2020 has been an unforgettable year – from a virus upending the world to a sudden shift to remote workforce, we have seen it all. However, our reliance on technology will be more than ever.
The following predictions offer insights into how cybersecurity will evolve in 2021:
By Jason Lee, CISO, Zoom
1. Data protection for the hybrid workforce will become increasingly complex.
- Many companies have embraced a fully remote workforce during this challenging time. Next year, many of these same companies will need to adapt to a hybrid workforce with some employees re-entering the office, and others staying remote.
- Security leaders will need to reevaluate their network security posture, maintain an effective data protection strategy on endpoints, and consider mobile device management (MDM). Corporate network congestion could also become a big issue for companies that have a lot of employees heading back to the office in addition to a large remote workforce.
- Companies with many remote employees will also need to support more endpoints than ever before. Protection of the data on these endpoints will be critical. Programs like BYOD will offer those employees secure access to the tools they need to stay productive.
2. Companies will move toward personal device authentication.
As we continue to practice social distancing in 2021, companies will move away from shared/communal computers, and shift toward supporting employees on their personal devices. Security teams will also need to deploy consistent authentication practices that support both in-office employees and those staying remote. Multi-factor authentication for corporate-owned and/or BYOD-supported mobile phones will be the most popular solution. Additionally, we will see a move toward passwordless access and leveraging other factors.
3. The war for cybersecurity talent will continue to heat up.
- This past year, many companies began hiring cybersecurity professionals remotely–no matter where they live. In 2021, cybersecurity pros will continue to be able to work from wherever they want. In particular, Zoom will continue hiring employees in the office and remotely for its cybersecurity team.
- One of the most effective ways to increase an organization’s security capabilities is to arm its development teams with rich training. Zoo m will be significantly investing in security training for its developers. The company supports continuous learning via secure code training, “capture the flag” competitions, and other gamification techniques to train its development organization on security.
4. The Zero Trust security model will be a primary focus in 2021.
With the Zero Trust model, employees must be authenticated and validated before given access to appropriate applications and the right level of data. As companies look to support a hybrid workforce, this approach will become even more attractive for security leaders, as it provides continuous checks as to whether employees need access at that time to sensitive data. Companies will also double down on endpoint controls to ensure their rapidly growing remote workforce stays secure.
About Jason Lee
Jason Lee is the Chief Information Security Officer at Zoom with 20 years of experience in technology, with a specialization in information security and operating mission-critical services. He was recently the Senior Vice President of Security Operations at Salesforce where he was accountable for the global organization delivering critical end-to-end security operations to customers and employees including company-wide network and system security, incident response, threat intel, data protection, vulnerability management, intrusion detection, identity and access management, and the offensive security team. Before Salesforce, he held the position of Principal Director of Security Engineering for the Windows and Devices division in Microsoft.
Disclaimer
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.
