2020 drastically changed the way enterprises hitherto functioned. Worldwide, organizations swiftly adopted and adapted according to the rapidly changing circumstances. Work from home became the new reality. A significant percentage of the workforce worked remotely. The trend is likely to continue well into the future. Outlined here are some cybersecurity trends that are expected to continue in 2021.
Any Device, Any Place, Any Service
Personal devices have outnumbered corporate devices for a long time. In reality, it is very common to discover that individuals use many more personal devices than expected. Consider the enterprise healthcare system, for example, which last year discovered 30,000 unknown devices.
In 2020, personal workspaces surpassed corporate offices. According to Stanford, people working from home accounted for more than 66 percent of economic activity in the United States in 2020 and 42 percent of the labor force. Work is not done only on-site anymore.
Cloud Apps Exceed On-Prem Apps in 2021
In 2021, on-site apps will be overtaken by the use of cloud apps. Cloud services have been outnumbering on-site services for a while. But there’s a clear trend line in terms of strong authentication that will result in cloud apps as the primary way people work.
Security teams continue to deal with the challenge of how to secure this any location, any device, any service way of working. Expect more work on securing the endpoint devices themselves to be done.
Initiatives of Zero Trust, already underway in many organizations, will mature and provide assurances about the context and authentication conditions. Organizations will also seek to move visibility and detection to the edge, with traffic not coming from corporate offices and not going to corporate data centers.
We do have some authentication based on recognition in the year 2021. Of course, with QR codes and smart links, PINs, smart cards, and certificates, biometrics, along with a multitude of other factors, some individuals also authenticate.
However, before we declare 2021 as the year of passwordless, let’s acknowledge some of the concerns. Many IT initiatives were pushed off by the pandemic response to 2021 and 2022. In order to ensure usability, manageability, and defensibility improvements, organizations carefully evaluate passwordless. Given the variables and the impact on change, the emphasis is first on increasing trust in authentication and, secondly, on changing the primary factor.
In many organizations, Passwordless will be on the roadmap for 2021. Expect to see security teams running and evaluating the direction and proof-of-concept projects. To have full confidence that changing the primary factor will not adversely change the posture of security, work will need to be done in advance to increase trust in authentication.
Data Theft Protection
We can anticipate that data theft trends will continue. Ransomware is going to keep hitting organizations. Criminals are going to continue stealing and reselling data. In order to provide data protection, security teams must continue to find better ways. Too often, for the data, the app is used as a placeholder. Standards and specifications will move closer to data requirements, leading security teams to reconsider their data governance.
We’re going to spend many months into 2021 before it starts to feel normal again. The past year has changed many things. In 2020, the combined ingenuity of IT and security have been evidenced along the way. Cybersecurity will continue to remain important for enterprises in 2021.