This is part of an ongoing 2021 predictions series. We’ve asked top cyber experts to contribute their insights and expertise to provide a look ahead at what the new year may bring to cybersecurity.
2021 at the Macro Level - how have we seen the cybersecurity industry change?
The COVID-19 pandemic and how the public and private sectors have reacted to it drove monumental shifts in culture, business, and technology. As the dust from the initial shock waves settles, it is clear that some people, firms, and industries will excel in the new environment while others will be too slow to adapt.
For the cyber security arena, matters have gone to the extreme. Companies that adapted quickly and enjoyed growth will now have to scale their cyber security operations while also adapting to a new attack surface and risk model. The fundamentals, however, remain constant: it is still hard to recruit talent, there are still too many point solutions, and it still takes only one weak link to bring the entire operation down.
How will Work from Home affect enterprise data architectures in 2021?
Work from home, or WFH, punches holes in companies' defense in depth and will require end-to-end asset security with full business context. WFH started as an IT challenge (dealing with 10X concurrent VPN users) and a productivity boost (10%-20% productivity increase). Once we made it past the initial challenges, we began to internalize that all of our layered security architecture was no longer that layered. There is always that remote employee, with his backup laptop, connecting in the middle of the night to debug a production error on the enterprise data lake. This situation poses a challenge for your traditional layered enterprise security architecture.
The only cyber security solutions that will work in the new WFH environment are those that focus on protecting data assets end-to-end and leverage the full business context surrounding it.
How can cyber security professionals adjust to the digital transformation in 2021?
Cloud-first for data drives cloud-first for cyber security programs. You can move to the cloud willingly or be forced to do so, but, if you are not using the cloud now, you might not be around long enough to get there. The stock market for digital companies is a pretty good representation of this reality.
For cyber security, this reality means a shift in mindset is necessary. Taking the legacy on-prem solution with you to the cloud is too slow and companies will implement the A players of cloud solutions and expect them to also cover their on-prem. The long tail of the program will move from the cloud to the on-prem.
In what ways do you see data governance strategies adapting to changing regulations and advancements?
The evolution in the way data is stored, maintained, and shared in the cloud, and the pressures posed by regulators aiming to increase citizens' privacy caught many enterprises unprepared. Traditional Data Governance programs have failed to adapt to both the rapid changes in technology and the stringent legal requirements. This means the Data Governance market is ripe for disruption, for new approaches, and for vendors to bring a refreshed, lightweight, and universal perspective to data governance. These vendors will introduce new platforms and services to help enterprises focus their efforts on data science and analytics rather than on never-ending compliance, privacy, and security projects.