Cyber Security Predictions 2021: Experts’ Responses

As we are about to charge into 2021, it’s time to ask: so what will happen next year with cybersecurity? We reached out to industry leaders and experts with diverse backgrounds to find out what is the most important ONE cybersecurity prediction for 2021, and below we are detailing the experts’ responses as we are receiving.

Notify of
63 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Abhijit Ghosh
Abhijit Ghosh , Co-founder and CEO
InfoSec Expert
November 20, 2020 10:22 am

In 2021, we will see more organizations continue to increase reliance on cloud computing, and thus need to employ new cybersecurity paradigms to better protect themselves in that environment. Because of this, in the new year, it is anticipated that organizations will rely on technologies such as XDR, which eliminate guesswork and instead deterministically combine individual findings with causal sequencing of all events across the infrastructure to understand the precise attack progression in real-time.

Last edited 1 year ago by Abhijit Ghosh
Patrick Harr
Patrick Harr , CEO
InfoSec Expert
November 20, 2020 10:24 am

In 2021, we anticipate seeing explosive growth in the number and types of phishing attacks. Beyond the commonly understood phishing schemes perpetrated incorporate email, we’re seeing a dramatic increase in attacks across business collaboration platforms including Zoom, Skype, Teams, Box, Dropbox, and Slack. Mobile devices are particularly vulnerable; our SlashNext Threat Labs have seen a 600% increase in SMishing attacks in 2020 over 2019.

Last edited 1 year ago by Patrick Harr
Sudhakar Ramakrishna
InfoSec Expert
November 20, 2020 10:26 am

In 2021, cloud replication will replace data center replication. The cloud is no longer just an inexpensive storage option for enterprise data. Enterprise IT organizations are realizing the importance of resiliency – to spin up access in the cloud if their datacenters become unavailable or to protect from cyberattacks with an air-gapped copy in the cloud. In 2021, many companies will stop mirroring their data across datacenters and instead put a second copy of their data in the cloud. This cloud replication ensures that data is recoverable if a site goes down, a company gets hit with ransomware, or if users need to spin up some capacity in the cloud and want to access some of the data there.

Last edited 1 year ago by Sudhakar Ramakrishna
Adam Caudill
Adam Caudill , A Principal Security Engineer
InfoSec Expert
November 20, 2020 11:15 am

Don’t Get Complacent… Nation States Will Keep Attacking: Just because no overt attacks impacted the election does not mean we can be complacent. In 2021, state actors will continue their nefarious campaigns, from hacking and leaking to data theft and disinformation campaigns. This means that even companies that wouldn’t normally be a direct target for a state actor could become collateral damage. For instance, China, Iran and Russia have been accused of trying to steal research data on a coronavirus vaccine. Universities, pharmaceutical companies and defense contractors are also targets. It’s unlikely that a vast majority of companies will be direct targets, but the consequences of an indirect attack can be severe. With more aggressive tactics becoming commonplace, the impact and risks are growing, and we can’t afford to let our guard down.

Last edited 1 year ago by Adam Caudill
Thom Langford
Thom Langford , Analyst
InfoSec Expert
November 20, 2020 11:20 am

Deep fake videos will, at some point in 2021, be used to exfiltrate money from an organization by fooling someone that they are talking to a senior executive of the company that they know. The technology isn’t quite there yet, but it is only a matter of time, and with home working and video conferencing the norm now, criminals will already be investing in the technology to make it cheap and effective for them.

Last edited 1 year ago by Thom Langford
Professor John Walker
Professor John Walker , Visiting Professor
InfoSec Expert
November 23, 2020 6:32 am

The dark science of OSINT will start to be used as a proactive mechanism to predict the future potentials of attack vectors; and will see an increase in its use to locate the existence of the unknown unknowns which are lurking within a companies posture of unknown insecurity.

The conventions of the approach to Cyber Security will thus see a move away from the over use of tick-box based governance and compliance, and will see the emergence of the back to basics Cyber Security Professional with their toolbox come back into the centre of the big cyber fight.

Last edited 1 year ago by Professor John Walker
Steve Morgan
Steve Morgan , Founder of Cybersecurity Ventures and Editor-in-Chief at Cybercrime Magazine
InfoSec Expert
November 23, 2020 6:42 am


If it were measured as a country, then cybercrime — which is predicted to inflict damages totaling $6 trillion USD globally in 2021 — would be the world’s third-largest economy after the U.S. and China.

Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.


A 2017 report from Cybersecurity Ventures predicted ransomware damages would cost the world $5 billion in 2017, up from $325 million in 2015 — a 15X increase in just two years. The damages for 2018 were estimated at $8 billion, and for 2019 the figure rose to $11.5 billion.

The latest forecast is for global ransomware damage costs to reach $20 billion by 2021 — which is 57X more than it was in 2015.

We predict there will be a ransomware attack on businesses every 11 seconds by 2021, up from every 40 seconds in 2016.

Last edited 1 year ago by Steve Morgan
David Elmaleh
David Elmaleh , Product Manager
InfoSec Expert
November 24, 2020 10:01 am

The democratization of machine learning will equate to smarter attacks that are harder to defend against and stop. Sophisticated attackers will engineer attacks with automation that learns from the victim’s defenses and optimizes for more effective, relentless attacks. This will usher in a new era of cybercrime that will require more advanced threat intelligence and security coverage.

Last edited 1 year ago by David Elmaleh
Tim Callan
Tim Callan , Chief Compliance Officer
InfoSec Expert
November 24, 2020 2:03 pm

The enterprise will become acutely aware of the fact that quantum computers are soon to make our existing encryption obsolete. In 2021, IT departments will be expected to create transition plans for the new, quantum-safe algorithms expected in 2022. Critical to their success will be discovering and categorizing the full set of certificates in use and implementing automated management solutions for efficient, error-free certificate replacement.

Last edited 1 year ago by Tim Callan
Alan Grau
Alan Grau , VP of IoT
InfoSec Expert
November 24, 2020 2:07 pm

To combat the spread of IoT botnets and IoT security threats, government and industry groups have enacted IoT security legislation and standards. IoT security standards now require meaningful security and, in at least some cases, provide enforcement of these standards. We will quickly see IoT device manufacturers respond by implementing stronger security solutions in their devices. OEMs will look for vendors to provide device authentication solutions and security platforms that comply with these emerging standards.

Last edited 1 year ago by Alan Grau
Dr. Zulfikar Ramzan
Dr. Zulfikar Ramzan , Chief Digital Officer
InfoSec Expert
November 24, 2020 2:18 pm

In 2021, we will see a significant uptick in edge computing infrastructures. With that growth, threat actors will begin to develop specific threats that target edge gateways and other edge computing environments. In line with this trend, the proliferation of IoT devices and the increasing pervasiveness of 5G networks will exacerbate the situation – resulting in attacks that have far more impact compared to those in the past.

Last edited 1 year ago by Dr. Zulfikar Ramzan
Keith Neilson
Keith Neilson , Technical Evangelist
InfoSec Expert
November 25, 2020 11:40 am

AI Will Gain Momentum in Cloud Security and Governance

In 2021, AI will go far beyond simply detecting anomalies and thereby flagging potential threats to security teams. Cloud governance is an increasingly complex task and is quickly reaching a point where it’s impossible for humans to manage alone. AI will increasingly be relied on in the coming year to maintain cloud hygiene by streamlining workflows, managing changes, and archiving. Once proper cloud hygiene is established and maintained with AI, it will also be used as a strategic predictive knowledge tool. By predicting and addressing threats and vulnerabilities, AI will help enterprises create the best possible outcome for their cloud environments. Leveraging AI as a strategic asset will empower CIOs to make informed decisions about their cloud environments, such as evaluating costs and compliance risks.

Last edited 1 year ago by Keith Neilson
Deepen Desai
Deepen Desai , CISO and Vice President of Security Research
InfoSec Expert
November 25, 2020 11:46 am

Employee devices will be quarantined or risk massive breaches.

As employees begin to return to work after COVID-19, their devices will need to be cleaned before connecting to the corporate network. Devices exposed to external networks are more likely to bring attackers directly onto the corporate network upon return to the office. To mitigate this risk, organizations will need to do one of two things: implement a zero-trust network architecture (ZTNA), or scan all devices before employees return to work. Organizations that use ZTNA will greatly limit the attack surface by securing crown-jewel applications and preventing lateral propagation. Those that don’t have to scan all employee devices or risk giving attackers easy access to stealing their company’s information.

Last edited 1 year ago by Deepen Desai
Chris Hickman
Chris Hickman , Chief Security Officer
InfoSec Expert
November 26, 2020 9:48 am

New remote and distributed workforce use cases have forced leaders to expedite initiatives this year to meet unforeseen use cases. In navigating these use cases, cryptography has surfaced as a common theme that will ultimately define 2021 IT security trends. Many companies have started to address cryptography management in their environments but have yet to fully embrace crypto-agile best practices. From managing shortened digital certificate lifecycles and root CA expiration to mitigating crypto-based exploits and hardening IoT and DevOps deployments, Public Key Infrastructure (PKI) will continue to emerge as a foundational security tool offering automated and scalable solutions.

Last edited 1 year ago by Chris Hickman
Ryan Weeks
Ryan Weeks , CISO
InfoSec Expert
November 27, 2020 2:35 pm

Healthcare organisations need to remain on red alert in 2021:

Given the COVID-19 pandemic, it\’s no surprise that the healthcare industry has been a primary target for cybercriminals in 2020. Between highly desired intellectual property and the opportunity for major payouts, the incentive to exploit even the smallest of healthcare institutions, let alone larger networks, will remain a top priority for malicious actors in 2021. Specifically, ransomware will be the primary attack method because the consequences are higher for healthcare organisations that can’t risk downtime due to the critical services they provide for patients. It will be critical for hospitals and other healthcare organisations to evaluate their IT and security budgets ahead of the new year to ensure they’re able to implement advanced security and data management tools that allow them to effectively back up and secure networks while enabling business continuity efforts in 2021.

Last edited 1 year ago by Ryan Weeks
Joe Pettit
Joe Pettit , Director
InfoSec Expert
November 29, 2020 9:38 am

Depending on the size of your organization a typical security team could be dealing with up to and over 130 tools! Why is that a problem you might ask?

First up – we’re in the middle of pandemic. The economy is going to be impacted further over the coming year. Security Leaders will have more to do, with less budget. One solution is to do more with vendors that have a wider range of products and services.

Secondly – if you do have over 130 tools, you have to ask yourself, “how are those tools being utilized?” Are you making the most of your expensive technology investments? Do you have the internal resources to invest to maximize the benefits of each solution? If the answer is no, focus on what is more important to you and your business.

I’d recommend that security leaders sit down with their teams and look at what is being used, why they use them, and what isn’t needed. Look at creating an inventory of existing tools, then look at how those tools give you coverage across the business (you’ll see some serious overlap), look at your recent incidents – compile and categorize those before mapping your portfolio to those tools that you REALLY need.

Last edited 1 year ago by Joe Pettit
Alberto Pan
Alberto Pan , Chief Technical Officer
InfoSec Expert
November 30, 2020 11:20 am

The COVID pandemic has made evident the need to accelerate the delivery of useful and trusted data to business decision-makers. Conventional analytics architectures can take weeks or even months to react to new types of data requests in today\’s complex data environments. That is why many companies are turning to more agile data integration technologies, like data virtualisation, which can shorten these times drastically.

In 2021, we will see how this trend is consolidated as a comprehensive data strategy. Many companies will implement data fabrics – an architectural pattern which prioritises agility in the delivery of trusted, real-time data to the business. In addition, AI technology will be further incorporated in data fabric architectures to automate steps such as data discovery, performance optimisation and workload management. This will further increase automation and agility by leveraging the maturity reached by AI technology in the last few years.

Last edited 1 year ago by Alberto Pan
Brett Beranek
Brett Beranek , VP & General Manager, Security and Biometrics
InfoSec Expert
December 1, 2020 12:35 pm

Forward-looking CISOs will transition to password-less authentication with the twin goals of customer convenience and enterprise security.

Consumers want a digital experience that is easy, secure, and free of passwords. Daily passwords and pins (e.g., email, ATMs) are near relics. As more consumers shift to online channels in order to bank, socialise, play, and shop, users demand a more sophisticated and secure experience. Passwords have lulled consumers into a false sense of security for years, especially as the number and variety of devices on which apps are used skyrocketed, each requiring critical information to be entered repeatedly – and thus each instance an opportunity to track and steal that data. Companies will need to demonstrate to their customers that they take their security seriously. Consumers are now more conscious than ever of the risks surrounding their identity. They will start to demand more from the businesses they deal with. Organisations can’t afford to do things only based on ROI – better security is now a question of customer retention, loyalty, and corporate social responsibility.

Last edited 1 year ago by Brett Beranek
Gaurav Banga
Gaurav Banga , CEO and founder
InfoSec Expert
December 1, 2020 12:44 pm

Due to 2020’s disruptions, the gap between cybersecurity-mature organizations and security unready organizations will widen significantly and become a major competitive disadvantage factor.

Cybersecurity-mature companies are those that have made already made investments to prevent cyberattacks before they happen. On the other hand, security unready organizations have yet to implement proactive security controls and practices and as a result can only respond to breaches after they happen. In 2020, many security unready organizations pushed out critical projects to enhance cybersecurity posture visibility due to budget squeezes.

The primary consequence of being on the wrong side of The Great InfoSec Divide is that it makes it more difficult to secure new customers and retain existing ones. Your customers worry if you can keep their data safe. At the macro-level, The Great InfoSec Divide will slow innovation, as startups and smaller faster innovating companies will struggle to gain customer trust. We will see the reemergence of the phrase “No one ever got fired from hiring Microsoft,” but for cybersecurity reasons.

Last edited 1 year ago by Gaurav Banga
Paul Colwell
Paul Colwell , CTO
InfoSec Expert
December 1, 2020 12:53 pm

Companies are transitioning from reacting to threat after threat to a more pro-active security prevention approach. Industry-wide advances such as AI-enhanced security services and a conditional rule approach are delivering better threat detection and faster response rates.

Widespread recognition that threat-intelligence sharing must be enacted for all to benefit has been achieved so that today, and moving forward, companies and specialists can learn from attacks on their peers, and from industry experts and leaders before they themselves fall victim.

2021 in cybersecurity will see further growth in the need for “visibility” of network activity. Software developments such as the use of AI, high-performing integrated cybersecurity dashboards, real-time and cloud monitoring as well as regularly scheduled internal checks by specialists will allow the effective monitoring, tracking and response to network events. Real-time monitoring means threats are identified quicker and can be purged faster thus reducing corporate risk, loss, and potential litigation from expensive data breaches.

The combination of threat intelligence sharing and the development of real-time monitoring means fast reaction – Gone should be the days where cyber threats are able to infiltrate corporate networks for weeks and sometimes months without discovery.

Last edited 1 year ago by Paul Colwell
Dr Margaret Cunningham
Dr Margaret Cunningham , Principal Research Scientist for Human Behavior
InfoSec Expert
December 1, 2020 1:39 pm

2021 will see us uncover the security impacts of “people doing people things” – those normal, yet risky behaviours we all undertake. Whether it is creating multiple workarounds and shortcuts to accomplish goals, stockpiling data, making human errors or experiencing decreased risk perceptions, everything has an impact.

Rather than trying to use technology as a unilateral force to control their workers’ behaviours, companies need to better understand how their people adapt to, respond to, and inform their environments – and begin to implement security practices and tools that work with humans rather than against them.

By pulling experts from security, counter-intelligence, IT, and behavioral sciences together, behavioral understanding can be built into cybersecurity systems. And this is the first important step for finally starting to move cybersecurity “left of breach” – designing security for the human element.

Last edited 1 year ago by Dr Margaret Cunningham
Myrna Soto
Myrna Soto , Chief Strategy and Trust Officer
InfoSec Expert
December 1, 2020 2:12 pm

In 2021 the biggest threats will come from the people and places organisations least expect.

In the past we’ve thought of “insider threats” as disgruntled employees who walk out of the building with proprietary information hidden in their briefcases. But today, employees may be scattered around the world, and could be hired after only meeting via Zoom. In fact, they may never step foot inside a physical office. And today, you can buy almost anything on the dark web, including “trusted insiders”.

The only way to find these people before they do irreparable damage to your organization is by understanding human behavior and knowing when their activities don’t match their profile. Insider threat needs to be taken seriously and accepted as a real risk by security leaders, who should ask tough questions about whether they have the tools and solutions in place to spot and stop anomalous behavior, before it’s too late.

Last edited 1 year ago by Myrna Soto
Nicolas Fischbach
Nicolas Fischbach , Global Chief Technology Officer
InfoSec Expert
December 1, 2020 2:19 pm

As we got used to remote working, many companies gave up on protecting the perimeter and trusted in basic networking and cloud services to protect “the branch office of one”. In 2021 the consequences of these actions will come to light and we will start to realise exactly how much intellectual property was stolen by attackers and malicious insiders during 2020.

Data visibility and the management of data protection is the most important cybersecurity imperative for enterprises in 2021, so that we can work securely, regardless of location. To achieve this goal, we must introduce real-time user activity monitoring. Cloud-native solutions with a deep understanding of users’ behaviour will deliver permanent solutions, rather than stopgaps.

The accelerated digital transformation seen over the past year has pushed organisations forward, but also created new challenges for the cybersecurity industry. Security leaders must ask tough questions about whether they have the tools and solutions in place to spot and stop anomalous behaviour, before it’s too late.

Understanding the emerging challenges and creating cybersecurity technologies which can address them, while also remaining ‘invisible’ to the end user and simple for the practitioner to implement, will be key to ensuring the ongoing security of people and data alike.

Last edited 1 year ago by Nicolas Fischbach
Jason Hart
Jason Hart , CTO
InfoSec Expert
December 7, 2020 7:28 pm

Each year when the security world looks to predict what will be prevalent in the coming year, experts often get bogged down in the weeds instead of looking at the wider problem. We need to start looking at this from a different angle. Year on year businesses spend more money on trying to solve security issues. You can actually correlate the increase in spend with the increase in security breaches. Clearly, the more money you throw at the problem, does not actually solve it, and the amount you spend does not necessary increase the level of protection that any organisation has. So, what does that mean for businesses trying to solve their security woes?

It’s a mindset shift – security is simply the cost of doing business. If we accept that trying to spend more on security will not reduce your security burden, and that security and privacy need to be default within the business process or of the product/offering you are creating, that’s the starting point. If we look at the common problems that businesses are facing, it’s always confidentiality, integrity, availability, accountability and auditability. These are the key aspects of security and need to be a pre-requisite.

Bottom line for next year, as always, (1) more and more risks, (2) privacy will become even more of a priority, and (3) there will be increased pressure from consumers and businesses wanting their solutions to have the aforementioned key pillars of security baked in. Chucking money at the issues with new tools and security services won’t solve the problem and will just give a false sense of security. We need to go into 2021, baking in security from day one.

Last edited 1 year ago by Jason Hart
Jon Fielding
Jon Fielding , Managing Director EMEA
InfoSec Expert
December 7, 2020 7:32 pm

Cyber resilience is an organisation’s ability to prepare for, respond to and recover quickly from any digital disruption.

We anticipate a marked rise in criminal attacks in 2021, as hackers take advantage of people continuing to work remotely – in particular ransomware, malware and phishing. Recognising that no business is immune, IT teams will shift focus to ensuring they have all their ducks in the row in the event of a breach. They’ll also prioritise planning to mitigate the impact of any future crisis that drives the workforce out of the office!

We expect to see an increase in encryption, to protect data as it’s moved from office to home – mitigating risks such as targeting in the cloud – and keep information secure whatever’s happening around it. There will also be a rise in endpoint controls that enable employees to use their own devices safely. These measures give organisations the ability to demonstrate transparency and due diligence in the event of a breach.

The use of secure, encrypted storage devices as a straightforward way of backing up data locally is likely to increase, supporting the ability to get up and running again fast.

Last edited 1 year ago by Jon Fielding
Sébastien Goutal
Sébastien Goutal , Chief Science Officer
InfoSec Expert
December 8, 2020 11:00 am

Thread hijacking will grow

A technique featured in the wave of Emotet malware attacks that began in July 2020, thread hijacking is a formidable email security threat that will grow in prominence.

The technique consists of using existing email conversations with victims to spread to new victims. Using tools like Outlook Scraper, Emotet gangs obtain access to email threads on infected computers. Once inside hackers inject themselves into threads and ask recipients to click on a malicious link or open a weaponized Word document.

Thread hijacking is highly successful for two reasons: First, because the malicious email is sent from a trusted sender (the user whose email is infected), and second, the context of the existing discussion lowers the guard of the targeted recipients. Additionally, we can expect to see an increase in other advanced techniques featured in Emotet campaigns, including techniques that bypass AV engines, such as VBA macro code obfuscation in Word documents.

Last edited 1 year ago by Sébastien Goutal
Damien Riquet
Damien Riquet , Research Engineer
InfoSec Expert
December 8, 2020 11:07 am

Remote image-based threats will push email security filters to their limits

Building on the success of image manipulation techniques to bypass email filters, hackers are now using remote images to store malicious textual content. Unlike images embedded in email, remote images must be fetched over a network. Detecting a remote image over a network is complex and time-consuming, and it cannot be done in real-time.

While Computer Vision can analyze and extract relevant content from images it’s expensive, CPU-intensive, and not widely available in commercial email filters. Because of this, we can expect to see more hackers using remote images in 2021.

Last edited 1 year ago by Damien Riquet
Rashid Ali
Rashid Ali , Enterprise Sales Manager UK & Nordics
InfoSec Expert
December 8, 2020 12:18 pm

It is fair to say that 2020 was not the year we expected. But businesses across all industries have continued to push forward, accelerating their digital transformation plans and embracing new ways to work. It is an exciting moment for the industry, as we have moved away from talking about how to digitally transform and instead IT leaders are focusing on how to secure and manage the new working environments we have created, as we head into next year.

Securing remote access and endpoint management needs to be top of the agenda. We are heading into a world where this is no longer ‘a-nice-to-have’ but should form part of any cybersecurity strategy. In addition, there has never been a better time to empower the dispersed workforce, in order to maintain productivity and business operations. Organisations need to invest in security, that will support remote users otherwise we could see businesses trading off security with innovation. Organisation that remain secure and agile, while supporting employees will be the ones that thrive.

Last edited 1 year ago by Rashid Ali
Benoit Grangé
Benoit Grangé , Chief Technology Evangelist
InfoSec Expert
December 9, 2020 2:52 pm

Banks will invest in roles dedicated to enabling data-driven decision making. We will see a rise in the creation of specific and dedicated roles within banks, such as the chief data officer (CDO), who will be responsible for the execution and delivery of the data-driven strategy within the organization. Chief Data Officers will play a critical role in the next normal that follows, as there’s never been such a vital time for CDOs to provide banks with timely and accurate data. These data leaders will help break down data silos in digital transformation teams to secure buy-in from the C-suite and the entire organization.

Last edited 1 year ago by Benoit Grangé
Michael Magrath
Michael Magrath , Director, Global Regulations & Standards
InfoSec Expert
December 9, 2020 2:54 pm

Digital identities and remote account openings will gain traction worldwide: Regulators in Hong Kong, Pakistan, Greece, Macedonia, Mexico, and Turkey approved remote bank account openings in 2020 – a clear indicator that even processes rooted in traditional face-to-face meetings in the branch are now going digital and touchless around the globe.

Last edited 1 year ago by Michael Magrath
Mark Crichton
Mark Crichton , Senior Director
InfoSec Expert
December 9, 2020 3:08 pm

The year the cloud is finally embraced by financial services. In today’s turbulent economic climate, banks are looking to deliver secure online services at the lowest possible cost. And this is where SaaS solutions deliver the innovation needed in the most agile way possible. We will undoubtedly start to see banks make the shift to SaaS to remove overheads and refocus on evolving core services. Yet the financial sector is still behind the curve in its adoption of cloud due to its ongoing fear over privacy and data control to meet the stringent standards of GDPR and PSD2. As an industry, technology providers need to reassure banks and give them the confidence that it is possible to protect data anonymity and drive capabilities around areas including authentication, fraud, and risk analysis to help them reap the rewards SaaS solutions have to offer.

Last edited 1 year ago by Mark Crichton
Stuart Reed
Stuart Reed , UK Director
InfoSec Expert
December 9, 2020 3:27 pm

There is no question that COVID-19 has had far reaching and long-lasting impacts on the way people do things, not least the way we work. Digital transformation has accelerated in many different ways and while that has been tremendously beneficial for keeping people connected and allowing business continuity, the spotlight has naturally fallen on the inevitable cybersecurity impacts.

With high profile breaches, lawsuits and eye watering fines imposed for poor cyber hygiene this year alone, in 2021 more scrutiny can be expected on digital projects from a security perspective as organisations understandably want to avoid the unintended consequences of digitisation. It will be those with embedded cybersecurity that will likely flourish as organisations take stock of which digital initiatives they roll out to ensure their longer term commercial success.

Last edited 1 year ago by Stuart Reed
Jim Van Dyke
Jim Van Dyke , CEO
InfoSec Expert
December 9, 2020 6:54 pm

2021 will be a year where several legacy solutions hit the wall and/or are out of service. Legacy solutions can’t meet their business requirements anymore, and companies will find these products are no longer supported as the need for digital transformation intensifies. This will drive demand for modern cloud-based IGA solutions to replace legacy products.

Last edited 1 year ago by Jim Van Dyke
James Kretchmar
James Kretchmar , Vice President and CTO
InfoSec Expert
December 9, 2020 7:22 pm

As lockdowns and social distancing have forced people to stay indoors, Britain\’s Internet users are now spending more time online, including twice as much time watching subscription streaming services as compared with 2019.

The Internet has coped remarkably well under this ever-increasing strain. But with more users making the transition from traditional broadcast to online viewing, and more content moving online at higher and higher levels of quality, the Internet will face even greater pressure. Technologies like 5G, while promising increased “last mile” bandwidth, will in fact add to the pressure by allowing users to demand more from the parts of the Internet that are constrained.

To ensure the Internet continues to perform optimally, I expect we will see an increased need for delivering content from an intelligent edge platform. By delivering content to devices from nearby servers, the congested bottlenecks of the Internet are avoided, improving throughput and reliability for users. This will enable us to sustain the speed, quality and resiliency we have come to expect when we’re using the Internet, all while traffic continues to grow.

Last edited 1 year ago by James Kretchmar
Ofer Israeli
Ofer Israeli , CEO & Founder
InfoSec Expert
December 10, 2020 8:57 am

The “spray and pay” method of scattering ransomware all over the internet and hoping to hit paydirt through the numbers game has given way to highly targeted strains pointed at specific victims. Despite all the myriad solutions deployed by organizations to defend against cyberthreats, ransomware is increasing at a rapid rate. The fundamental weakness underpinning the rise of ransomware as attackers’ chosen tactic in the aftermath of the remote work explosion is cybersecurity’s overreliance on behavioral-based threat detection. With the continued reliance on remote and hybrid work situations, the “old normal” isn’t likely to return. All the baselines created with years of user activity patterns factored in to detect and flag anomalies went haywire in the first few months of 2020. Without a baseline to compare anomalies with, threat detection based on activity monitoring will continue to generate even more false positives than usual, leading to more wasted investigation time. 

Boundaries will continue to be pushed. For example, the recent news of the election security issue with Iran, while it\’s a big deal, it didn’t shake the country. I think it didn’t really shake the country because, because we saw similar things in 2016. The essence here is just human psychology – the boundaries keep getting pushed. And then the next time something occurs that seems unheard of, a country is going to accept it and then when it occurs again, it\’s not that it\’s overlooked, but that it doesn\’t seem all that awful.

I think we\’re going to see the stakes dramatically continue to grow. There is a lot that nation-state attackers can do, but they\’re not doing today. And somebody at some point is going to make that first motion. I think we\’re going to see a shift in what is perceived as acceptable or reasonable.

Security savvy board members. From a company governance perspective, I do think we\’re going to start to see a trend of more security and technology savvy board members being added to the board of directors. It will be crucial, as security continues to be a huge risk for all companies, to have someone on the board who can grasp this, understand it and work with the management team to resolve any issues and help manage the risk.

Active Defense will be top of mind. Our customers are proactively bringing up MITRE’s Shield framework with us, which is phenomenal as it was only released in August. We\’ve just scratched the surface now, but I think that this framework is going to play a significant role. It\’s going to transition customers’ thinking to the perspective Illusive Networks has long been focused on: the understanding that proactive versus reactive defense is key. How do you add an active layer to your defense? I believe that\’s going to play a significant role in security strategies in 2021.

Last edited 1 year ago by Ofer Israeli
Adrian Moir
Adrian Moir , Senior Consultant of Product Management
InfoSec Expert
December 10, 2020 11:38 am

In 2021, we’ll see the continuation of the shift from data centres to the collaborative cloud. The cloud enables simplified collaboration and is more accessible to a broader set of people within an organisation. However, alongside this shift, organisations will need to reassess how they secure and protect the data that no longer resides in a data centre. As we move forward protecting those cloud collaborative technologies will be just as important. Expect organisations to leverage the tools in more constructive ways than just for communication. There will be expectations set on using these technologies as a core part of their operations, and as such, protecting the content will become even more important.

Last edited 1 year ago by Adrian Moir
Grady Summers
Grady Summers , EVP Solutions and Technology
InfoSec Expert
December 11, 2020 2:45 pm

The remote workforce is putting organisations at a greater risk of data breaches, IP theft, and illegal access through company and personal devices. In the first six months of the pandemic, 48% of total UK knowledge workers said they had experienced targeted phishing emails, calls, or texts in a personal or professional capacity – this number will only continue to grow.

If these risks are not addressed, 2021 will be yet another year where we say, “the threat landscape continues to become more complex”. Identity and access management plays a major role in securing enterprise identities and limiting the blast radius from a compromise. But IAM processes are complex, and a well-managed identity governance programme can thus be costly and out of reach for many organisations.

Yet AI is already starting to change this, and the trend will accelerate in 2021. Identity management will become more streamlined as we analyse patterns and anomalies to automate access requests, spot risky users, and eliminate manual and cumbersome re-certification processes. Organisations will become more comfortable embracing automated governance around the real crown jewels in any organisation —their identities—and this automation will make IAM programmes more accessible to a broader range of organisations. I believe regulators will start to become comfortable with AI-driven decisions as they realise that machines will deliver smarter and faster results vs. overwhelmed humans trying to determine who can access what and when.

Last edited 1 year ago by Grady Summers
Robert Prigge
InfoSec Expert
December 11, 2020 3:36 pm

Addressing bias in AI algorithms will be a top priority causing guidelines to be rolled out for machine learning support of ethnicity for facial recognition.

Enterprises are becoming increasingly concerned about demographic bias in AI algorithms (race, age, gender) and its effect on their brand and potential to raise legal issues. Evaluating how vendors address demographic bias will become a top priority when selecting identity proofing solutions in 2021. According to Gartner, more than 95% of RFPs for document-centric identity proofing (comparing a government-issued ID to a selfie) will contain clear requirements regarding minimising demographic bias by 2022, an increase from fewer than 15% today. Organisations will increasingly need to have clear answers to organisations who want to know how a vendor’s AI “black box” was built, where the data originated from, and how representative the training data is to the broader population being served.

As organisations continue to adopt biometric-based facial recognition technology for identity verification, the industry must address the inherent bias in systems. The topic of AI, data and ethnicity is not new, but it must come to a head in 2021. According to researchers at MIT who analysed imagery datasets used to develop facial recognition technologies, 77% of images were male and 83% were white, signalling to one of the main reasons why systematic bias exists in facial recognition technology. In 2021, guidelines will be introduced to offset this systematic bias. Until that happens, organisations using facial recognition technology should be asking their technology providers how their algorithms are trained and ensure that their vendor is not training algorithms on purchased data sets.

Last edited 1 year ago by Robert Prigge
Ellison Anne Williams
Ellison Anne Williams , Founder and CEO
InfoSec Expert
December 11, 2020 4:13 pm

Businesses embrace a technology-enabled path to privacy as a competitive differentiator.

Shifting perceptions on privacy, the patchwork of regional compliance standards, as well as ongoing storylines such as Brexit and Privacy Shield have created a global regulatory landscape that is uncertain at best. Recognizing that broader clarity is unlikely to arrive in 2021, businesses will finally stop chasing regulations and embrace a more strategic and forward-thinking approach to privacy and compliance. Technical solutions, namely privacy-enhancing computation, will emerge as a foundational component of this approach, one that allows businesses to share and collaborate while respecting data privacy and regulatory barriers. This ability to perform business-enabling functions without increasing regulatory risk will give companies – especially those in highly regulated industries – a near-term market advantage as they are able to access and use third-party data in a manner not previously possible.”

Last edited 1 year ago by Ellison Anne Williams
Hank Schless
Hank Schless , Senior Manager, Security Solutions
InfoSec Expert
December 11, 2020 5:02 pm

Directly integrating the shopping experience with WhatsApp makes it more convenient for the users to make purchases. But it also exposes both the shopper and the retailer to risk. The research community has consistently uncovered vulnerabilities within WhatsApp over the years that allow attackers to take control of data. There is risk to both your employees and the customers since there are consistent issues with WhatsApp vulnerabilities. If either device is running a vulnerable version of WhatsApp, that could expose both parties to risk. Threat actors could exploit WhatsApp vulnerabilities on personal consumer devices with the end goal of getting into a retailer’s infrastructure through this connection.

As a messaging platform, WhatsApp creates opportunities for attackers to carry out phishing campaigns pretending to be retailer representatives or even a customer. Since WhatsApp and Facebook are connected, a threat actor has easy access to personal information of potential victims. This enables them to socially engineer a target and pose as a representative from a brand they frequently shop for. Attackers could try to phish login data from consumers or convince them to download a trojanized version of a brand’s app in order to steal data from their device directly. It could also go the other way, with attackers posing as customers to infiltrate a retailer’s infrastructure by engaging an employee.

If your organization is going to implement this integration, be mindful of a few things:

Ensure all your employees have the latest version of WhatsApp. To make this clear, implement a policy that requires them to update to the latest version of the app before they can use it.

Protect employee devices from mobile phishing attacks. With everyone working remotely, you need mobile phishing protection that works regardless of where your workers are and can defend against phishing attempts on third party chat platforms, social media apps, and SMS.

Make sure no customer data is being collected outside your corporate infrastructure in a way that could violate GDPR. Implement compliance-specific policies across your entire mobile fleet, especially if you allow employees to use their own devices for work.\”

Last edited 1 year ago by Hank Schless
Mårten Mickos
Mårten Mickos , CEO
InfoSec Expert
December 14, 2020 8:20 pm

In 5 years time, we will see the first hacker pass the $10 million in earnings mark. Even with increased competition, bounty prices continue to rise and more and more businesses will be offering programs.

2020 has already seen an explosion in collaboration tools that offer remote experiences. However, with such an immense opportunity for innovation, I expect that very soon we’ll look back on this as a very primitive time, in the way we now look back on the first web browsers from the 90s. In 5 years time, how will bots and AI be supporting us in basic tasks? Will we work on laptops at all or instead have digital rooms with fully interactive surfaces? COVID19 won’t be the last pandemic we’ll see and as a result, many of our recent habits will have become distasteful. For example, it will no longer be socially acceptable to fly around the world, so instead we will need to have those experiences digitally. Whatever happens, we’re going to need ethical hackers to help secure these advances in technology.

Last edited 1 year ago by Mårten Mickos
Ed Martin
Ed Martin , Director of Product Management
InfoSec Expert
December 14, 2020 8:27 pm

Extended Detection and Response, or XDR, is going to accelerate in 2021 as a breakthrough solution. Organizations of all sizes will count on it to simplify and unify their infrastructures and data into one security solution.

As cyber threats evolve, the combination of technology integration and advanced analytics is required to enable security analysts to gain contextual visibility across the ecosystem for a more complete understanding of complex threats. Not only does this mean faster detection and response rates, but also more precision and accuracy when investigating known and unknown threats.

Last edited 1 year ago by Ed Martin
Bernd Greifeneder
Bernd Greifeneder , CTO & Founder, Dynatrace
InfoSec Expert
December 15, 2020 11:13 am

In the coming year, we are likely to see an increase in application vulnerabilities being exploited by hackers, as security issues shift from infrastructure to application. Accelerated digitalization makes this issue worse, as traditional methods of vulnerability management simply aren\’t fit for a modern cloud-native world, where applications are becoming far more dynamic. The growing use of API-driven architectures, Kubernetes, microservices, and serverless computing accelerates development, as well as exposures. Scanning for vulnerabilities in pre-production is simply no longer good enough for these types of environments.\”

Agile and continuous delivery methodologies have also added to the challenge. Staggered rollouts, A/B testing, Beta testing, blue-green deployments, rollbacks, and early access programs help to ensure smooth implementation and adoption of new software, but they also mean that organizations are often running multiple concurrent versions in production, losing oversight and leaving exposures if not scanned continuously in production. The use of Kubernetes also means that the orchestration of all this often crosses into production systems, which increases the risk that vulnerabilities could slip through and be exploited.

In 2021, organizations will start to look for continuous observability and runtime application self-protection capabilities to address these challenges, by enabling their teams to manage and proactively resolve vulnerabilities more effectively in both production and preproduction environments.

Last edited 1 year ago by Bernd Greifeneder
Russell Haworth
InfoSec Expert
December 17, 2020 3:41 pm

This year saw governments across the world take on greater powers and responsibility for the cybersecurity of their citizens, which is a trend that I predict will become more prominent next year as the lines between cyber security and national defense become increasingly blurred. The recent establishment of a national cyber force and increased funding towards the UK\’s cyber defense is the beginning of a new era. Besides the arenas of land, sea, and air, cyber has been officially recognised as a new battleground. Warfare in cyberspace is of a fundamentally different nature and will require new tools and collaborations to combat aggressive nation-backed activity.

“Decisive action is being taken by governments around the world to tackle cybercrime and much of this is already in collaboration with the security industry. This is a positive step, which may decrease the volume of nation-backed activity perpetrated by known APT groups. It would be too much to hope that attacks will cease but we might expect less disruptive techniques and more ‘stealth’ cyberattacks, utilising espionage techniques and bringing in a number of different tactics to execute an attack. It is in this area we must next look to evolve cyber defense and for that, we will need a multi-faceted, coordinated approach across government, industry, and society.

Last edited 1 year ago by Russell Haworth
Casey Ellis
Casey Ellis , CTO and Founder
InfoSec Expert
December 18, 2020 8:35 pm

Governments are collectively realizing the scale and distributed nature of the threats they face in the cyber domain, as well as the league of good-faith hackers available to help them balance forces. When you\’re faced with an army of adversaries, an army of allies makes a lot of sense.

Judging by the language used in the policies released in 2020, governments around the world (including the UK) are also leaning in to the benefit of transparency inherent to a well-run VDP to create confidence in their constituents (neighborhood watch for the internet). The added confidence, ease of explanation, and the fact that security research and incidental discovery of security issues happen whether there is an invitation or not is making this an increasingly easy decision for governments to make.

Last edited 1 year ago by Casey Ellis
Rory Duncan
Rory Duncan , Security Go To Market Leader UK
InfoSec Expert
December 21, 2020 12:00 pm

<p style=\"font-weight: 400;\">In the next year, we’ll see edge computing become more mainstream, which will in turn allow information to be processed closer to the source, with increased speed. With as many as 50 billion devices online in the future, all generating data, this capability will be crucial when it comes to effectively delivering the internet of things (IoT) and rolling out 5G connectivity.</p> <p style=\"font-weight: 400;\"> </p> <p style=\"font-weight: 400;\">“However, as edge computing becomes key to the success of organisations from the majority of industries, it will also introduce new cybersecurity challenges. As such, it’s vital that businesses embed security in to all aspects of their technology estates – and this applies to applications and workloads running on-premises, in a public or private cloud, or at the edge. To prepare for the new era of computing, then, infrastructure will need to be inherently secure by design. Put simply, security should never be ‘bolted on’ as an afterthought.</p>

Last edited 1 year ago by Rory Duncan
Rodney Joffe
Rodney Joffe , SVP and Fellow
InfoSec Expert
December 21, 2020 12:08 pm

<p>This year, the threat of misinformation has reached a new state of maturity. In 2021, we can expect the issue to grow further, forcing organisations to become more vigilant and take greater levels of accountability.</p> <p>&nbsp;</p> <p>Currently, the majority of malicious actors are still using misinformation for legacy cybersecurity activities. Next year, we will approach another phase of viral misinformation in the form of deep fake technology. </p> <p>&nbsp;</p> <p>Worryingly, the development of deep fake technology is approximately five years ahead of our ability to guard against it. Threatening to erode trust even further, 2021 will see the cybersecurity community working on a range of solutions and technologies to prevent and solve the problem of misinformation, fake domains and deep-fakes.</p>

Last edited 1 year ago by Rodney Joffe
Fermin Serna
Fermin Serna , CISO
InfoSec Expert
December 21, 2020 12:25 pm

<p>Companies are rapidly moving to simplify and shift things to the cloud. And CISOs are adapting to secure the new environment. But five years from now, there will be something else. CISOs will become more agile in adapting to changes as technology evolves in 2021 and align closely with business leaders to provide a secure environment that fuels innovation and growth.</p> <p>&nbsp;</p> <p>There are lessons to be learned today that can help shape a better tomorrow. Just like work, cyberattacks can happen anywhere, anytime. And in order to successfully protect the systems and information people need to get things done, wherever they happen to be, security organisations need to become more intelligent and flexible. In doing so, they can create the secure environments needed to keep employees engaged and productive and fuel innovation and business growth.</p>

Last edited 1 year ago by Fermin Serna
Paul Farrington
Paul Farrington , Chief Product Officer
InfoSec Expert
December 21, 2020 12:31 pm

<p>If 2020 has taught us anything, it is that a business is only as agile as its infrastructure, proving how much we depend on cloud-native technologies. With infrastructure becoming increasingly immutable, I predict we’ll see the impact of this specifically as it relates to the rise of cloud-native technologies and infrastructure as code. Both of these trends offer major business benefits in terms of automation, cost, scale, and security.</p> <p>&nbsp;</p> <p>As companies continue to outsource their infrastructure to third parties and pivot their focus to consuming services, they will need to focus less on the security of the operating system and runtime environment and more on the application layer. Furthermore, as infrastructure turns into code, the better \"choke point\" to scan for infrastructure vulnerabilities becomes the code rather than servers in production.</p>

Last edited 1 year ago by Paul Farrington
Matias Madou
Matias Madou , Co-founder and CTO
InfoSec Expert
December 21, 2020 12:43 pm

<p>I believe that in 2021 and beyond, CIOs must focus on training people, rather than an over-reliance on security tools. Scanning tools and the like have their place in a DevSecOps process, for example, but security at speed is made possible by producing secure code in the first place. It’s kind of a “humans vs. robots” approach – the human element is often left out, when in fact automation is not getting the job done. Headlines uncovering new data breaches every other day are evidence of that. </p> <p>&nbsp;</p> <p>We must get to a point where developers – those who touch code most – are given the knowledge and tools to play a greater role in software security. Ideally, those tools are best placed in their workflow, getting closer to their day-to-day activities until security is second-nature.</p>

Last edited 1 year ago by Matias Madou
Information Security Buzz
Would love your thoughts, please comment.x