Register for the Five Trends Shaping Today’s Cybersecurity Landscape webinar on August 12th at 11 AM/EST to access Pete Lindstrom’s discussion on the latest research in Cybersecurity in more detail and provide a roadmap for protection in the age of digital transformation.
How the Pandemic Pushed the Necessity of Cybersecurity
With so many companies still in the throes of reacting to the pandemic, it may seem difficult to stop and focus on trends which tend to project out three to five years. But for many companies, we are already seeing signs of recovery (or even flourishing, though that’s another story) that hint at the possibilities that the pandemic made readily apparent. Possibilities around more dynamic architecture. Possibilities around resource management and automation. Possibilities around refined risk management. And other possibilities, all coming to a head at the top of the pandemic wave.
As crass (or perhaps cliche) as it sounds, we are all in this together trying to figure out where we head. The shutdown was really a wakeup call to help us zoom in (no pun intended) on the important aspects of cybersecurity all while we were trying to make things work from a productivity standpoint. In fact, that may be our biggest lesson learned – that cybersecurity plays a crucial supporting role in providing the benefits of technology to employees and customers, but it’s not the lead. Ultimately, we provide cybersecurity to harness the technical capabilities for higher levels of productivity or even increased revenue.
The other thing the pandemic did was take away our “comfort zone” of being able to interact face-to-face with many people, including our staff. So collaboration and being kept up-to-date on various issues have taken on a whole new meaning.
Understanding Risk Management
The key to understanding trends, then, is to acknowledge how the pandemic may have knocked us off the track but to also leverage the knowledge gained along with an increased imperative coming from the signs of success we are seeing from all sorts of organizations. Those companies that are well along the path to something we used to call “digital transformation” with a glazed look in our eyes have shown us all what a refined, targeted approach to (in this case) cybersecurity for the digital organization can really look like.
Let’s take a few examples:
- It used to be that Google’s BeyondCorp was the best example of “zero trust architecture” in the real world. And let’s face it, in many ways Google isn’t the sort of real world that companies with 50 years of legacy technology live in. Now, we can easily see the benefits of zero trust when VPNs evolve to software-defined perimeters and identity-aware proxies help in work-from-home-connect-to-cloud environments. In the IDC Perspective, Post-COVID-19: A CIO Recovery Guide — Cybersecurity, we’ve discovered that it may be easier to deprecate any focus on microsegmentation inside traditional networks, for example. So the move of security “up the stack” from a primary focus on perimeters and hosts becomes obviously re-oriented towards users, data, and applications wherever they may be.
- While the day-to-day usage patterns associated with users and endpoints accessing servers and applications, we must be able to recognize and understand the changes in risk posture that the new environments bring. This brings the increased risk associated with collaboration solutions (threat and impact). For example, the extra hops in a session or transaction may increase the attack likelihood. Another prime example includes determining what circumstances necessitate increased monitoring in a cloud environment. The bottom line is- we have to get better at risk management, and it starts with understanding.
- Unfortunately, many companies are getting hit hard with the need to manage costs much more closely. Cybersecurity has actually been in a sort of boom for spending – the scarcity may have applied more to available resources (e.g. skills) rather than funding. At this point, regardless of the situation, cybersecurity leaders must understand the cost of their resources and be able to compare that with some semi-quantitative version of their risks. Cyber-risk quantification is being embraced by many as organizations are forced to reconcile the costs with the benefits or value.
Paramount Trends in Cybersecurity
In our upcoming webinar, Five Trends Shaping Today’s Cybersecurity Landscape we’ll discuss these points in more detail and with added context. In addition, we’ll factor in a couple more trends as we attempt to make the best of this horrible pandemic. Let’s look to position our companies for opportunity and success in our move to the next normal.