1. Cybersecurity mesh
Deploying controls is essential for cybersecurity mesh when it required, a modern security approach that enables tools to interoperate by providing foundational security services and centralized policy management and orchestration, rather than security tools running in a silo. A cybersecurity mesh architecture allows organizations to extend security controls to distributed assets outside traditional perimeter
2. Identity-first security
The ideal had been access for any user, anytime, and from anywhere validating the identity. Technical and cultural shifts and a current majority remote workforce during COVID-19 rendered remote access essential. “Identity-first security puts identity at the center of security design and demands a major shift from traditional LAN edge design thinking,”
SolarWinds Supply Chain attack shows us the best example for verifying the identity
3. Security support for remote work is here to stay
64% of employees are able to work remotely. Gartner surveys indicate that at least 30 to 40% will continue to work from home post-COVID-19.
This shift can require many offices to undertake a total reboot of policies and security tools. Endpoint protection services will need to move to cloud-delivered services. There also needs to be a review of existing policies for data protection, disaster recovery and backup to ensure everything will function for a remote staff.
4. Cyber-savvy boards of directors
Gartner sees more enterprises creating a board-level dedicated cybersecurity committee helmed by a board member whose background has been in security or as a consultant.
By 2025, 40% of boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member, up from less than 10% today, Gartner predicted.
5. Security vendor consolidation
Gartner found that 78% of CISOs have 16 or more tools in their cybersecurity vendor portfolios; 12% have 46, Having many security products can increase complexity, integration costs and staffing requirements.
Having fewer security solutions can make it easier to properly configure them and respond to alerts, improving your security risk posture. But, buying a broader platform can have downsides in terms of cost and the time it takes to implement.
6. Privacy-enhancing computation
Look for privacy-enhancing computation techniques that protect in-use data which enables secure data processing, sharing, cross-border transfers and analytics, even in untrusted environments. Implementations are on the rise in fraud analysis, intelligence, data sharing, financial services
By 2025, 50% of large organizations will adopt privacy-enhancing computation for processing data in untrusted environments or multiparty data analytics use cases, Gartner predicted.
7. Breach and attack simulation
Breach and attack simulation tools provide continuous defensive posture assessments, and challenge limited visibility from annual point assessments like penetration testing. When CISOs include BAS as a part of their regular security assessments, teams can identify security posture gaps more effectively and better prioritize security initiatives.
8. Managing machine identities
Machine identity management is when a machine interacts with other entities, such as devices, applications, cloud services or gateways. Increased numbers of nonhuman entities are now present in organizations, and this means managing machine identities is now a vital part of the security strategy.