How to Map out and Navigate Uncertainty in 2021?
The chief information security officer (CISO) is the executive responsible for an organisation’s information and data security. Although the role has been rather narrowly defined along those lines in the past, today, the title is often used interchangeably with CSO and VP of security, indicating a more expansive role in the organisation.
Ambitious security professionals looking to climb the corporate ladder may have a CISO position in their sights. 2021 will see new opportunities in the industry, but new and damaging threats are expected to emerge. Let’s look at top predictions of CISO in 2021.
Rise in Malicious Insider Activity
Malicious insider activity increases during times when people are facing challenges and economic uncertainty. At an event, Dr Jessica Barker, Cyber Security Consultant and specialist in the psychology and sociology of cybersecurity said, “We have to recognise the fact that there are circumstances at the moment, and looking into the near future that may influence a rise in malicious insider activity.”
As artificial intelligence (AI) and machine learning (ML) play a greater role in developing technology capabilities, AI and ML-related threats will likely grow, such as the poisoning of training data sets and model corruption. With ML relying on cloud-based data sets, visibility and security of goings-on outside the traditional perimeter will be essential.
Remote Working will continue
Permanent work-from-home will provide the final push for many organisations that have so far ignored the growing irrelevance of perimeter-based security controls. 2021 will witness consensus agreement that security requires to follow the data and the fortunes of security traders will hinge on their preparedness to deliver security and data protection from the edge rather than legacy security housed within an appliance.
SASE will converge
Secure Access Service Edge (SASE) architecture will be required to support a holistic zero-trust implementation, and these requirements will be the cornerstone for any future workforce digital transformation, offering full visibility, control and enablement for a secure cloud transformation.
Network and Security Strategy
As more organisations consolidate and move away from appliance-based security technology, IT and security departments will realise the cost savings and operational efficiencies the move to the cloud brings.
Organisations following a cloud transformation framework model such as Secure Access Service Edge could save cost average between 20% and 40% in 2021.
As organisations continue to adapt to cloud, employees are no longer on a corporate network, and so the operational investment must move with the data. The traditional legacy network and security stack become less relevant, while IT and security departments will become closely aligned.
More Attacks on Financial Institutions
Financial services institutions such as banks and other firms that are responsible for the security of consumer financial data must remain vigilant in their cybersecurity efforts throughout 2021. The high value of financial data, including Social Security numbers, banking details, and so on makes it a lucrative target for cybercriminals.
Financial services organisations are not breached as frequently as other industries like healthcare, but when they are breached, these incidents tend to be much larger and more detrimental than those experienced by enterprises in other industries. For instance, even though 7% of breaches in 2019 took place at financial services organisations, 62% of all records leaked in that same year were from financial companies.
COVID-19 accelerates Digital Transformation
If looking at 2020 from a technological point of view, we can discern a silver lining. There were rapid digital transformation efforts across industries organisations strove to comply with stay indoors orders.
Digitalisation has been an ongoing objective for countless organisations since the early 2010s. If stay-indoors orders were never enforced due to the coronavirus outbreak, many organisations would not have been embraced digitalisation yet. 2020 has stimulated 5G to keep remote workers connected. Companies expanded the use of AI and ML-infused analytics to grow their businesses and increased cloud adoption to enable businesses to achieve simplified innovation, faster time-to-market, easier scalability, and more.
The GAIA-X project is a great initiative for the European Union and will help boost new business models and smart services to all organisations operating in the region. Additionally, service providers will also get the opportunity to further incorporate together through a federated infrastructure ecosystem. Further development of the new digital benefits will highlight the importance of security services and controls. Organisations will generally require making sure their security program aligns with data infrastructure initiative.
Data Governance moves to the Cloud
Today, organisations are using data protection controls like DLP to manage their cloud applications and infrastructure. These controls will mature and be used to better align with data governance best practices next year. These include automation of inventories of cloud-managed apps and infrastructure aligned with Cloud Security posture Management with an automated system of record and record of processing for the organisations extended GRC and regulatory requirements. These best practices will automate data protection and privacy requirements that also support the latest data protection regulations and ensure data transfers are always supported by a valid data transfer agreement.
Privacy Regulations will grow
Due to the rapidly growing digitalisation and data breaches, we expect to see wider adoption of Privacy Enhancing Technologies (PET’s) allowing companies to share data with third parties for aggregation and analysis, without requiring sharing the raw data between the several parties, hence meeting the various privacy requirements.