In a world where figuring out what will happen today is near impossible, it's hard to say what the future holds. A few things are, however, clear.
At the outset of 2020, remote work was something most companies were experimenting with, but mid-way through the year, things got serious as Covid-19 began to spread and mandates forced the masses to work from home. While many companies viewed remote work as a short-term solution to the pandemic problem, they are now realising that it is here to stay.
Research shows that over three-quarters of more than 3,700 IT leaders in seven countries believe most workers will be reluctant to return to the office post-pandemic and they will need to revamp their security policies to support them as they work from anywhere.
Three years ago, everything was on perimeter and the security perimeter was defined by firewalls. Today, applications and services are rapidly moving to the cloud, people are working from anywhere and the perimeter has all but disappeared.
Corporate information security teams will no longer rely on traditional VPN-based strategies to provide access. Instead, they will shift to a zero-trust model that uses contextual awareness to adaptively grant access based on user behaviours and access patterns.
In a recent survey conducted by Citrix and Pulse, 97% of 100 IT decision-makers in North America, Europe, the Middle East, Africa and the Asia Pacific region said employee experience is a key influence on their security strategy, and 75% said they are looking to improve the user experience through their design and execution.
Security teams will take an intelligent, people-focused approach to security that protects employees without getting in the way of their experience by securing all tools, apps, content, and devices they need and prefer to use in a simple experience that can be customised to fit personal preferences and evolving work styles.
New ways of working mean new ways of attacking corporate networks. Ransomware and other malicious attacks are on the rise, with cybersecurity researchers reporting a seven-fold increase in malware campaigns at the mid-point of this year. Flush with cash from their demands, bad actors, have been empowered to scale their operations. And they will. Attacks will continue and become more sophisticated and dangerous.
As attackers get smarter and scale, security will get smarter and more creative as well. Machine learning and artificial intelligence will deliver real-time insights into user behaviour and access patterns, and security teams will use them to automate the process of identifying security incidents, atypical activity and policy violations and defend across gaps.
The data chain is longer and more complex than ever and with the perimeter gone, companies need to think beyond protecting their own systems and data and closely monitor all third-parties with whom they interact, as all it takes is one weak link to create a breach.
With corporate brands, customer trust and business continuity at stake, security teams will place more scrutiny on their vendors and select only those who meet the highest standards for data privacy and protection.
Companies are rapidly moving to simplify and CISOs are adapting to secure the new environment. But ten years ago, there was no cloud and five years from now there will be something else. CISOs will become more agile in adapting to changes as technology evolves in 2021 and align closely with business leaders to provide a secure environment that fuels innovation and growth.
Looking ahead at a time when things have never been more uncertain may seem like a futile exercise but there are lessons to be learned today that can help shape a better tomorrow.
Just like work, cyber-attacks can happen anywhere, anytime and in order to successfully protect the systems and information people need to get things done, wherever they happen to be, security organisations need to become more intelligent and flexible.
In doing so, they can create the secure environments needed to keep employees engaged and productive and fuel innovation and business growth.
