Developing Trends In Cybersecurity

By   Julien Escribe
Partner and Leader in Digital Practice , ISG | Oct 28, 2021 02:54 am PST

The cybersecurity landscape continues to evolve rapidly, due, in large part, to the way our lives have changed during the pandemic. The push towards digitalisation for many workplaces has increased potential vulnerabilities as enterprises start working with new – and often unfamiliar – technologies.

As the way we work changes, cybercriminals continue to adapt their tactics. The solutions organisations have depended on in the past are not always up to the current job of protecting the enterprise, its customers and their data.

Attacks are becoming more sophisticated. They’re targeting personal identifiable information held by major organisations and governments, and the increased threat is pushing more C-suite executives to review their cybersecurity processes, tools and services to ensure they’re not the next major business in the news for a massive data breach.

Our research shows seven major areas where trends are shifting in 2021.

1. Identity access management: preparing for new forms of authentication

Identity access management (IAM) tools have become more important during the pandemic in conjunction with the surge in working from home. As the remote working trend continues, we’ll see increased demand for IAM providers to enhance their customer experience and provide new solutions to combat new risks.

Modern identity management includes two-factor authentication and multi-factor authentication, but we’re seeing other solutions appear, such as password-less authentication, AI and biometrics. In the future, we could see blockchain become an option for IAM.

We’re also seeing IAM-as-a-service gaining momentum as more organisations migrate services to the cloud, and a surge in zero-trust architectures (which focus on continuous authentication) as more enterprises work in virtual teams.

2. Data Loss Prevention: keeping pace with evolving threats

Data loss prevention (DLP) solutions act as a barrier to guard data from being accessed by unapproved people or systems. They can also report on attempts to remove data and work to classify and monitor data held by the organisation.

As executives become more aware of the significant reputational and financial damage data breaches can cause their organisations, we’re seeing a greater demand for DLP providers. These providers not only need to keep up to date with a host of regulations, they’ll need to adapt their services as new threats arise (including solutions to tackle insider threats as well as external ones).

Organisations – especially those in the process of digital transformation – need to consider the status of their data management before they choose which DLP provider to work with. With this in mind, we’re likely to see more enterprises considering partner-based support that comes with a strong SLA so that they have support always at hand.

3. Endpoint threat protection, detection and response: adapting to workforce changes

As cyberattacks increase in sophistication and traditional solutions like antivirus and firewalls start to be bypassed more often, we’re going to see more organisations working with advanced endpoint threat protection, detection and response (ETPDR) providers.

The rise in virtual working has led to a rise in use of unsecured devices and increased use of things like VPNs to connect to networks. Enterprises need to re-assess vulnerability levels.

We’re also seeing increased vulnerability due to a rise in online activities and changing behaviour of employees. We’re finding that traditional security solutions lack the ability to take a proactive security posture.

ETPDR providers use AI, machine learning, and behavioural analysis to spot potential external and internal threats and vulnerabilities before they cause damage. These solutions automate and manage multiple threat protection, detection and response systems in a single tool.

As 2021 draws to a close, we’ll see more organisations realise they need providers that can offer both scale and expertise.

4. Strategic security services: training to combat the latest threats

There’s a constant drive from enterprise executives to improve cybersecurity resiliency in areas such as risk advisory, governance, maturity assessments and compliance.

They also need a partner or provider that understands the regulatory environment and the range of threats out there – from hacktivists to organised crime. As a result, we’re seeing providers hiring domain specialists and setting up cybersecurity labs to train, experiment, and work on forensic investigation – developing the skills they’ll need to meet client expectations.

As they develop the advanced skills and experience needed to provide exceptional services, more security service providers will introduce strategic consulting capabilities, building on their technical and managed security service practices.

5. Managed security services: increased demand for proactive support

The increase in sophisticated cyberattacks has seen more enterprise executives focus on proactive security management.

In response, managed security services are changing from traditional monitor-and-react models to proactive ones offering defensive and offensive capabilities. Organisations are starting to rely on these providers to coordinate incident response teams, so we’re seeing more cybersecurity and fusion centres spring up; these use the latest tech like blockchain, AI and edge computing to provide multi-layered protection and security management.

The pandemic has accelerated the remote working trend, and it’s unlikely that we’ll go back to the way things were before. Enterprises are dealing with an evolved threat landscape, and they need the support of security providers to navigate this new world.

6. Additional investment in security operation centre (SOC) solutions

We’re seeing clients invest more in internal and external SOC solutions, and the supporting software (SIEM and SOAR) essential for their operation.

Research by the Ponemon Institute confirms the wider trend – organisations know they need to increase investments in cybersecurity, but the cost of this investment is rising steeply. As a consequence, organisations are searching for ways to make greater cost efficiencies and support their teams by taking simple tasks off their plate.

We’re already seeing an upswing in the use of AI technologies as a result of this, and we’re likely to see a greater use of automation as organisations search for further ways to save time and money.

7. There’s a renewed focus on national and European cybersecurity compliance

While cybersecurity compliance is a central concern for most businesses, we’re seeing it develop into a major focus for national defence and security organisations, government departments, essential operators and other companies that operate in strategic or sensitive areas.

We’ll see compliance continue to be one of the main drivers of cybersecurity investment as organisations search for new ways to protect themselves and their customers from cybercrime (and the vast fines that can accompany data breaches).