Throughout 2020 we saw organisations underpinned by cloud operations benefit and, conversely, those yet to migrate struggling to respond to imposed change. The benefits of elastic infrastructure and the ability to adapt to market ebbs and flows have enabled cloud-centric businesses to adjust to the difficult times we find ourselves living in.
2021 will see a continued engagement by organisations looking to welcome the benefits of a business rooted within an adaptable environment. However, the protection of digital assets is paramount to these transformative programmes' success. This protection could be facilitated by cloud providers forming partnerships with security vendors to bolster their platforms' defences, or through new cloud-native offerings from independent vendors that plug directly into their cloud environment.
With an accelerated shift to home working due to the events of 2020, organisations have extended the boundaries of their corporate networks into employee's homes. This working practice's associated risk has positioned Zero-trust architecture as an aspirational security model for corporations to adopt, encompassing a 'never trust, always verify' approach to security.
A deeper understanding of the need for stringent access control is increasing interest in 'Secure Access Service Edge' (SASE), defined by Gartner as a cloud-based framework that offers "comprehensive WAN capabilities with comprehensive network security functions". SASE is the convergence of SD-WAN, VPN, and cloud-native network security technology including; Secure Web Gateways (SWG), Cloud Access Security Broker (CASB), Firewall as a Service (FWaaS), and Zero Trust Network Architecture (ZTNA). SASE provides a user-centric approach to help secure digital businesses.
A need for tighter control of access to our network-based resources is fundamental to ensuring service continuity and will minimise the potential threat of user-focused attacks.
Automated Network Detection and Response (NDR) will be a growing demand as organisations look to machine learning based solutions that can augment their small security teams, who cannot keep pace with the increasing frequency and volume of aggressive attacks. Detection-centric security solutions will begin to supplant legacy defences and replace conventional security processes with detection-focused tools capable of performing automated remediation.
Machine-learning based defences appeal to businesses as they span several, and sometimes all, of the NIST framework functions - a model many organisations now regard as the benchmark for evaluating and tracking security posture improvement.
The application of machine learning (ML) will evolve beyond NDR to perform a more integral role in data classification and malware detection through pattern matching and reinforced learning.
Attacks on Operational Technology networks will continue to be a growing trend. Organisations will look to secure these environments to minimise and mitigate the very present danger they pose to business continuity and survivability. Amid a pandemic, what we classify as critical infrastructure extends beyond the conventional list, and many organisations now find themselves providing 'essential services'.
The ability to assess our ICS networks' vulnerability and thereby, the essential equipment they host will be crucial to ensure production is guaranteed, and services continue without downtime. Organisations operating ICS networks and essential services are under increasing pressure to secure and control these operational networks, particularly where IoT and 5G communications integrate into the operational technology space.
The growing use of IoT and mobile devices in the enterprise will push the need for application-layer security to ensure cloud-connected devices and applications that run on them do not pose new attack vulnerabilities.
Businesses will look to capitalise on the adoption of 5G and the lower latency this brings, spawning a wave of video-based security and analytics, and allowing for real-time identification and access control through imagery and machine learning. Coupled with Edge computing, this enables robust AI-driven visual security solutions to be delivered anywhere in real-time.
However, organisations must be mindful that the rapid adoption and global propagation of 5G technology may push unsecured infrastructure into production and rely on under-skilled security professionals to protect it, resulting in potential 5G-related security incidents.
The ongoing Cyber Security Skills shortage will force organisations to focus on security process automation to eliminate repetitive tasks. This technology automates computer-centric security operation tasks based on predefined rules and templates.
Despite the arrival of GDPR in 2018, data privacy continues to be a growing concern. Companies will look to experts to ensure they minimise the potential for data privacy issues and compliance with all appropriate protection mechanisms such as GDPR. New "digital trust" experts will be in demand to help organisations maintain the integrity of all interactions in the business to consumer (B2C) space, either as an extension of or working alongside the Data Protection Officer.
Cyber Insurance will become more a necessity than a luxury as the volume and aggressive nature of attacks increases. Companies will look to bolster defences designed to minimise the risk of a breach, with tools needed for when a breach inevitably does occur. This toolbox will include forensic expertise for deep-dive analysis and financial protection.
The most common cause of a breach is still attributable to employees, whether directly or indirectly. Cyber education will become a much-needed investment as corporations engage in education programmes to ensure their employees are more sensitive to this ever-increasing attack surface. These programmes should blend formal education with targeted testing like phishing traps to test the education programmes are working.