2021 Predictions for Cyber Security and Network Security Management

Professor Avishai Wool, AlgoSec CTO, forecasts the critical security issues enterprises will face in 2021

With 2020 proving to be one of the most unpredictable years in living memory, one might assume that making predictions for 2021 is an unrewarding task. The disruption caused by the pandemic, however, was a catalyst for a number of significant changes to the security landscape. Businesses globally surprised themselves with the speed and success of their digital initiatives:  it’s estimated that during 2020, digital transformation was accelerated and advanced by up to seven years, and these seismic changes to enterprise networks are likely to become permanent.  So, with this in mind, here are my predictions for what we can expect to see over the next 12 months: 

Working from Home and the new norm

The pandemic forced organizations to rethink their business model as a result of national lockdowns and social distancing guidelines. Almost overnight, entire workforces were instructed to work from home, and now almost a year on many offices still remain empty. Crowdsourced research from Stanford University found that 42% of the U.S. workforce were working from home in 2020, with 33% not working at all and the remaining 26% – mostly essential service workers – working on business premises.  

While some may have thought this was a temporary measure until a vaccination program was established, I think it is important for business leaders to assume this will be a permanent fixture in 2021. The implication of this for cybersecurity professionals is a dramatic change in the way network security is organized. There will be more emphasis on remote access and securing home equipment (BYOD) as organizations adjust to the new normal for cybersecurity.  

In this blog, we explored real customer experiences as they moved to home working and how AlgoSec’s solutions helped them make the transition. 

Modernizing infrastructures

The move to the cloud has become increasingly popular over the last few years. The main drivers towards that trend are two-fold, the first being the promise of agility. Cloud vendor systems are more flexible and can offer the flexibility and speed that organizations expect. Secondly, the transition to the cloud also has financial advantages for a company. It is much more convenient to purchase using operational expense budgets rather than capital expenses. This has created more appetite to move in that direction, even in conservative verticals such as finance and government.  

The challenge for network security professionals is different when dealing with the cloud, and a recent survey found that 75% of organizations were ‘very concerned’ or ‘extremely concerned’ about the migration process causing problems in the long-run.  

The requirements, however, remain the same. You need to secure your organization as you always did but the tooling is different, with added complexity and additional challenges. This isn’t something organizations have quite figured out yet and there will be an ongoing learning curve in 2021.  

We published a whitepaper that delves into the complexities of migrating to the cloud and the systematic approach that organizations should embrace when approaching these types of projects. You can download a copy here. 

Securing hybrid estates with automation 

The complexity of network security is growing which is largely down to the use of hybrid estates. Hybrid estates combine on-premise servers, with other virtualized data centers and real estate in the cloud either in SaaS or IaaS. This combination of data sources creates a complicated environment to secure, rife for misconfiguration errors. In fact, Verizon’s 2020 Data Breach Investigations Report found that more than 40% of all breaches it investigated resulted from misconfiguration errors. 

This is all in the face of a growing need for more agile processes. Organizations expect faster deployment of applications and rapid changes, which often conflicts with network security protocols. With this inevitable clash, the only way to move forward is to introduce more automation and tooling. Enterprise moves to adopt DevOps and DevSecOps approaches are going to be key to boosting organizations’ flexibility and adaptability to business demands, which in turn demands ‘one security management console to rule them all’ – that is, a console that gives IT and security teams holistic visibility and control over the entire hybrid estate. 

The ransomware reign continues 

Ransomware has plagued organizations for years and last year was no different. In fact, the Identity Theft Resource Center (ITRC) reported a resurgence in ransomware attacks, and Coveware found that the average ransomware payment was $233,000 in Q4 2020, up from just $10,000 in Q3 2018.  

Hackers are never going to give up targeting large corporations and as criminals become more sophisticated, it will become increasingly difficult to protect your network. What companies can do, however, is limit the potential damage hackers can cause if they do gain access to sensitive company or customer data. One way to do this is through network micro-segmentation, which minimizes the damage that hackers can do if they gain access by stopping lateral movement across your networks. You can find out more about how to implement and manage SDN-enabled micro-segmentation strategies in this blog. 

I also think it is important that organizations prepare network security playbooks in 2021, taking the time to think about what they should do when, not if, they are targeted by a ransomware attack.  

Fallout from the SolarWinds attack  

Towards the end of 2020 we witnessed an unprecedented attack on SolarWinds, carried out by a nation-state actor with the goal of gaining access to its customers and breaching their defenses from the inside. 

The nature of the attack has serious ramifications for the software industry as a whole. There are steps software vendors can take to protect themselves against this type of threat, but they can be expensive and disruptive. A software supplier that wishes to really defend its customers against such a motivated and well-heeled attack should act as if it is a defense contractor, with all the complexities this would entail. 

Going forward I suspect governments who consider themselves targets of nation-state attacks may put added pressure on their civilian software suppliers, and mandate that they tighten their security controls. If this happens, I expect that not every software vendor will want to, or be able to afford, to subject itself to these controls, which could cause a fragmentation in the software market. So far I have not heard of this pressure happening, but it is something to pay attention to during 2021.  

So to quote The Pretenders’ 1986 song Hymn to Her: “Some things change, some stay the same”… 2021 will be an interesting year.