Virtualization Technology News and Information
Balbix 2021 Predictions: The Great InfoSec Divide & Other Cybersecurity Trends CISOs Need to Watch

vmblog 2021 prediction series 

Industry executives and experts share their predictions for 2021.  Read them in this 13th annual series exclusive.

The Great InfoSec Divide & Other Cybersecurity Trends CISOs Need to Watch

By Gaurav Banga, founder and CEO of Balbix

2020 was an unprecedented year for many reasons, and the spike in cyberattacks that we saw during the pandemic has changed the security landscape forever. During this tumultuous year, malicious actors took advantage of the population's general fear and anxiety around COVID-19, and cybersecurity professionals were stretched thin due to budget cuts and urgent projects to secure remote workforces.

While security professionals adapted quickly to this new normal, they must look ahead and take a proactive approach to safeguard against the new threats 2021 will bring. The four emerging cybersecurity trends below need a close watch in the next year.

1) 2021 Will Reveal "The Great InfoSec Divide"

Due to 2020's disruptions, the gap between cybersecurity-mature organizations and security unready organizations will widen significantly and become a major competitive disadvantage factor.

Cybersecurity-mature companies are those that have already made investments to prevent cyberattacks before they happen. On the other hand, security unready organizations have yet to implement proactive security controls and practices and as a result can only respond to breaches after they happen. In 2020, many security unready organizations pushed out critical projects to enhance cybersecurity posture visibility due to budget squeezes and tactical priorities.    

The primary consequence of being on the wrong side of The Great InfoSec Divide is that it makes it more difficult to secure new customers and retain existing ones. Your customers worry if you can keep their data safe. At the macro-level, The Great InfoSec Divide will slow innovation, as startups and smaller faster innovating companies will struggle to gain customer trust. We will see the reemergence of the phrase "No one ever got fired from hiring Microsoft," but for cybersecurity reasons. 

2) Expect Deeply Personalized Phishing Attacks

In 2021, we expect to see an increase in personalized phishing attacks. Bad actors will use AI and automation at a large scale to collect information about you from social media and dark web sources, and craft very believable "lure" messages. For example, you may receive a fake Google Drive invitation from a colleague. Clicking on this link might prompt you to download a plug-in, which can be ransomware.

Businesses will need to train their employees to recognize personalized phishing attacks. Some attacks will succeed despite all our efforts. Therefore, it will also be critical for enterprise cybersecurity teams to invest in backup technologies such as two-factor authentication and adaptive trust to minimize successful phishing attacks. Think layered defenses. 

3) IoT Everywhere Means More Danger of Hacked Lives

More IoT devices mean more attack surfaces. While IoT adoption provides better living and working experiences for people across all walks of life, attackers see them as easy pickings to perpetrate attacks.

In 2021, expect to hear about a jaw dropping data breach of consumer information due to poorly secured smart devices associated with some fast-growing or well-known company. Due to the nature of personalized data that IoTs have access to, this incident will make the Equifax breach look like some minor event.

4) Quantum Computing Will Become the Next WannaCry for Malicious Actors

Quantum computing is likely to become practical soon, with the capability to break many encryption algorithms. Organizations should plan to upgrade to TLS 1.3 and quantum-safe cryptographic ciphers soon. Big Tech vendors Google and Microsoft will make updates to web browsers, but the server-side is for your organization to review and change. Kick off a Y2K like project to identify and fix your organization's encryption before it is too late.


About the Author

Gaurav Banga 

Gaurav Banga is the Founder and CEO of Balbix, and serves on the boards of several companies. Before Balbix, Gaurav was the Co-founder & CEO of Bromium and led the company from inception for over 5 years. Earlier in his career, he served in various executive roles at Phoenix Technologies and Intellisync Corporation, and was Co-founder and CEO of PDAapps, acquired by Intellisync in 2005. Dr. Banga started his industry career at NetApp. Gaurav has a PhD in CS from Rice University, and a B.Tech. in CS from IIT Delhi. He is a prolific inventor with over 70 patents.

Published Friday, December 18, 2020 7:36 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2020>