With the start of the New Year just recently passed, and many Americans still getting used to writing “2022” on things, instead of “2021,” now is the perfect time to reflect back on the year that was. And it’s fair to say that most Americans – especially cybersecurity professionals – would not look back on 2021 with fondness.
While cybersecurity has been a major challenge and concern for the government for decades, the seriousness of the cyberthreat facing all levels of government, critical infrastructure, and our nation’s critical supply chains was laid bare in 2021. The past year was host to massive cyberattacks against essential parts of our supply chain, government agencies, utilities, and other important organizations that play a key role in enabling “life as usual” for Americans.
We saw attacks against food processing companies in 2021, responsible for processing and distributing the meat that hits the dinner tables of many Americans. We saw an attack against a company that operates a gas pipeline in 2021 that caused Americans to hoard gas, which resulted in a temporary fuel shortage. We also saw major software solution providers, whose applications and tools are leveraged by some of the world’s most recognized brands and their IT vendors, breached in 2021, resulting in damage of such scale that we doubtfully know the true scope and severity of the cyberattack, even months later.
But positive steps were also taken to protect Americans in 2021. For example, the Biden Administration issued an Executive Order (EO) on cybersecurity that encouraged federal agencies to put plans on paper to move towards a “Zero Trust” approach to cybersecurity.
That same EO also highlighted the essential role that software vulnerabilities play in many cyberattacks, and encouraged agencies to take steps that align closely with the movement away from traditional “waterfall” approaches to application development towards a DevSecOps approach to application development. The need for this strategic shift in how the government develops software was further reinforced by large, successful attacks against the country’s software supply chain.
Based on the events of the past year, it would seem that cybersecurity and application security are top of mind for the government coming into 2022. But what does that mean for how the government develops software in the coming year? What changes can we expect to see in how software is secured? And what other overarching application trends can we expect to see in 2022?
To find out, we asked Tobi Knaup, the CEO of D2iQ, for three 2022 application development predictions. Here is what he shared with us:
Evolving to meet security threats
The pandemic pushed us further into the cloud, which has made us more reliant on microservices and containers. However, the rapid proliferation of microservices has outpaced the cybersecurity capabilities of most organizations.
In an effort to improve cloud-native cybersecurity practices, organizations will begin to embed security from the very beginning of the development process, ensuring microservices remain secure wherever they are deployed. As organizations become more agile, putting forth a DevSecOps approach from the start ensures microservices are adequately secured.
Continued maturation of Kubernetes:
Following the rapid move to the cloud and years of proven ROI in smaller-scale projects, Kubernetes will continue to spread within mainstream enterprises in 2022. Kubernetes will take a vital role in the enterprise platform tech stack, as new use cases such as machine learning, edge computing, and IoT become more broadly adopted.
Organizations are scaling and expanding Kubernetes deployments to meet emerging business needs while driving innovation. DIY internal technology platforms are migrating to Kubernetes as a Service as organizations move from deployments to production environments.
Growing Kubernetes adoption will also place more stress on developers and architects. For instance, our annual survey of developers and IT leaders found that 23 percent of developers feel burnt out from working with Kubernetes. The right technology and training will be required to effectively manage production-scale Kubernetes workloads. Investments in infrastructure, training, and resources will increase to combat the burnout rates to ensure organizations realize the full potential and impact of Kubernetes.
Without the right technology and expertise in place, complexity challenges will kill Kubernetes deployments in Day 2 production environments.
The marriage of cloud and edge:
While both edge and cloud computing have been the subject of prediction discussions for years, we can expect to see a marriage between the two technologies driving better decision-making and operational efficiency in 2022. Organizations will marry the real-time capabilities of edge with the limitless scale and endless storage in the cloud.
Accelerated digital transformations have led to more distributed IT infrastructures, requiring further support at the edge, while the computing power of the cloud is needed to advance artificial intelligence and machine learning. Combining both cloud computing and edge computing enables organizations to more quickly adjust and execute strategies in response to market and competitive changes.
Having real-time data from the edge as well as the historical data from the cloud will enable more intelligent decision-making and more seamless operations.
To learn more about D2iQ and its DKP Kubernetes platform, click HERE.
