Throwing a security net over our Mobile WFH World

Laura Medanich Blog News, Cloud and Security

By   Dennis Payton and Laura Medanich.

With the exploding WFH and mobile workforce further amplified by the 2020 pandemic, it is more important than ever to cover corporate, government with a Zero-Trust security net that is flexible in coverage and hardened to protect against hackers, malware and mischief.

There are only two types of companies: those that have been hacked, and those that will be.”[1]

My message to companies that think they haven’t been attacked is: ‘You’re not looking hard enough[2]

Ask any CISO about security – most will tell you they are more concerned this year than last (95% up from 91% last year) – this according to a recent Cybersecurity Insider[3] study completed in 2021.  While 2020 saw the infection of humans with a pandemic, CISO’s also saw record-breaking breaches infecting the digital world.

Cybersecurity has been elevated to a top priority now with the acceleration of work from home (WFH), explosion of Mobile workforce, exponential expansion end-points, and compounded by new peaks in breaches.

Top concerns:

The majority of CISOs (63%) report the risk of data loss, leakage, and threats to data privacy as their top security concerns.

CISOs point to their specific sources of vulnerability:  misconfigured cloud platforms, insecure interfaces, followed by credentials and access control.  Adding to vulnerability, CISO’s report that only half of their organizations (51%) embed security testing during the Software Development Life Cycle (SDLC) while 67% still rely on periodic vulnerability and compliance reports as the primary method to manage remediation of security and compliance issues. Less than half have automation between security and DevOps in place; however, organizations recognize the advantages of deploying cloud native security solutions, including faster time to deployment (44%) and cost savings (43%).

Increased spending:

Now forced to reprioritize, organizations have pivoted, sometimes despite softer earnings.  55% of enterprise executives plan to increase their cybersecurity budgets in 2021 and 51% are adding full-time cyber staff in 2021[4].

We’ve got to make sure we’re secure. Before we try to go ahead and try to do anything else, … every organization, every agency has to go through and make sure that they are not impacted, if they have an iota of doubt on the fact that they may be impacted, they’ve got to make sure they secure their infrastructure. They also have to be prepared for this if it happens again. I don’t think it’s the last one we’re going to see.”[5]

Nikesh Arora
Chairman and CEO
Palo Alto Networks
TiEcon 2021 Grand Keynote Speaker
CNBC interview with “Squawk on the Street

It’s a forgone conclusion then that security spending needs to increase, but by how much?

Cybersecurity Insiders forecasts security budgets will increase by 36% in 2021 and, in particular, Cloud Security spending should increase by 33% to $585M. A new report by global tech market advisory firm, ABI Research, predicts cybersecurity spending for critical infrastructure will increase by US$9 billion over the next year reaching US$105.99 billion in 2021[6].

Security Development Predictions for 2021-2025

While none of us can truly predict the future, we can all leverage learnings from the experts. Gartner projects Cybersecurity spending, mostly by companies and governments, to hit $207 billion by 2024. IT Security Spending in Government[7] looks to the security landscape to include contenders – Check Point Software Technologies, Cisco Systems, Fortinet, Juniper Networks, Arbor Networks, Barracuda Networks, Dell SonicWall, F5 Networks, FireEye, Palo Alto Networks, Sophos and Trend Micro. Many of these companies support TiEcon in Technology thought leadership and sponsorship.

Some emerging trends and drivers we look forward to engaging at TiEcon in the Cloud and Security Track:

Gartner Top 10 Security Projects for 2020-2021 ([8])

  • No. 1: Securing your remote workforce
  • No. 2: Risk-based vulnerability management
  • No. 3: Extended detection and response (XDR)
  • No. 4: Cloud security posture management
  • No. 5: Simplify cloud access controls
  • No. 6: DMARC (domain-based message authentication, reporting and conformance)
  • No. 7: Passwordless authentication
  • No. 8: Data classification and protection
  • No. 9: Workforce competencies assessment
  • No. 10: Automating security risk assessments

Gartner Top 9 Security and Risk Trends for 2020 ([9])

  • Trend 1: Extended detection and response capabilities emerge to improve accuracy and productivity
  • Trend 2: Security process automation emerges to eliminate repetitive tasks
  • Trend 3: AI creates new security responsibilities for protecting digital business initiatives
  • Trend 4: Enterprise-level chief security officers (CSOs) emerge to bring together multiple security-oriented silos
  • Trend 5: Privacy is becoming a discipline of its own
  • Trend 6: New “digital trust and safety” teams focus on maintaining the integrity of all interactions where consumer meets the brand
  • Trend 7: Network security transforms from the focus on LAN-based appliance models to SASE
  • Trend 8: A full life cycle approach for protection of the dynamic requirements of cloud-native applications
  • Trend 9: Zero-trust network access technology begins to replace VPNs

Just a couple examples from the landscape Palo Alto Networks [10] [11], speaking at TiEcon 2021’s Grand Keynote, and Fortinet’s latest FortiOS release[12] are looking to address, in particular, WFH, Mobile workforce, and the push to leverage more public cloud resources and applications:

These are some of the focal points among the top security features and products. Just a couple of examples here but security vendors across the landscape that are delivering a higher level of confidence to CISOs. Throwing a security net over a corporation’s or government’s entire infrastructure, will require a complete set of solutions covering site data centers to public clouds and from expanding WFH endpoints to mobile workforce protection.

Wrap up

Organizations are now aware that they must engage stakeholders at all levels, from C-Suite to engineering to achieve a security-first, zero-trust position. TiEcon speakers in the Cloud and Security track will share their insights on the innovations borne by the exciting paradigms in Security.

Come join us as we explore the emerging opportunities.  Engage with entrepreneurs and thought leaders at Silicon Valley’s top world-ranked event; TiEcon’s Cloud and Security technology track May 6th – 8th.

www.tiecon.org

About the Authors

By Dennis Payton 

PRODUCT MARKETING LEADERSHIP – LAUNCHING PRODUCTS, DRIVING BUSINESS AND MULTIPLYING CUSTOMER SUCCESS

and Laura Medanich

STRATEGIC MARKETING | BRAND MANAGEMENT | ADVERTISING | PROMOTIONS | PLANNING | MEDIA | DIGITAL MARKETING


[1] Robert S. Mueller, III – Director, Federal Bureau of Investigation at RSA Conference, San Francisco, CA

[2] James Snook – Deputy Director, UK Office for Cyber Security

[3] Source Cybersecurity Insider: 2020 AWS Cloud Security Report, Cybersecurity Insiders

[4] Source: PwC, Global Digital Trust Insights 2021, October 5, 2020.

[5] Source: CNBC,  Palo Alto Networks CEO: All companies must ensure they weren’t hit in suspected Russian cyberattack, DEC 18, 2020

[6] Source: ABI Research, Cybersecurity Spending for Critical Infrastructure, Feb. 10, 2021 on PRNewswire

[7] Source: IT Security Spending in Government Market Outlook Industry Analysis, Size, Share, Growth, Trends and Forecast, 2025,   2021-02-26

[8] Source: Gartner Top 10 Security Projects for 2020-2021, September 15, 2020

[9] Source: Gartner Top 9 Security and Risk Trends for 2020, September 17, 2020

[10] Source: The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020

[11] Source: Palo Alto Networks Whitepaper, How to Secure Your Business in a Multi-Cloud World

[12] Source: Press Release – Fortinet Delivers SASE and Zero Trust Network Access Capabilities, Feb 4, 2021

Share