly rely on both traceroute tools and OpenTelemetry to help deliver fast and reliable services.
#4: Desktop-as-a-Service (DaaS) will thrive
Given the drastic increase in remote work, it's no surprise that DaaS is becoming popular. Although this technology has been around for over a decade, it's seeing a resurgence due to IT personnel managing so many hybrid workers of late. With DaaS, system administrators can provide employees with virtual desktops that run offsite - usually in a data center. DaaS allows IT teams to configure the desktops to their liking; user roles, permissions, and access to various cloud services can all be managed remotely. Importantly, the virtual desktop is separated from the hardware layer on employees' computers, which means that employees can use whatever computers they choose, and IT teams do not have to worry about infecting the corporate network with malware or other viruses from the employees' devices. As the pandemic lingers on, DaaS will continue to be a popular option.
#5: The Metaverse will usher in a bevy of new security and privacy concerns
Due partly to Facebook's recent rebrand, there were over 2.62 million Google searches for the term "Metaverse" in October 2021 alone. It remains to be seen what such marketplaces will look like; however, experts agree that the forthcoming blurring of the virtual and physical worlds will come with a bevy of security and privacy concerns. According to Dublin-based law firm, Matheson, the Metaverse will involve integrated payment systems, biometric data, and an enormous quantity of cross-platform data transfers. From a legal perspective, this sounds like a minefield, especially considering the aforementioned, forthcoming AI regulation.
The Metaverse is daunting from a security perspective, as there will be enhanced security risks, including data breaches, fraud, malware, and other attacks; and from a privacy perspective, it is even more worrisome. Per the Matheson report, the Metaverse captures an immense amount of personal data, potentially including brainwave activity and physiological data.
As these so-called Metaverse businesses come to market, it's vital that organisations employ effective automated threat detection tools. Unfortunately, bad actors are already conducting adversarial attacks in an effort to trick AI/ML engines into executing malware, and the ongoing cat-and-mouse game will continue to evolve in 2022.
Conclusion
On the one hand, AI will continue to help organisations keep their networks safe from cyberattacks. On the other hand, bad actors will also continue to leverage AI to bolster their own attacks. AI regulation is an inevitability, so companies should proactively ensure that their AI systems are transparent, explainable, and as equitable as possible. Additionally, confidential computing, DaaS, OpenTelemetry, and traceroute tools will continue to be popular. Lastly, from a privacy and a security standpoint, the Metaverse stands to bring a host of new challenges; however, hopefully that technology will be slow to enter the mainstream.
