How Cybersecurity Changed in 2020 and What it Means for 2021
In 2020, bad actors were surfing both on top the wave, as well as navigating under water. We noted a significant uptick in phishing attacks against users, many organizations' security posture was challenged with the shift to work-from-home (aka the “branch office of one).” Later in the year, the Sunburst/Solorigate breach was another validation that targeted cybersecurity attacks will only keep growing increasingly sophisticated.
Now, as much of the world continues working from home, that means company data, networks and employees themselves are vulnerable to multiple pervasive and expanding threats. As the “new normal” has stabilized, it is critical for CISOs and CIOs to stay ahead of the curve and understand the cybersecurity trends that will be prevalent in 2021.
Cybersecurity trends were a key theme during our recent Futures and Insights event. Several of the sessions provide visibility into threats to look out for. Additionally, insights around data usage and transparency, using indicators of behavior-driven analytics and perimeter-less environments are just some of the things to consider this year.
Here’s a preview of three of the sessions I took part in.
Accounting for unpredictability
In 2020, many things changed—not only for daily life but also in the way we work and how secure company assets are while we’re doing it. Remote work has become the “place” where attacks happen. CISOs and CIOs are increasingly responsible for more cloud-deployed services. They are also on the hook to keep data protected from outside threats and from unassuming employees. Now that we’ve had time to reflect on these changes, we must now think through, revisit threat models and prepare to execute on 2021 plans.
In the Preparing for the Unpredictable: 2020, Meet 2021 webinar, I spent time with our Chief Strategy Officer Myrna Soto to discuss the various cybersecurity challenges and the ways in which CIOs and CISOs can be equipped to combat these throughout the year. We discuss the role of contextual knowledge in assessing security risks and the need for a “Zoom of Cybersecurity” that delivers security so seamlessly integrated into applications that people won’t even realize they are being “secured.”
Personalizing approach towards security
SASE, or Secure Access Service Edge, has been a major development in cloud security over the last couple years. As we see more companies embracing a cloud-centric approach to data and collaboration, SASE will definitely be a top priority for CISOs and CIOs, as they strive to ensure security across the estate, be it their own or SaaS apps.
In this webinar, “SASE Success Behind-The-Scenes,” I go in-depth on Forcepoint’s approach to delivering the first ever true data-centric SASE platform. Tune in if you want to hear more about how organizations can take a practical approach to implementing SASE in a modern security environment, the various criteria that must be considered for evaluating SASE solutions and which areas of cloud security make the most sense to invest in.
Sophisticated cyber criminals—nation states in particular—have shown they know their way in and out of almost every environment that exists and have devised very complex schemes that keep many of us up at night. To truly ensure high standards of security, CISOs and CIOs must shift gears and look at cybersecurity from a fresh perspective. One that combines infrastructure security and data-level protection while ensuring users are able to be effective while protected. This is where risk-based approaches and zero-trust models come in.
In the “What If Cyber Security Was Just Created Today?” webinar, I sat down with Hamish Taylor, former CEO of Eurostar and renowned global expert on the human side of cybersecurity and social engineering, Lisa Forte. Together, we talked extensively about what cybersecurity would look like if it were introduced today, and how companies need to rely on modern security strategies to keep critical data and employees protected.
SaaS applications help make companies more agile. But they also create more security risks as they drive new ways of working and make data more distributed. Organizations need to remember with every new touchpoint created, many new threats materialize. In 2021, CISOs and CIOs must dive deep to prevent the compromise of data, networks or their users, all while not forgetting to use the periscope to keep tabs on the distance.
If you are looking for ways to combat cybersecurity threats within your organization or improveyour security environment, I encourage you to check out these and other webinars at our Futures and Insights page.