The year that has been 2020 has been a cornucopia for cybercriminals who have been able to feast off an extended attack surface, a weakened edge, and networks under enormous strain. If this was the Hunger Games, it could be argued that these criminals are currently running with the advantage. Still, the truth is that 2020 has jolted a security reality that will have longstanding consequences in 2021 and beyond. A reality that could quickly turn the tables in favor of security professionals if organizations change their approaches in the following key areas.
By Tim Woods, Vice President of Technology Alliances, FireMon
Cloud, SASE, and Software-Defined Everything
Starting with the cloud is a bit like stating the obvious. Still, no one could have bet on the sudden and sharp upwards trajectory the cloud has taken, in part fueled by the swift and dramatic shift to work from home (WFH) models resulting from the global COVID-19 pandemic but also because of a changing customer service dynamic. Instead of ruminating on what to scale to the cloud, CIOs are now chewing on how they can best manage hybrid and multi-cloud environments, while CSOs are being urged to develop a plan to secure them.
Workload migrations to the cloud will continue to grow through 2021, which means that cyber cloud attacks are going to increase. It is a simple dynamic of supply and demand. Networks will continue coming under scrutiny, and efforts to secure the employee edge along with the intelligent edge must become a priority. The key to securing this will lie in adopting Secure Access Service Edge (SASE) solutions and a zero-trust approach to security everywhere.
Yes, Gartner is cautioning clients to beware of slideware and marketecture in the SASE market. Why? Because some vendors are rushing solutions to market that don’t reflect a true cloud-based delivery-as-a-service model. We, however, foresee that 2021 is going to see maturity in the SASE market. The promise of a security fabric woven into an SD-WAN is far too attractive to overlook. We anticipate that vendors globally are going to push R&D into ensuring improvements in this area.
A trend we anticipate continuing from 2020 and accelerating into 2021 is the purchase of SaaS-based Identity Access Management (IAM) and Identity Governance and Administration (IGA) systems.
User Monitoring to Secure Data
Data is the new “oil” for businesses, which implies it needs to be as closely guarded. We have also evidenced a surge in online retail, digital logistics capabilities, and the intelligent edge’s growth beyond just IoT. This has resulted in a data explosion, and data lakes are now being exposed to access from devices outside of the corporate network, making them a soft target.
According to Forrester VP and principal analyst Chase Cunningham, companies that do not embrace some form of user monitoring will be out of business in the next 20 years as their intellectual property is compromised and exfiltrated. Now, if we factor in that security companies have reported a massive spike in phishing attacks, some more than 600x, just since the beginning of COVID – we can assume that the expanded attack surface has made easy pickings of data.
Data security and data policies will need to become more stringent, and CSOs will have to become more aligned to HR, management levels across an organization, and risk officers to ensure these policies are enforced. Without adequate data management, the compliance compound will be breached. We anticipate that in 2021 we will witness some record penalties levied to companies who fail in this area.
Embedded Security from Container to App
The use of containers is exploding, and Global Market Insights, Inc. claims the overall market will cross a $2.4 billion valuation by 2024. This is driving demand for container-level security policies and ModelOps, where security is baked into each application at the start of development. This will add to the zero trust efforts embraced by CSOs, and when effective SASE solutions are deployed, we will start to evidence the efficiency of intrinsic and software-defined security.
Aligned to this, automation will flex its muscles as businesses facing budget constraints, the prospect of a recession, and flat markets will need to stretch each dollar. But as much as automation will move up the needs list for businesses, it will herald in new risk factors. Again, raising the need for pervasive security that is baked into processes, applications, and containers from the start.
Remote is the New Default
Remote access to the cloud, remote system management, remote monitoring, remote working – is officially the new normal. The pandemic may have driven us into our homes, but how users have embraced the change and the rapid digitalization of services and march to the cloud will see a continuation of remote working.
With this shift, security agility will be the new frontier as workforces evolve alongside the lessons learned from the pandemic. As a result, security professionals will be taking those learnings and start formalizing more stringent policies with regards to remote everything, which again lends itself to zero trust and SASE approaches being effective combative approaches.
Places of learning will also need to start looking at tighter controls for remote learners from schools, colleges, and universities. The more remote access is granted, and the number of devices accessing a network or the WiFi expands so does the attack surface and proffers additional avenues into the network. Edge devices in this new remote topology will require a heightened security focus to clamp down on the threat potential.
Finally, all the above will be put under enormous pressure from the global security skills shortage. Upskilling security professionals is a constant need on any predictions list – but it will reach peak levels in 2021 as cybercriminals make a meal of vulnerabilities using advanced technologies such as ML and AI.
There is still no certainty about the impact and long-term effects of the rapid technological changes in 2020. Yet, there is some comfort in the fact that the advancements we have seen in the security industry are coming together to finally create the view that all security must be viewed as holistic and centralized. We might not be going back to digging moats, but we will be building more impenetrable fortresses.
About the Author
Tim Woods is the Vice President of Technology Alliances at FireMon. A security professional with over 20 years of experience, Woods believes in raising awareness and educating people on new and emerging technologies. He is known for his leadership and building strong teams with a commitment to growth. Woods is also an ISSA member.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.