2020: Why a Bad Year Was Good for Security

Security is countercyclical: the business tends to boom while broader macro conditions deteriorate. But amid this year’s pandemic — including remote work and economic uncertainty for many — specific security trends (data as the new endpoint, distributed networking, zero-trust approaches) accelerated. But remote work also brought new challenges: a rise in ransomware; attacks on critical systems and supply chains; the need to securely onboard and offboard remote employees; and a growing talent shortage in an increasingly important industry. Here’s an overview of the ways 2020 impacted security technology and teams, as well as the new threats and challenges that came to the forefront.

 
On security technology

Data is the new endpoint. Cyberdefense is often a series of controls, and just as in physical defense, when one line is broken, teams fall back to protect the most critical systems. As data has become the crown jewels of many organizations, what we are trying to protect has changed, and security dollars are moving from the two traditional investments — endpoints and networks — to data.

And securing data means protecting it even if its environment is compromised. With existing data loss prevention (DLP) tools falling short, new tools are emerging that focus on the CI/CD pipeline; on securing data as close as possible to where it is generated; and applying encryption, obfuscation, tokenization, and other techniques to secure data.

The perimeter is dissolving. The move to remote work has accelerated the move to distributed networking/decentralization and zero trust. The market was already headed this way pre-COVID, but when the “castle” (office) isn’t open, it’s easier to get rid of a “moat” mentality. The result has been a decentralization of VPN architectures and a preference for thin clients to keep sensitive data off individual worker devices.

Digital security of the physical office. As many workplaces prepare for workers to return, digital security — such as advanced queuing systems, surveillance tools that monitor people per square foot, and touchless entry systems — are being applied to prevent the spread of COVID-19. After the pandemic ends, these tools have the potential to improve workplace safety by reducing the spread and impact of seasonal colds and flus in the workplace as well.

Discovery, control, and third-party risk management of user-provisioned IT. With workers remote, even more applications are finding their way into the organization bottom up. The move to cloud-based systems and increase in SaaS applications means more third-parties with access to your computer and data — and more third-party risk. Rather than trying to crack down on individuals and teams picking and adopting their preferred tools, IT organizations are using new tools to discover new applications and put the necessary security controls in place. They are also provisioning access to data to manage third party risk, specifying what data they have, where it lives, and who can and should access it.

Move to multi-cloud. Big events have long tails, and in the aftermath of major crises, business continuity often rises in importance. During 9/11, banks that had strong continuity planning recovered better than those that didn’t, and for the decade after 9/11, business continuity was a focus. COVID-19 has had a similar effect, accelerating the trend towards multi-cloud to avoid a single point of failure.

As a result of all this, organizationally, the best companies have started finding the best people in other technical disciplines to train and expand the responsibility for continuity beyond the core security team.

Συνέχεια ανάγνωσης εδώ

Πηγή: a16z.com