1. Cybersecurity mesh

Deploying controls is essential for cybersecurity mesh when it required, a modern security approach that enables tools to interoperate by providing foundational security services and centralized policy management and orchestration, rather than security tools running in a silo. A cybersecurity mesh architecture allows organizations to extend security controls to distributed assets outside traditional perimeter

2. Identity-first security

The ideal had been access for any user, anytime, and from anywhere validating the identity. Technical and cultural shifts and a current majority remote workforce during COVID-19 rendered remote access essential. “Identity-first security puts identity at the center of security design and demands a major shift from traditional LAN edge design thinking,”

SolarWinds Supply Chain attack shows us the best example for verifying the identity

3. Security support for remote work is here to stay

64% of employees are able to work remotely. Gartner surveys indicate that at least 30 to 40% will continue to work from home post-COVID-19. 

This shift can require many offices to undertake a total reboot of policies and security tools. Endpoint protection services will need to move to cloud-delivered services. There also needs to be a review of existing policies for data protection, disaster recovery and backup to ensure everything will function for a remote staff. 

4. Cyber-savvy boards of directors

Gartner sees more enterprises creating a board-level dedicated cybersecurity committee helmed by a board member whose background has been in security or as a consultant.

By 2025, 40% of boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member, up from less than 10% today, Gartner predicted.

5. Security vendor consolidation

Gartner found that 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolios; 12% have 46, Having many security products can increase complexity, integration costs and staffing requirements. 

Having fewer security solutions can make it easier to properly configure them and respond to alerts, improving your security risk posture. But, buying a broader platform can have downsides in terms of cost and the time it takes to implement.

6. Privacy-enhancing computation

Look for privacy-enhancing computation techniques that protect in-use data which enables secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments. Implementations are on the rise in fraud analysis, intelligence, data sharing, financial services

By 2025, 50% of large organizations will adopt privacy-enhancing computation for processing data in untrusted environments or multiparty data analytics use cases, Gartner predicted.

7. Breach and attack simulation

Breach and attack simulation tools provide continuous defensive posture assessments, and challenge limited visibility from annual point assessments like penetration testing. When CISOs include BAS as a part of their regular security assessments, teams can identify security posture gaps more effectively and better prioritize security initiatives.

8. Managing machine identities

Machine identity management is when a machine interacts with other entities, such as devices, applications, cloud services or gateways. Increased numbers of nonhuman entities are now present in organizations, and this means managing machine identities is now a vital part of the security strategy.