2020 was a crazy year, and one none of us is likely to forget. But as we look ahead to 2021, here are five cybersecurity predictions and trends we think everyone should be aware of.
2020 has been a strange and unsettling year for everyone and perhaps even more so for IT security professionals.
As the year starts to wind down, we’re turning our gaze towards 2021 and the top cyber security trends we expect to see in the coming year.
On the horizon are threat detection and response solutions that automate the monitoring, collection and correlation of data gathered from multiple IT security tools — this will not only improve, but also automate, threat detection performance while adding and accelerating incident-response capability.
For example, if an attack triggers alerts on email, endpoint device, or within the network, one of a new breed of threat detection and response solutions gathers better analytics, and combines that with additional logs and alerts from across the environment and uses that to produce validated threat alerts — improving detection accuracy and making overall security operations more efficient and productive.
Quoted in a Smarter With Gartner blog post, VP Analyst Peter Firstbrook observed, “Centralization and normalization of data also helps improve detection by combining softer signals from more components to detect events that might otherwise be ignored”
Cybercriminals are always ready to launch attacks that exploit users’ behaviors, even if inadvertent. This was never more apparent than in 2020, when employees forced to comply with stay-at-home orders became remote workers scrambling to adapt to new technologies and devices.
Cybercriminals took advantage of the widespread disruption with a barrage of cyberattacks targeting existing vulnerabilities and expanded threat surfaces in companies that weren’t prepared to support a remote workforce securely.
A little more foresight might have made a difference. When the pandemic first surfaced, more than 80% of companies already supported BYOD for employees, partners, and stakeholders. Unfortunately, three-quarters of those same organizations neglected to provide BYOD malware protection, or chose to rely on endpoint software installations. In addition, the emergence of IoT devices, which can’t be secured or monitored using traditional methods, further complicated the situation.
Nearly nine months into the pandemic, companies are still struggling to support a remote workforce and devices without exposing sensitive information.
Not surprisingly, the sluggish response is reflected in the bottom line. Almost 25% of organizations absorbed unexpected costs related to cybersecurity breaches and malware infections.
Just in case you didn’t notice, IT spending is down—decreasing nearly 10% in 2020. It’s a trend that will likely reverse as we all head to the new normal and beyond in 2021.
But one thing is clear: CSO/CISO/CIOs will need to get creative—especially if they are working for one of many companies trying to close a digital transformation gap limiting their ability to compete in a fast-paced, unpredictable marketplace.
We expect many of these IT security leaders to seek relief in convergence solutions capable of integrating multiple services on a single platform.
In particular, threat detection and response platforms will be a popular choice to drive convergence, replacing disjointed array of point products and enabling consistent protection of all enterprise IT resources from a single control point.
In addition to addressing shrinking budgets, convergence solutions will also shrink costs by reducing the amount of time IT, and/or security teams spend on management tasks.
The number of high-profile cybersecurity incidents continued to rise in 2020, forcing companies to reassess their cyber security posture in both the digital and physical realms. As we described in past blogs, most companies have developed a security stack that consists of too many security solutions—as many as seven different systems, if not more—a development that leads to too many alerts, not enough information, and difficulty getting the insight needed to respond to threats effectively.
Ransomware attacks on business processes and GPS spoofing, when combined with the potential for siegeware attacks on building management systems and vulnerable OT/IoT systems, will pressure organizations that aren’t equipped to respond to security failures that threaten to compromise physical safety.
In 2021, more companies will expect enterprise-level CSOs to consolidate multiple security-oriented silos to better defend valuable assets and, in some cases, increase business.
We’ll see many CSOs move to a centralized organization and governance model by aggregating enterprise security silos—IT security, OT security, physical security, supply chain security, product management security, and health, safety, and environmental programs.
Whatever else happens in 2021, we’re pretty certain that artificial intelligence (AI) will continue to change our world in new and unexpected ways. In the security arena, we anticipate a growing reliance on machine learning (ML) to power decision making across a broad range of security and digital business use cases.
Additionally, AI-driven cybersecurity solutions will continue to drive automation and technology that can evolve with advances in cyberattacks. For example, behavior-based threat models will become even better at preventing and mitigating known attacks as well as limiting zero-day attacks.
This trend creates opportunities for cybersecurity providers in three key areas:
It’s not all bad news. The pandemic is forcing many companies to accelerate their timetables for digital transformation.
Peter Firstbrook, speaking at the virtual Gartner Security and Risk Management Summit, 2020: “The pandemic, and its resulting changes to the business world, accelerated digitalization of business processes, endpoint mobility and the expansion of cloud computing in most organizations, revealing legacy thinking and technologies.”
We fully expect to see faster adoption of 5G for remote workforces and greater reliance on AI- and ML-powered analytics to grow business.
Putting off your company’s total digital transformation is no longer an option. And a greater urgency to adopt the cloud will spur innovation, improve overall security, and help future-proof enterprises in the face of uncertain market conditions.
How ARIA Cybersecurity can help
Our ARIA Advanced Detection and Response (ADR) solution is positioned to assist organizations address all of these cyber security trends as they assess their security posture for 2021 and beyond.
ARIA ADR is a single, comprehensive AI-driven platform that delivers a wide range of cybersecurity capabilities. ARIA ADR offers the full functionality of seven different traditional cyber security tools, and only requires one analyst to manage. It can be put into operation anywhere and provide valuable visualization across the entire enterprise.
Interested in learning more about ARIA ADR, and how it can provide a single, cost-effective cybersecurity solution to align with the trends and challenges coming in 2021?
Please visit our ARIA ADR resource center to access ROI tools, infographic, eBook, and more.
About ARIA Cybersecurity Solutions
ARIA Cybersecurity Solutions recognizes that better, stronger, more effective cybersecurity starts with a smarter approach. Our solutions provide new ways to monitor all internal network traffic, while capturing and feeding the right data to existing security tools to improve threat detection and surgically disrupt intrusions. Customers in a range of industries rely on our solutions each and every day to accelerate incident response, automate breach detection, and protect their most critical assets and applications. With a proven track record supporting the Department of Defense and many intelligence agencies in their war on terror, and an award-winning portfolio of security solutions, ARIA Cybersecurity Solutions is committed to leading the way in cybersecurity success.