Identity and Security Trends & Predictions:

2022 and beyond
Trend no. 01

Increased Attacks on Critical Infrastructure

Last April, the cyberattack on Colonial Pipeline thrust infrastructure security into the mainstream. The world learned what CISOs know: modern criminals are brazen, agile, and capitalize on security exploits with ease.

How to respond to this trend:
Trend no. 02

Growing Interest in Cybersecurity “Mesh” Strategies

The evolution of cyberattacks and distributed cloud workloads and applications creates a “perfect storm” for IT leaders, suggests Gartner. These changes require that security professionals “integrate security tools into a cooperative ecosystem using a composable and scalable cybersecurity mesh architecture (CSMA) approach.”

Liking this eBook? Save it for later

How to respond to this trend:
Trend no. 03

‘Go Time’ for
Zero Trust

Last year, we predicted a Zero Trust increase as cyberattacks dismantled confidence in perimeter-based security and a “trust but verify” model for identity access management.

of security and risk professionals expect to begin Zero Trust efforts in the next six months.
Source: VentureBeat
How to respond to this trend:
Trend no. 04

Multi-Cloud Management Mayhem

In a recent survey of public cloud users, 81% of respondents said they are working with two or more providers. “Most organizations adopt a multi-cloud strategy out of a desire to avoid vendor lock-in or to take advantage of best-of-breed solutions,” says Michael Warrilow, VP Analyst, Gartner.

How to respond to this trend:
Trend no. 05

Rise of the Machine…Identities

In a recent security webinar, Forrester posed an unsettling question: “Do you know how many software bots, physical robots, or internet of things (IoT) devices are connected to your network?”

of CISOs and IT leaders say they have an enterprise wide strategy to manage machine identities.
Source: Security Boulevard
How to respond to this trend:
Trend no. 06

Push Towards Passwordless

Last year, more than 60% of data breaches involved stolen credentials – and “credentials are the skeleton key,” explains Gabe Bassett, senior information security data scientist for Verizon Security Research.  Many enterprise accounts, including service accounts, still rely on static credentials. Often, they maintain privileged access to software and processes (and run without operator intervention through automation).

of data breaches involved stolen credentials in 2021.
Source: Verizon
How to respond to this trend:
Trend no. 07

Necessity of Shared Intelligence Initiatives

Despite remarkable technology advances within the cybersecurity industry, threat intelligence (TI) sharing remains mostly ad-hoc – filled with blindspots, disunity, and delays.

How to respond to this trend:
Trend no. 08

Mass Convergence of Identity and Security Platforms

The historical arc of identity in technology is long, but bends toward convergence. In 2022, the merging will intensify, creating new efficiencies.

How to respond to this trend:
Trend no. 09

Demand for Better Third-Party Access Governance

Last year, Morgan Stanley disclosed that corporate client data was stolen in a data breach that involved a stock account maintenance vendor. In April, the infamous hacker group ShinyHunters compromised a third-party identity warehouse and exposed over 56 million KYC data files from Upstox, India’s second-largest stock broker.

How to respond to this trend:
Trend no. 10

Mainstreaming Blockchain in Identity

Fragmented identity, access, and authentication experiences still mark IAM and IGA architectures. To solve this, we foresee mainstream application of blockchain (and decentralized identity) – alongside movement away from more rigid, centralized, and federated infrastructures.

How to respond to this trend:


Saviynt Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access management (PAM) to secure the entire business ecosystem and provide a frictionless user experience. The world’s largest brands trust Saviynt to accelerate business transformation, empower distributed workforces, and meet continuous compliance, including BP, Western Digital, MassMutual, Koch Industries. For more information, please visit

Want to talk to an identity and security expert?

Thanks to Our 2022 Identity and Security Trends & Predictions Contributors

As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting.