Industry executives and experts share their predictions for 2021. Read them in this 13th annual VMblog.com series exclusive.
New Roles Emerge in the C-Suite to Mitigate Potential Record-Breaking Year of Data Breaches
By Vibhuti Sinha, Chief Cloud
Officer, Saviynt
2020 brought several significant shifts in our daily
lives, especially in the way we work. As companies transitioned millions of
staff and fast-tracked remote work in response to the COVID-19 pandemic, we saw
the C-suite double down on cloud migration and digitization.
These modernization efforts left organizations to
face new challenges this year. However, opportunities have emerged from these
efforts as well. For example, the pandemic exposed shortcomings around
security, tools, and practices for many organizations - specifically around
identity - that inspired product innovation and partnerships. These innovations
have shifted the mindset of many organizational leaders and security
professionals, pushing them to focus on how identity impacts an organization's
overall security.
While only time will tell what 2021 has in store, I
predict that the C-suite will put an extraordinary emphasis on identity
management and security in the new year. Here are my predictions:
Introducing
New Additions to the C-suite: The Chief Cloud Officer and the Chief Identity
Officer
Misalignment around digital transformation
investments has led to a disunified C-suite. As digitization continues to blur
the Chief Information Officer's traditional responsibilities, a new role will
emerge in 2021 - Chief Cloud Officer.
This role will become necessary as companies SaaS-ify their operations
and need a cloud-focused leader with business acumen who can battle legacy
mindsets around running a company on traditional data centers versus moving to
the cloud.
Companies will depend on Chief Cloud Officers to
support internal infrastructure and product innovations - this includes
securing the company's own platform. They also must be evangelists, engaging
the development and testing communities while continuously enforcing security
policies.
Similarly, the influx of digital transformation
initiatives has emphasized the importance of identity and its role in an
organization's overall security and regulatory compliance. In fact, a few years
ago, an IAM analyst shared that "[making] identity
management a larger part of the enterprise not only makes sense from a security
and compliance perspective, but because good, clean, organized IdM data results
in better running organizations."
To add to this, I believe that 2021 will also be the
year of a new CIO - the Chief Identity Officer who is more than the traditional
CISO. He or she will prioritize looking at the digital transformation of a
business and how identity informs it.
Companies
Adopt a Zero Trust Mindset After Data Breaches Break Records in 2021
Due to organizations rushing to move to the cloud and
the continuation of remote work, I predict that we'll see an unprecedented
number of data breaches in 2021.
As I mentioned, organizations have been working hard
over the past year to understand this new and rapidly changing IT landscape.
With the influx of digitization activities, business leaders must understand
what that type of migration entails.
Not only will it be crucial for organizations to
collaborate with solutions providers to ensure they're managing their critical
assets stored in the cloud effectively, but it will be necessary for
organizations to commit to a Zero Trust mindset.
Zero Trust is a philosophy that assumes attackers
exist both inside and outside of a network - and trusts no identity blindly.
Over the past year, we have seen an increase in attackers using malware and
social engineering techniques to steal credentials and take over accounts.
Therefore, I urge organizations to move away from standing access and
"superusers" instead of adopting zero standing privilege and
just-in-time provisioning to narrow the scope of a potential attack.
Building your security perimeter with identity as the
foundation can significantly improve an organization's overall security.
Unfortunately, I suspect we'll see many companies learn this lesson the hard
way in 2021. They'll experience a breach before finding an adequate security
solution or shifting their trust mindset.
If we learned anything from 2020, it's that we cannot
predict the exact outcome of the year ahead. However, digital transformation,
cloud migration, and the security challenges that come along with digitization
are here to stay. For companies looking to modernize or continue their
modernization efforts in 2021, there is an excellent opportunity to build a
proactive security posture through identity-centered decision making.
##
About
the Author
As Saviynt's Chief Cloud Officer, Vibhuti
Sinha, is the owner of Saviynt's cloud platform and products. He leads the
strategy and innovation of cloud security products and is responsible for
delivering them as a service. He has 17+
years of experience in defining and building security models and solutions for
enterprise and cloud platforms at several Fortune 500 organizations.