This is part of an ongoing 2021 predictions series. We’ve asked top cyber experts to contribute their insights and expertise to provide a look ahead at what the new year may bring to cybersecurity.
Mike O’Malley, Vice President of Strategy, Radware:
As we near 2021, we see that the pandemic and subsequent economic shocks have spawned innovation leaps, including large steps forward in the cloud and edge deployments. Longtime businesses are reinventing themselves as contactless online-only experiences. Doctors are rapidly expanding virtual visit capabilities. Fast food restaurants are piloting “Go Mobile” concept restaurants with orders via Mobile API, offering no dining, extra drive-thru windows, and delivery options. Manufacturing floors are adding IoT robots and sensors to enable cheaper, more agile, and contactless production.
This massive shift to the clouds and edges will continue through 2021 and beyond have a major effect on enterprise security. Web-scale (ex. AWS, MS Azure, Google Cloud) and service providers (ex. Verizon, Vodafone, NTT) are in the process of decentralizing their clouds and distributing the intelligence and computer resources to the edge of the network, closer to the customer. Benefits include real-time/low-latency applications, smaller lower-cost endpoint devices, localized data storage to meet regulatory requirements, increased security and privacy, to name a few.
Impact on the Cloud
As Radware discovered in its 2020 C-Suite Research, enterprises are rapidly moving to a cloud-based API economy where more and more applications are run in the cloud, accessed via APIs, and require a Zero Trust Security model. Here, each user accessing information is on the outside looking into the cloud whether they are employees, customers, or bad actors. In this model, each user and application flow must be authenticated and then studied for intent to determine that they are not abusing access to information or exfiltrating data independent of whatever public cloud is being accessed. Within this complex threat surface area, every API needs to be monitored and secured.
Impact on the Edge
Clouds are becoming decentralized and being pushed to edges for increased speed and reduced latency. On the edge, web-scale and service providers are creating Secure Access Service Edges (SASE) to host these super responsive applications. In a mobile environment, these could be Mobile Edge Compute (MEC) nodes delivering ripping fast virtual reality gaming via 5G. In a business environment, these could be SASE point of presence combining security and SD-WAN into one software configurable, scalable service providing a full suite of traffic engineering, throughput, and security services for enterprise applications. This approach gives businesses a simpler, cheaper, and more efficient way to provide secure and available access across all applications. The challenge is that the edge/5G combination creates an environment in which mobile and IoT devices connected can launch attacks just as powerful as if they were wireline based, something virtually unheard of before.
Protected by the proper security, these new combinations of API-driven cloud access for all applications with faster and more efficient edge nodes will result in more responsive and secure networks. They will be able to monitor users and behaviors closer to the edge of the network and mitigate risks earlier before threats penetrate deeper into the networks. Consumers and businesses can also expect better user experiences.
But because of new risks brought about by these changes, expect that 2021 will see large-scale successful attacks where the deployment of cloud and edge nodes outpace companies’ ability to secure them as they roll out. The new attack surface is so large and complex, organizations won’t be able to hire enough security engineers in real-time. As such, they’ll need more automated tools that can identify and block bad actors. And because organizations are at different points of cloud, edge, and 5G rollouts, they’ll need to choose a security framework that can provide the same level of security throughout the transformation to ensure consistency across the journey.