As organizations close on 2020 and look forward to their transition to a new normal in 2021, global IT and networking leader Cisco has shared its predictions for what 2021 will hold for the privacy and cybersecurity landscapes.
Speaking about the challenges lying ahead in 2021, Mr. Fady Younes, Cisco’s Cybersecurity Director for the Middle East & Africa commented that “CISOs continue to face a number of challenges – some are new, others have been around for quite some time. “Navigating the remote work environment has been challenging and companies are embracing more collaboration and digital solutions to adapt. All this will bring major challenges around visibility into what goes on in the IT environment.”
A world without passwords
Cisco sees the might password as a cornerstone as well as the Achilles’ heel of security. The team reveals that an average person has 191 passwords.
A Verizon Data Breach Investigation Report stated that 81% of breaches involve stolen or weak credentials. Passwords also carry hidden costs associated with them as organizations spend millions of dollars and help desk hours a year on password resets, so the cost isn’t simply from the breach.
The major cultural shift to collaboration
Enterprise security has been predominantly about the traditional approach to security which was based on the issue of instructions and policies. Meanwhile, a different model has been emerging, where security professionals work with their business colleagues in a cooperative and collaborative way.
Organizations are now looking for an agile and smart workplace supported by security teams who implement security controls that are easy to use.
Secure Work From Home scenarios
Cisco observed that even the most technologically conservative organizations have seen their Work From Home (WFH) or off-campus skyrocket amid the pandemic.
Cisco’s Duo Security, a user-centric multi-factor authentication and secure access provider witnessed its user authentications per month jump from 600M to 800M amid the pandemic which has ever since remained at elevated levels.
“A significant trend we saw come into play amongst CISO’s during the lockdown was getting the basics and core fundamentals right. CISOs were implementing fundamental security controls such as multifactor authentication, DNS and VPN security. As we move forward and new team collaboration emerges, CISO’s are taking stock of their learnings to form a strategic view on how their organizations need to be secured in future. This amplifies the need for collaboration technology so that users can also play an instrumental role in security on the frontline.”
Security built on NewAge Technologies
Authentication and access to individuals and devices which were earlier based solely on the network location have now become more dynamic and adaptive as enterprises adopt the zero-trust approach.
With the zero-trust approach, the right users and devices are allowed to access irrespective of where the request comes across apps and networks.
Additional authentication factors, adding encryption, and marking known and trusted devices, make it harder for attackers to collect what they need (user credentials, network access, and the ability to move laterally).
Purpose-built User and Entity Behaviour Analytics (UEBA) is one example of how AI & ML can be used to help enable zero-trust security. It places the analytics around specific activities rather than the generalized approach taken today.