Top 5 Security Trends of 2021
Top IT Security Trends of the Year
Gartner recently released a list of the top security trends. How have these changed since COVID-19 hit? What new trends have emerged? Which old ones remain as persisting challenges?
Here are some of the key ones noted in the report.
Filling positions with skilled security personnel was a problem long before COVID-19 hit. And it remains a major issue today.
“The first challenge is a skills gap,” said Gartner Analyst Peter Firstbrook. “80% of organizations tell us they have a hard time finding and hiring security professionals and 71% say it’s impacting their ability to deliver security projects within their organizations.”
2. Remote Work
Gartner surveys show that as many as 40% of employees will continue to work from home post-COVID-19. Thus, the additional support and security measures that have been implemented for remote work since March of 2020 will have to be continued indefinitely. Not only that, security personnel will have to deal with some people working only in the office, some only from home, and many combining both.
A further wrinkle is that many offices are taking the opportunity to downsize. One example is an organization of 100 that is planning to have personnel work three days per week in the office. This means that 60 will be onsite at any one time. To address this change, office space is being reduced. Standard cubicles are being dispensed with and employees will be asked to hook up their laptops to available spaces.
Therefore, security staff will have to get used to new patterns of operation, revise policies and best practices, and implement new tools to deal with a more fluid workplace.
3. Identity First Security
Gartner defines identity first security as an approach that places identity front and center in security design. Instead of a disparate set of tools and applications, each with their own security methods, user identity becomes the key to accessing everything from anywhere on any device.
This includes being able to monitor authentication centrally across the enterprise, not just implementing point tools related to multi-factor authentication, single sign-on, or biometric authentication. Organizations will have to evaluate the value of buying new software and systems to implement identity first security against the desire to maximize earlier investments in point tools.
4. Tool Sophistication Grows
Cybercriminals have upped their game. The recent SolarWinds and Microsoft Exchange Server hacks demonstrate the extent and also the depth to which networks can rapidly be compromised.Therefore, security vendors have been forced to raise their game, too, with new technologies such as breach and attack simulation (BAS) tools.
BAS is all about continuously assessing the defensive posture of the organization rather than relying on occasional penetration tests to determine potential areas of exposure. The logic behind this is: why conduct penetration tests on a quarterly or annual basis when you can be doing it virtually all the time?
5. Vendor Consolidation
The modern-day security toolkit contains way too many individual elements. A Gartner survey of CISOs found that 78% have 16 or more cybersecurity tools. Incredibly, as many as 12% of organizations have 46 or more security applications. That’s bad news for IT as they have to integrate, correlate, manage and maintain all those systems. They have had enough of hopping from console to console to fix one issue or another. It is no wonder that mistakes happen and breaches occur.
An emerging element of strategy, therefore, is to consolidate toolkits to encompass a smaller set of vendors. The advantages include ease of implementation, stronger integration, and lowered costs. That’s why 4 out of 5 CISOs intend to consolidate vendors over the next three years.
“Having fewer security solutions can make it easier to properly configure them and respond to alerts, improving your security risk posture,” said Firstbrook.
Enhance Your IT Management and Security
Syxsense Secure is a patch management platform that includes IT management and vulnerability scanning in one console. It not only shows you what’s wrong, but also deploys the solution.
Gain visibility into OS and third-party vulnerabilities like defects, errors, or misconfigurations of components, while increasing cyber resilience with automated patching and security scans.
Start Your Free Trial of Syxsense
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.