Cyber Security Predictions 2021: Experts’ Responses

By   muhammad malik
Chief Editor , Information Security Buzz | Nov 19, 2020 11:00 pm PST

As we are about to charge into 2021, it’s time to ask: so what will happen next year with cybersecurity? We reached out to industry leaders and experts with diverse backgrounds to find out what is the most important ONE cybersecurity prediction for 2021, and below we are detailing the experts’ responses as we are receiving.

Subscribe
Notify of
guest
63 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Craig Ramsay
Craig Ramsay , Senior Solution Architect
InfoSec Expert
December 16, 2021 5:42 pm

<p><span data-contrast=\"none\">Intelligent unification will be a major trend in 2022 in the Identity Management space – in other words, a meaningful convergence of technologies and identity disciplines. Now, more than ever, organizations have a plethora of solutions at their disposal. Maximizing the capabilities and information available to provide a unified and holistic view of identities, their access, and the contexts through which they have the access will be crucial in reducing identity related risk. By breaking down these siloes and sharing information across these boundaries adapting to new identity challenges as they arise will become easier.</span><span data-ccp-props=\"{}\"> </span></p><p><span data-ccp-props=\"{}\"> </span><span data-contrast=\"none\">The sharp uptick in cloud adoption and SaaS offerings will continue across the board, which will make it easier for organizations to increase the services they’re consuming. With this trend in mind, any solution providing Identity Management and/or Identity Governance capabilities must provide versatile configurability to integrate and scale with the future and changing needs of businesses. Combining this configurable flexibility with increased identity analytics means we will start to see intelligent unified governance platforms that enable huge reductions in manual effort in implementing, managing, and interacting with Identity Management processes.</span><span data-ccp-props=\"{}\"> </span></p><p><span data-ccp-props=\"{}\"> </span><span data-contrast=\"none\">This shift to more and more autonomy in these processes is another trend I envisage growing throughout 2022. Right now, Identity Management is stuck in a hybrid of manual and semi-autonomous actions. Whilst there will always be a need for some level of human decision making when it comes to the most critical applications and sensitive data, a unified approach to identity will greatly reduce manual effort. This will be realized through increased automation and intelligent decision support where automation is not suitable.</span></p>

Last edited 1 year ago by Craig Ramsay
Chris Huggett
Chris Huggett , Senior Vice President, Europe & India Sales
InfoSec Expert
January 27, 2021 8:53 am

<p>The cyber security landscape drastically changed in 2020, as the majority of UK&amp;I employees headed home to work. Hackers looked to pounce on an increased number of access points inside our homes on less than ideal remote infrastructure security. We have more devices connected to networks at home and in workplaces than ever before, ranging from smart fridges to energy meters. Its likely many workforces will remain dispersed in 2021, so as the future of the modern working landscape continues to evolve, so too will threats to businesses and employees.</p>

Last edited 1 year ago by Chris Huggett
Mark Ruchie
Mark Ruchie , CISO
InfoSec Expert
January 12, 2021 2:12 pm

<p>The year 2020 put security teams to the ultimate test as once in-person offices quickly transitioned fully remote, with many companies still working from home or in hybrid scenarios as the new normal. The move to remote work only accelerated what we’ve already seen in the cybersecurity space: new IT practices, such as IoT and cloud environments, are rapidly driving the adoption of cryptography-based solutions like public key infrastructure (PKI) to support identity, authentication, and encryption. This not only expands an organization\’s crypto footprint but also broadens the attack surface — highlighting the need for centralized guidance, governance, and tools to manage crypto and ensure better security practices.</p> <p><br />According to Entrust’s 2020 PKI and IoT Trends survey, 47% of IT leaders say IoT is the most important trend driving the deployment of applications using PKI. At the same time, 71% of leaders struggle to understand where sensitive data resides within their organizations. As CISOs build out their strategies for 2021, they can’t underestimate the risks that come with implementing crypto-based solutions, including a lack of visibility and control over this infrastructure which often leads to business disruption.</p> <p><br /><br />Not all businesses have the expertise or internal resources available to establish or even assess an effective enterprise-wide strategy for crypto and PKI. Leveraging external resources and expertise will help organizations uncover hidden crypto, institute best practices to protect assets, and prepare for ever-changing regulations and new requirements. By focusing on building a “Cryptographic Center of Excellence” for their organizations in 2021, CISOs can take control of crypto and mitigate rising threats.</p>

Last edited 2 years ago by Mark Ruchie
Eric Mizell
Eric Mizell , VP of field engineering
InfoSec Expert
January 5, 2021 8:52 am

<p>2020 saw rapid adoption of DevOps tools and practices. Automation and containerization became and continue to be critical for agility, repeatability and scale. As companies look towards 2021, security will be a major focus. Fear of security breaches and potential loss of customer trust will drive security best practices. This shift will take place earlier in the development process and we will see a larger focus on DevSecOps, meaning security will become a first class citizen as part of the software development life cycle (SDLC). Companies that can achieve “zero touch deploy” across infrastructure, software and security will have a significant advantage over their competitors.</p> <p> </p> <p>The impact of this change will streamline the SDLC as trusted digital certificates, code signing and identity management policies and processes will be fully automated. This will speed up innovation and time to market while reducing security related outages and breaches.</p> <p> </p> <p>The impact of this change will require companies to tighten their security practices and policies. This will include cryptology training, awareness and new tooling for better discovery, risk assessment and risk remediation. DevOps and security teams will have to work closely together to automate certificate deployments, code signing and identity management to ensure repeatability and auditability. </p>

Last edited 2 years ago by Eric Mizell
Chris Hickman
Chris Hickman , Chief Security Officer
InfoSec Expert
January 5, 2021 8:48 am

<p>The continued rise of crypto-based exploits using code signing, SSH key and TLS certificates – Administrators often generate their own keys, rather than acquire them from a trusted authority, which raises misuse and visibility risks. SSH key, TLS certificate and code signing-based attacks are becoming more common and more frequent. While we’re also getting better at detecting these kinds of attacks, the trendline shows momentum and the implication of the risks they present, especially as these kinds of attacks can happen at all layers of the stack. Code signing and SSH keys are prevalent with most businesses having more then they need and no easy way to track where they live within the organization. At face value SSH keys seem harmless, but when they fall into nefarious hands, they offer attackers a backdoor to the network.</p>

Last edited 2 years ago by Chris Hickman

Recent Posts

63
0
Would love your thoughts, please comment.x
()
x