Five Security Management Trends to Watch in 2021
By: Mohie Ahmed
Expectations for the year 2021 in the realm of security management are massive, as the world continues to be rocked by the global pandemic and related – and unrelated – economic and political challenges.
We have seen this year that during this time of economic uncertainty and increased competition across industries, digital transformation has been accelerated, as everything from work-from-home models to the cancellation of events and social distancing regulations has forced every business to adapt.
In addition to state-sponsored espionage, criminals have expanded their attacks given the rush to remote working and the gaps exposed in systems as a result. Threat actors are targeting proprietary wireless protocols in attacks against enterprise networks. And, as global technologies advance, and nearly everything in our personal and work lives is connected to the Internet, governing institutions, both national and international, are struggling to keep pace.
With the balkanization of the Internet, as countries from the U.S. to Russia and China seek to further protect their boundaries, enterprise IT leaders must adapt to a new world of technology and connectivity by building Security Management leadership proficiency in navigating complex and varied regional and local laws governing technologies, privacy, and connectivity to the global Internet, and practice extreme caution when integrating software or hardware into their networks, including API data partnerships, and master the art and science of Privileged Access Management.
Here are five trends IT leaders should watch as they plan for and budget for the new year while still reeling from 2020:
- Pay special attention to the supply chain, including the digital supply chain. Work with trusted vendors and to ensure every facet across hardware, firmware, and software is solid. Put in place a security posture that limits access to only those individuals who need access to keep systems operating. The diversity, including multiple clouds, will continue to expand in 2021.
- Prepare for data deluge. The more connected enterprises are, whether connecting people, machines, or people and machines, the more data is produced. Study your current data architecture and take steps early to ensure you have the computing capacity and automation to deal with exponentially more information. When managed, that information creates insights; when unmanaged, that information creates confusion and risk.
- Be open to new modalities and prepare for what seemed like science fiction to become a part of daily life. For example, we are fast approaching a time when the sight of drones buzzing around our factories, office buildings, neighborhoods, and other public spaces will be commonplace. Package and cargo delivery, security monitoring, building safety inspections, social distancing compliance, and 3D mapping are just a few of the areas in which commercial drones are currently employed, and their use is expected to grow. Drones are a perfect example of “new things” that Privileged Access Management can help protect by ensuring only those who should be able to monitor, manage, and control those drones can do so.
- Prepare for an exponential rise in advanced persistent threats (APTs), expected to look for persistence in networks made up of critical infrastructure nodes, and implement automation, including Privileged Task Automation, which can help protect systems from bad actors, whether internal or external. The best way to avoid and APT is to secure the perimeter, and Privileged Access Management is a key part of protecting mission-critical enterprise borders.
- Finally, and perhaps most important, rethink your cybersecurity strategy heading into the new year. What have we learned in 2020? While Ironsphere has stepped up to help our clients further strengthen identity management given remote working and new threats, we have also spent long hours, days, weeks, and months helping create new playbooks for a new world.
We would greatly enjoy speaking with you about your organization’s business goals, whether adapting to change or seeing opportunities to recover and grow after this unprecedented and uncertain year.
We have all found ourselves in a different world of work given the events that have defined 2020, and few professionals are feeling the pressure more than IT and OT teams.
Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”
Two-factor authentication has been around for decades – requiring an additional step between entering a username and password, for example, then entering a one-time security code sent to a mobile device – to access applications, systems and data.