Emerging Themes in Cybersecurity – 2022

15 February 2022

By The First In Team      


In 2022, we believe there will be significant innovation and opportunity in now core cybersecurity sectors that were “new” just a few years ago. These include zero trust, counter-phishing and cloud security. At the same time, we highlight newer cybersecurity sectors to include operational technology (OT) cybersecurity, web3 security, and threat-informed defense. Other sectors, such as cybersecurity for small- and medium-sized businesses, remain relevant and a focus for First In and will be covered in future articles.


The Evolution of Zero Trust

The concept of zero trust – that organizations should abandon the dangerous belief that security perimeters can be trusted and instead assume that their systems have already been infiltrated – was an important paradigm shift in cybersecurity. We believe zero trust will continue to evolve in new ways. A new slate of companies with solutions that build on first generation zero trust companies have emerged and are building at early stages.  In a zero trust architecture, continuous user authentication, authorization, and validation are necessary to grant and maintain access to protected resources, rather than organizations trusting that their networks are secure. As such, security teams must adopt new security models and enable solutions based on workloads, data, and identity awareness. This evolution will create opportunities for new solutions that focus on each element of zero trust, as well as product suites that better enable collaboration across enterprises.

Zero trust is a key driver of opportunities in the network security market which Gartner estimates will grow at a 14% CAGR over the next three years to $57 billion in 2024.


Advances in Identity Protection   

Identity protection and authentication (IAM) directly ties into the zero trust framework by serving to authenticate, authorize, and validate users’ identities within networks. The segment is an area that has already started to experience rapid growth and technological progress as workforces shift to remote structures and individuals become increasingly reliant on personal devices. Legacy IAM focused on passwords, but the segment has evolved to meet the challenges of networks’ growing complexity and structures, including biometric authentication and cloud architecture.

The IAM market is large at $23.7 billion and is expected to grow with considerable momentum at 11.5% CAGR to $32.8 billion by 2024. Going forward, passwordless authentication based on biometric authentication has the opportunity to be a prime driver of growth.  Another key driver will be the subsegment of cloud IAM, which is expected to grow to $16.2 billion by 2027 at a 26.7% CAGR.


Counter-Phishing Beyond the Inbox

Despite the increasing complexity and scope of cybersecurity needs, the fundamentals remain as important as ever. The basics of security, however, are often overlooked. Counter-phishing defenses are a prime example of an overlooked security technique in need of new approaches, especially as attack surfaces become more complex. Deloitte estimates that 91% of all cyberattacks begin with a phishing email and that 32% of all successful breaches involve phishing techniques. Moreover, over 50% of phishing breaches occur via social media, outside of the traditional corporate inbox, while almost 70% of employees fail basic cybersecurity quizzes. Despite these conditions, legacy counter-phishing tools are reactive, scanning for malicious URLs based on previous attacks that have already occurred.

The spear-phishing market alone – a subset of phishing that targets specific rather than broad accounts – will grow to $1.9 billion at a 9.5% CAGR between 2020-2027. We believe startups in the broader counter-phishing segment have a real opportunity to bring innovation to this sector.


The Next Generation of Cloud Security

Next generation cloud security is primed for continued innovation as cyber threat landscapes evolve and new attack surfaces are exploited, especially at the infrastructure-as-a-service (IaaS) level. Relatively new entrants have grown strongly since the start of the Covid-19 pandemic, when workforces shifted to remote structures en masse for the first time. Though Covid-19 accelerated the shift to cloud network infrastructures, however, the basic trend of enterprises migrating to the cloud had already begun beforehand and will continue to do so. One outcome of the rapid transition to cloud infrastructures has been a less organized and more complicated ecosystem for enterprises to manage. Whereas organizations had deliberately planned cloud migrations in the years leading up to the outbreak of Covid-19, the rushed transition during 2020 and 2021 has produced a mixture of multi-cloud and on-premise/cloud hybrid systems. It is now estimated that 92% of enterprises use a multi-cloud strategy, 78% use hybrid cloud infrastructures, and have, on average, 2.6 public and 2.7 private cloud systems.

The cloud security market is currently at $34.8 billion cloud security market and is expected to grow at a 14.2% CAGR.  Significant room still exists for innovation and startups focused on the next generation of cloud security, especially as cloud IaaS offerings evolve into new forms in need of new security solutions.


Operational Technology Cybersecurity

Operational technology (OT) cybersecurity will become a pressing issue as geopolitical and cybercrime events alike produce threats for critical infrastructure. Nation-state threats are evidenced by the ongoing government warnings of likely cyberattacks and spillover effects of cyberattacks. Recent examples include the breach of the New York City MTA by hackers with suspected links to the Chinese government this past summer. The Colonial Pipeline ransomware attack of spring 2021 likewise demonstrates the high financial costs for companies of cybercrime, as well as the harmful effects for society as a whole.

The market is still early in its development, with venture funding preceding growth in overall market size. Venture funding in OT/IoT increased 266% year-over-year (YoY) in 2021, with seven of the year’s 11 largest cybersecurity investments produced in the segment.


Threat-Informed Defense

Similar to zero trust, threat-informed defense (TID) is still in development and in the process of being defined for the cybersecurity market. TID was conceptualized by MITRE and “applies a deep understanding of adversary tradecraft and technology to protect against, detect, and mitigate cyber-attacks. It’s a community-based approach to a worldwide challenge.” TID goes beyond the crowded threat intelligence market to test organizations’ security capabilities against known threats and expected attack strategies at a tactical level. Whereas threat intelligence seeks to provide customers knowledge and visibility into threats, TID aims to operationalize cybersecurity capabilities based on adversaries’ known attack vectors through constant and iterative security team simulations and on the assumption that no cybersecurity solution is breach-proof. Given its proactive posture to defense, TID is likely to be a fast-growing next generation and evolution of threat intelligence solutions.


Security for Web3

Web3 is based on the architecture of decentralized applications (“dApps”) managed by blockchain, network nodes, and smart contracts. While many advantages flow from the dApp architecture of web3, security trade-offs have emerged, such as vulnerability to open source software supply chains in the absence of an organizational decision-maker. Log4j clearly highlights such a vulnerability that can be exploited. The high upside potential of web3 and an ambiguous future that is still being molded led to web3 security startups attracting over a 10x YoY increase in venture investments in 2021, totaling more than $1 billion in venture investments.  The overall market is still very early and we assess it will grow rapidly over the next few years.



  • Rose, Mitchell, and Connelly. SP 800-207: Zero Trust Architecture. U.S. Department of Commerce National Institute of Standards and Technology. August 2020.
  • Turner, Steve. “Zero Trust Is Not A Security Solution; It’s A Strategy,” Forrester. 18 February 2021.
  • Cunningham, Chase. “A Look Back At Zero Trust; Never Trust, Always Verify,” Forrester. 24 August 2020.
  • Appgate, Inc. S-1 Filing with the U.S. Security and Exchange Commission. 28 January 2022.
  • 2021 Annual Information Security Update. Pitchbook. 31 January 2022.
  • “The Worldwide Cloud Identity and Access Management Industry is Expected to Reach $16.2 Billion by 2027 – ResearchAndMarkets.com,” BusinessWire. 09 December 2021.
  • “91% of all cyber attacks begin with a phishing email to an unexpected victim,” Deloitte press release. 09 January 2020.
  • Global Spear Phishing Markets Report 2021-2027, BusinessWire. 21 July 2021.
  • Flexera 2021 State of the Cloud Report. 2021.
  • “Global Cloud Security Market (2021 to 2026),” BusinessWire. 05 August 2021.
  • “Focal Points: Threat-Informed Defense.” MITRE.
  • Metinko, Chris. “Venture Investment In Cryptosecurity Jumps 10x Over Last Year As Sector Hits Sweet Spot With Venture Capitalists,” Crunchbase News. 17 August 2021.