It’s not uncommon to look ahead to the year to come and predict what tech trends will define it. But considering the degree to which the pandemic upended the day-to-day work of just about all organizations in 2020, it’s almost guaranteed that cybersecurity will be top of mind for IT pros in 2021 and beyond. We’ve entered an unprecedented era of remote work, which has dramatically expanded the attack surface for bad actors. In the year to come, new threats will continue to emerge, but companies will also be working hard to secure their IT infrastructure. Here are five major trends I expect in 2021.
Data protection plays catch up
IT pros didn’t exactly have an easy task with regard to business continuity when coronavirus hit. As such, many prioritized connectivity over cybersecurity in 2020, or spun up cloud and SaaS applications without consistent cyber policies. Unfortunately, that means there’s a very real chance bad actors, whether nation states or organized criminal groups, have already infiltrated sensitive networks. Threats will continue to evolve as well; I expect to see the rise of insider-threat-as-a-service and synthetic identities, the latter of which is the fastest-growing type of financial crime in the entire country. Data protection is crucial to guard against new and existing insider threats. Only by continuously monitoring how users access and interact with data can organizations identify malicious users and compromised accounts in real time and react accordingly. In 2021 and beyond, organizations must know where their data is on a minute-by-minute basis to avoid a costly breach.
Human error hinders security
Not all cybersecurity threats are the result of malicious intent, though. The same human innovation that helped organizations survive the stress test that was 2020 will likely present cybersecurity problems in 2021—especially if companies play cybersecurity catch up by implementing additional layers of security that add friction for the user. All-or-nothing security controls may prove ineffective as people continue to work from home; employees are sure to get increasingly creative with workarounds and shortcuts that increase productivity but threaten security. As users stockpile more data, rely on more workarounds, and are desensitized to risk, organizations will have trouble maintaining visibility on their data assets. Companies in 2021 will be forced to better understand what motivates human behavior so they can implement security tools that don’t create unnecessary and dangerous friction.
Disinformation is here to stay
Another threat that I expect to continue into 2021 is disinformation, which can be weaponized against companies and countries alike. But since there is growing awareness around the pervasiveness of disinformation, I also expect to see more substantial responses in the year to come. Most Americans support greater regulation of tech monopolies like Facebook, for instance. If passed, The Honest Ads Act, would require the same transparency with regard to social media advertising as is required of traditional ads. But the government cannot tackle disinformation alone. In addition to continued awareness campaigns, I also expect to see public/private partnerships with the explicit goal of uncovering the technological innovation required to address this omnipresent issue. Disinformation becomes the new information.
Security becomes a cloud commodity
It’s not just threats that will evolve in 2021, though. Cybersecurity tools will as well. In fact, I predict the emergence of early stage “Zoom” of cybersecurity: converged, digital, cloud-delivered cybersecurity platforms.
Security platforms are becoming crucial as companies across industry pivot to the cloud in order to support a distributed workforce. I expect the cloud to become a part of cybersecurity’s DNA; security will be so ingrained in applications that people will hardly recognize it as such—making it less likely to conflict with people’s ability to do their jobs. At the same time, as security becomes a cloud commodity, IT leaders will have dramatically better visibility into where data is and whether it’s being used safely. This one will take a little longer.
Machine learning goes under the microscope
Machine learning is crucial to dealing with the evolving threat landscape. Such cutting-edge technology is required in order to make sense of a wide range of user data in real time; myriad cybersecurity systems use machine learning and artificial intelligence to make decisions about how risky a particular employee behavior is. These systems are trained on large historical data sets but can still be hindered by bias. In 2021, debates about inherent bias in machine learning will likely be center stage. I expect tighter controls about the data sets machine learning systems are trained on, in addition to seeing more algorithms combined with human intelligence and intuition.
The bottom line
The cybersecurity landscape was transformed dramatically in 2020, but that doesn’t mean more changes aren’t coming in the year ahead. Security will become a cloud commodity, with machine learning offering a frictionless approach to user monitoring. But machine learning isn’t without its biases, and the threat landscape will continue to evolve even as cybersecurity tools do. Whether because of disinformation, human error, or new kinds of bad actors, organizations need to make sure they know where their data is at all times in order to stay secure in 2021 and beyond.
View our webinar for more information on changes within the industry from Forcepoint cybersecurity experts across the business.