Virtualization Technology News and Information
Onapsis 2021 Predictions: Overextended CISOs, ERP Systems and Application Security

vmblog 2021 prediction series 

Industry executives and experts share their predictions for 2021.  Read them in this 13th annual series exclusive.

Overextended CISOs, ERP Systems and Application Security

By Ansh Kanwar, GM of Products and Technology, Onapsis

As this unprecedented year comes to a close, there are many lessons to be learned, especially when it comes to cybersecurity. Due to the rapid shift to remote work, we saw a drastic increase in cyberattacks, breaches, and threats. To combat these attacks in 2021, organizations need to prioritize cybersecurity by focusing on the right tools, getting ahead of potential risk factors, and adapting their cybersecurity models to meet the stringent requirements of the new normal. With attacks increasing and maturing in sophistication, CISOs and security teams won't have it easy in 2021. So while no one can predict the future (especially this year), I believe these three key cybersecurity trends will unfold in 2021:

1.  Overextended CISOs Must Do More with Less

In 2021, CISOs will have tighter budgets and will be under pressure to consolidate vendors, tools, and software. Even though the pandemic has put cybersecurity at the forefront of concerns for organizations, CISOs will have to protect their organization with less.

These constraints, combined with continuing migrations to the cloud, will create extended enterprises being overseen by overextended CISOs. Since they can't hire scores of experts in-house to protect their organization, CISOs will fill that gap with technology and vendors, but will try to make fewer tools do more for them. CISOs will move away from point products and turn to comprehensive toolsets, platforms, and product suites that span across applications and departments. They will look for one-stop shop solutions that solve multiple security needs and have cross-team functionality. This will allow for cost efficiency without lowering the overall security posture of the organization.    

2.  ERP Systems Will Be a Driving Factor in Supply Chain Risk 

2020 was the year of unpredictability, especially for supply chains, both physical and digital. Systems broke down many ways, revealing vulnerabilities, and cyber threats were at an all-time high. In fact, we saw more awareness of these potential negative consequences in 2020 with alerts from the DHS and US-CERT. A high-profile example of this is the recent SolarWinds supply chain attack, that deployed malware to Orion Software to infect networks of multiple US companies and government networks.

Next year, CISOs will need to prioritize third-party risk and realize that ERP systems are a driving factor in supply chain protection. If something happens in one of these systems, it can have severe consequences, including halting manufacturing lines, shipments, sales orders, and more. Moving forward, CISOs must prioritize the security of these mission-critical business applications.     

3.  No More Excuses: Time for Application Security Plans is Now 

Over the years, many security trends have created new sectors in the industry, such as perimeter and endpoint security models. With the shift to remote work in 2020, we saw the most cyberattacks, breaches, and vulnerabilities targeting applications than ever before. In fact, the 2020 Verizon Data Breach Investigations Report (DBIR) found that 43% of data breaches are tied to web application vulnerabilities-which more than doubled year over year.

Because of this, application security from the core to the cloud, especially for mission-critical applications such as ERP, CRM, PLM, HCM, SCM and BI, will emerge as the frontier of security priorities for organizations in 2021. It will no longer be acceptable to assume applications are secure because they are behind a firewall or that data from those applications are protected because they're in a virtual data center. CISOs will need to have explicit visibility and control over each application, along with how they all interact. CISOs must take control of this problem and create an application security plan. Moving forward, this will no longer be optional. 

Only time will tell if these trends come true, but one thing is inevitable: cyberattacks will continue and will only increase in sophistication. 2020 was a challenging year, to say the least, but 2021 will bring its own set of unique challenges. CISOs and security teams will need to stay on their toes and not let their guards down in order to protect their organization from cyber threats in the future.


About the Author

Anshuman Kanwar 

As General Manager of Products and Technology of Onapsis, Anshuman is passionate about leading product and technology teams that deliver high-quality business-critical software. His background is in product management, agile software development, security, cloud computing, data center & network infrastructure and devops-at-scale. Over the last 18 years he has worked for Citrix Systems and LogMeIn in various technical and technology management roles. He studied Computer Engineering at Delhi University and the University of California, Santa Barbara and management at the Sloan School of Management (MIT). He believes that great companies are built by collaborative, adaptable, high-trust teams and that good management begins with making others successful.

Published Monday, January 04, 2021 7:34 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2021>