This is part of an ongoing 2021 predictions series. We’ve asked top cyber experts to contribute their insights and expertise to provide a look ahead at what the new year may bring to cybersecurity.
Cequence Security leadership team weighs-in on 2021 predictions:
Subbu Iyer, Vice President of Product, Cequence Security - “In 2021, enterprises will accelerate creating Digital Centers of Excellence to manage their holistic API security programs. API security will not just have ramifications on the CISO’s charter, it will affect every touchpoint that consumers have with the brand, including mobile apps, websites, customer experience apps, chatbots, etc. These digital centers of excellence will quarterback API security rollout for the organizations with DevOps, CX, AppDev and other teams as key stakeholders.”
Shreyans Mehta, co-founder and Chief Technology Officer, Cequence Security - “With the pandemic forcing businesses of all sizes in most industries to shift to online business models, hackers will have much more fertile ground to operate. Understanding the shift here will be critical to preventing malicious attacks. As consumers have adopted more mobile apps, stores, restaurants – and even healthcare providers – will be forced to incorporate the convenient features of an app into their physical experiences, whether in-store, in-restaurant or in-office. This will require businesses to open up more APIs into their traditional point-of-sales, inventory and healthcare applications, thus expanding their risk exposure. The attacks may take the form of data breaches or account takeovers, but they also may materialize as new forms of attack. This will include denial of inventory, snatching up of delivery windows or appointments, content scraping, or malicious social media content manipulation. To help prevent this, organizations need complete visibility into their APIs so that they can find and mitigate security risks before they are published or discovered by attackers.”
Ameya Talwalkar, co-founder and Chief Product Officer, Cequence Security - “With the commercialization of bot creation tools, the prevalence of proxy networks for sale which make it easier for bots to hide in normal traffic and the advent of “bots as a service” it becomes ever more important for retailers to understand what the intent is for each transaction in order to separated automated shopping from legitimate. In 2021, it will be crucial for retail organizations to protect APIs and web applications from automated bot attacks to achieve two end goals. First, loyal shoppers must be given a fair opportunity to purchase their favorite product, through the normal, human- not automation-based process. The second end goal of bot prevention is to control infrastructure costs and complexity caused by massive (automated) traffic spikes that can mimic denial of service attacks, in some cases, bringing web sites down and diverting significant resources from other projects.”