While
this year presented many challenges for businesses across the world, it drove
innovation from tech companies at a rapid rate. Shifting to remote work
resulted in increased security risks and a reliance on cloud technologies that
will have a lasting impact for years to come.
As
2020 comes to a close and organizations continue to navigate challenges caused
by the pandemic, it's time to start looking ahead at the next year the year to
come. Below, we've talked to some of the best minds in the industry to discuss
their predictions and insights for the upcoming year.
See below for what they
have to say:
Avi Raichel, CIO, Zerto
"This
past year found nearly everyone working from home at some point. Some loved it,
some didn't, but I don't see us ever going back to exactly how it was before.
That ship has sailed. My hope is that companies are learning to adjust and be
ready for what the new normal will require. Recent months have made it clear
that companies are coming to the understanding (or at least they should be)
that digital transformation is not an option but an absolute necessity.
However, that makes the stakes higher than just 12 months ago, the risks are
more widespread, and there are more opportunities for cyber criminals to
succeed. This means that IT disruption caused by the threat of ransomware is
something that should be near the top of the list of concerns for every CIO and
every company. But companies need a clear-eyed view of reality and accept that
no matter how much they invest in protection, eventually something will get in.
The ultimate protection isn't a wall around the perimeter, so to speak, it's
the ability to recover quickly and get back to business as usual.
2021
will be the year of what I like to call "recoverware." The ability to recover
is just as critical as all the protection walls companies are building.
Companies need to invest in recovery solutions that are very fast and
affordable, as this will save money in the long run as opposed to paying a
ransom. Paying ransom makes you a target but being able to recover and avoid
downtime following an attack makes you wasted effort for those who want to
profit from harming companies. After all, ransome doesn't work if the target doesn't
have to pay it. And realize this, it's cheaper to prepare with recoverware than
to pay ransom. Eventually, it happens to everyone, so the choice is how you
deal with it."
Steve Moore, chief security strategist, Exabeam
"To aid in the fight against sophisticated digital adversaries,
CISOs will empower their SOC teams to be more open on staffing and
technological shortcomings. Analysts are tasked with combing through thousands of security
alerts a day, which is exacerbated by the fact that over half of their
time is
spent on data collection and chasing false positives. Leadership should be
concerned that analysts are at a severe risk of becoming overwhelmed and
consistently feeling that the odds are stacked against them.
CISOs
are ultimately responsible for developing and maturing the security program and
reevaluating what tools are missing. With SOCs being distributed in the remote
work environment, CISOs must empower their teams to report staffing and
technological shortcomings to develop and enhance security programs. When
security teams express issues that may be heavily affecting their work, it
lessens the burden on the CISO to evaluate from the top down.
A
CISO acts as a bridge between the security analysts and stakeholders such as
the CFO, CEO and board of directors. By empowering their analysts to be vocal,
a CISO can cite personal anecdotes and evidence to the leadership team. This
proof can help to expedite approval to purchase and implement new, advanced
security controls, such as behavioral analytics, and even hire new personnel,
in order to combat risks and lessen burnout. Streamlining communication between
the CISO and their security teams will become critical in 2021 in order for
enterprises to stand a chance against advanced adversaries and beat the
odds."
Flint Brenton, CEO, Centrify
"Intellectual property will be hackers’ next golden ticket. In 2020, we saw a rise in healthcare breaches, likely because patient records often fetch up to $1,000 each. Compared to credit card data, which goes for just $12-20, and email addresses, which average around $100 in bulk, it makes complete financial sense. But during the COVID-19 pandemic, we began seeing an alarming trend of cyber adversaries targeting intellectual property such as vaccine research, including Russia’s APT29 going after research centers in the U.K., U.S., and Canada. With countries and companies around the world competing to be the first to distribute a viable vaccine, we believe hackers and possibly even insiders will begin releasing the fruits of their malicious efforts on the Dark Web in 2021 -- for a premium fee of tens, if not hundreds of thousands of dollars."
Robert Van der Meulen, global product strategy lead, Leaseweb Global
"Expanding enterprises can start quickly if they design their
infrastructure in a flexible way with hybrid cloud. With IT spending under
scrutiny in the midst of the current economic climate, enterprises and SMBs
alike are going to be eager to move out of the public cloud. Public cloud is
satisfactory if you need a lot of scalability in the short term, but costs
greatly increase for this flexibility. Companies are going to be more risk
averse, cost effective and grow in dependence upon connectivity as the remote
work trend increases in all industries. The drive for connectivity and
bandwidth will lead enterprises to move to areas that have prioritized
connectivity, such as China and other Asian-Pacific countries and certain parts
of Europe.
Hybrid
cloud will be a key tool for expanding enterprises and allows companies to
procure flexible capacity and experience easy growth start-up when developing
in a new region. Once revenue begins to come in they can work with
infrastructure providers to move to more effective solutions such as
colocation, bare metal servers or content delivery networks depending on the
need. Infrastructure providers who specialize in hybrid solutions can evaluate
your business needs and workloads to match the right type of technology to your
requirements. With the right hybrid infrastructure in place, organizations can
rest assured that their expansion will start off on the right foot."
Michael
Jack, VP of global sales and co-founder, Datadobi
"In 2021, organizations that understand unstructured data
management are going to be the winners. On a global scale, unstructured data is growing
at such a rapid pace that the sheer amount of it is out of control. This makes
it difficult for organizations to make informed decisions when staring into
such a muddled abyss. Having a strategy to manage unstructured data is now
essential and will put space between the leaders and those forced to play catch
up. But, devising a strategy for such a complex environment isn't innate to
most enterprise-scale organizations-they'll need help.
Vendors
that understand management of unstructured data will be the differentiating
factor that most organizations are looking for. Experienced vendors can provide
knowledgeable insights to optimize unstructured storage environments. More and
more, important business decisions will revolve around migrating data into the
cloud and then about how to protect it, move it around and archive it. In the
year ahead, businesses that have ballooning quantities of unstructured data
will need guidance on how to make use of it, what insights can be gleaned from
it, and how to make informed decisions based on it."
Jay Ryerse, VP Cybersecurity Initiatives, ConnectWise
"Cyberattacks doubled last year, and with many workforces
transitioning to remote work in 2020, it is important that companies look into
and invest in making their newly dispersed teams secure. In an effort to keep
up with demand, companies will pivot towards automation and streamlining the
various security products that exist and aligning them whenever possible. For
example, attack techniques are changing, and with people working from home
there has been an increase of phishing attacks on targets' family members as
they are now sharing equipment and networks while working on sensitive business
data on a daily basis. The demand to double down on cybersecurity to tackle the
new challenges that come with a remote workforce will see many companies
turning to MSPs to address the volume of attacks, for education, and help
reducing risk in 2021.
Next year will also see an increase in legislation around privacy.
In the US, California, Nevada, and Maine led the way but now 23 states have
adopted similar regulations. We may also start to see legislation regulating
MSPs. In fact, Louisiana has already done that, and other states could follow
suit. If that happens, we'll see a lot of forward-thinking MSPs investing in
education and attracting talent to close their cybersecurity skills gap and
leverage that legislation as a competitive differentiator in the market.
Finally, we'll continue to see heavy private equity investment in
the MSP space, leading to further consolidation, as well as private equity
buying security companies at a rate that's probably unprecedented. The objective
of these consolidations may be to gain market share and intellectual property
while streamlining delivery of secure services. It will likely drive market
separation for the largest providers and conversely, create an opportunity for
smaller providers to enter the space and meet the demands of delivering
security service at scale."
Charles
Burger, Global Director of Assureon Solutions, Nexsan, a StorCentric Company
"In
2021, cybersecurity will remain at the forefront of virtually every data center professional's
mind as increasingly aggressive and rampant ransomware, and other bad actors,
continue to attack not only onsite production data but every possible copy, wherever
data resides. In 2021, it will be therefore critical that organizations step-up their
cybersecurity game with data security, protection, and "unbreakable" backup solutions
that not only serve to protect against an attack, but in the worst-case
scenario -
ensure the ability to recover and maintain uninterrupted operations."
JG Heithcock, GM of Retrospect, a StorCentric company
"This
year, organizations have been busy responding to the rapid shift to remote work
and the cyber risks that were heightened as a result of bad actors using the pandemic as a catalyst to continue
carrying out their crimes against organizations through phishing, malware
distribution, false domain names, and other attacks on teleworking
infrastructure. With a distributed workforce, organizations of all sizes and
across industries have relied on email to maintain business continuity,
especially in a world that was already trending towards a greater adoption of
flexible remote working opportunities. Unfortunately, email attacks have risen
and will likely continue to increase, making them prime targets for enacting
cyber crime, especially if providing information about COVID-19 testing,
resources and research.
While
we continue to navigate the uncertainties of the pandemic in 2021, it is
important to reiterate simple steps to avoid or minimize attacks on businesses:
Identify suspicious senders, exercise caution before clicking on links or
opening attachments, and instill a backup strategy that utilizes the 3-2-1
backup rule. A strong 3-2-1 backup plan includes having at least three copies
of your data across multiple locations: the original, a first backup stored
onsite and a second backup located offsite. Although the new year will
certainly bring new risks, we have the tools to build a foundation that
actively protects us from them."
Rick Moy, VP of sales and marketing, Tempered
"IoT, 5G and the shift to the cloud will converge to expand
organizations' attack surfaces. As more operational decisions depend heavily on the ability to
consistently and securely access data, seamless connectivity to data generating
equipment is a must. There is a pressing need for secure connectivity in a
world where the devices and infrastructure supporting them are ill-equipped to
deliver it, especially as the need to move data and manage systems across
expanding landscapes has outpaced techniques such as VPNs and firewalls.
As
we move into 2021, we're just starting to see the full transformative potential
of 5G connectivity and the exponential rise of devices connected to the cloud.
The power of IoT coupled with 5G and this shift to the cloud will push into
ever more remote and challenging environments, bringing greater value, but also
greater risks in communications and attack. To be successful and thwart an
ever-growing pool of sophisticated attackers, organizations have to put more
refined communications infrastructure in place that is ready for the scale and
ruggedness the future of IoT demands."
Trevor Bidle, Chief Information Security Officer, US
Signal
"Businesses
will invest more in cybersecurity to tackle ransomware attacks and avoid legal
penalties. More than half of organizations have
fallen victim to ransomware in the past year, and at least 26% paid the hackers
to get their systems back up and running. We expect the number of incidents to
rise in 2021 and, therefore, expect businesses to increasingly work with
third-party data center and security services providers to tackle this growing
threat. This is especially critical following the U.S. Department of the
Treasury's Office of Foreign Assets Control's (OFAC) announcement that paying the ransom will
not only encourage hackers to continue these attacks -- but could now go
against OFAC regulations. We will almost certainly see multi-layered
cybersecurity products that include protection solutions such as vulnerability
management, frequent data backup and snapshots, cloud-based security services
and secure data centers to restore lost or corrupt data grow in popularity in
response."
Bob Davis, CMO, Plutora
"The
further development of predictive analytics will shape the future for companies
that adopt VSM. Over
recent years, value stream management (VSM) platforms have improved the way
organizations develop software, but what is going to really move to the
forefront in 2021 is that VSM predictive analytics will shape organizations'
knowledge and foresight of what their customers need. The need for visibility
into the software delivery process will enhance the ability to make informed
decisions based on that insight and become a differentiator for companies that
rely on software. As we go forward, companies will have to embrace VSM
platforms if they want to become a software player. But it will be the improved
visibility and utilization of predictive analytics that VSM provides that will
enable companies to understand what technology and products matter most to
their customers so they can move in that direction.
The importance of visibility also points to the
vitality of gathering data. While many companies talk about visibility, they
don't discuss what it takes from a data perspective. Collecting data requires a
common data model across the value stream. If you want visibility, the ability
to fix things fast, and measurement of the value you're delivering, it's always
about proving you know how to do it and convincing the powers that be to invest
in that vision. VSM platforms will provide clear advantages for those who
choose to use them through the power of data driven decisions."
##