- RSA Conference 2024: Exploring our Current Cybersecurity Realities Amidst AI Myths
- RSA Conference 2024 Highlights: Cutting-Edge Cybersecurity Innovations
- Europol Warns of Home Routing Challenges For Lawful Interception
- Cyber Insurance Premiums Are Declining, Howden Insurance Brokers Report Finds
- Meta Faces Suspension of AI Data Training in Brazil
Peer-To-Peer Cybersecurity Insights For 2021
Based on real practitioners’ experiences
By Stuart Berman, IT Central Station Super User
December is typically a month when people who work in the IT field offer predictions for the coming year. 2020 has been a highly atypical year, however, so it’s a bit daunting to think about what’s coming over the horizon. Yet, my company is in a unique position to engage in prognostication. We source user data directly from users in the trenches. In a year when travel has not been possible, IT professionals could not rely on the traditional get-togethers and in-person discussions to get advice and feedback from other industry experts. Online review sites such as our have boomed as a result. With that in mind, here are five predictions for cybersecurity, based on what are learning from real practitioners.
Countermeasures and security operations catch up with containerization and microservices—While neither containerization nor microservices are new, they have reached a level of adoption that calls for a revised approach to cloud security. I say revised, versus new, because it’s easy to get pulled into “It’s all different, trash everything you’re doing” discussions. These are traps to avoid, as are the seductive but in my view false ideas like “Firewalls are dead in the cloud. You just need good code.” No, principles like Defense in Depth don’t go away just because you’re running virtualized services in the cloud. Rather, securing containers and microservices calls for new, virtualized versions of familiar technologies like firewalls.
Automation of security processes and SecOps becomes the norm—This has also been a long time coming, but the security field has reached a point where manual processes will no longer suffice. There is just too much going on, too many threats to mitigate, too many alerts to handle. Instead, solutions like Security Orchestration, Automation and Response (SOAR) will become “must haves” in the Security Operations Center (SOC). SOAR solutions use automated “playbooks” to handle threats at a speed that people cannot possibly match by hand.
Multiple security and related systems become more deeply integrated—The need to integrate the different elements of a security program will become more pressing in 2021. This goes along with automation. As security incident response becomes automated, it will make sense to eliminate manual handoffs between the systems that power the response, e.g., the SOAR solution will connect with the IT ticketing system via Application Programming Interfaces (APIs) for generating and assigning tasks.
Security moves a lot faster—Security processes, along with the systems that support them, will start to move a lot faster in 2021. This might take the form of increased automated system updates versus manual re-installs, to name just one possible example. Automation also naturally moves processes along at a far faster clip than was previously possible.
Security partners more closely with other corporate groups—Security, as well as its close cousin, compliance, will require more collaboration between multiple groups inside an organization. With privacy, for example, there will likely be much closer coordination between legal teams and engineering. For example, to ensure the “right to be forgotten” under GDPR and CCPA, the legal team has to have a thorough understanding of how the consumer’s rights will be honored through technology. To get it right, everyone is going to have to learn to speak across organizational boundaries.
In general, I think 2021 is going to be a year when the dialogue between vendors and buyers starts to become more holistic and productive. The cloud computing trend, as well as the growth of DevSecOps and SOAR, are leading to a situation where the old “My solution is better than their solution” argument just really falls flat. We are hearing this in so many ways on the site. Buyers no longer care so much if a solution is 99% effective versus a competitor that is 98%. Good security managers want to understand how a solution will work in context, for a particular business use case.
One thing is for sure: It’s going to be an interesting year. Let’s all stay safe.
About the Author
Stuart Berman, IT Central Station Super User
