Whether it’s working from home or working from Barbados, we’re now connecting from anywhere and everywhere. The pandemic has accelerated a new way of working and, as an extension, has forced businesses to place an even greater premium on information security.
It’s within this expanded terrain for cyberattacks that the security trends of 2021 and beyond are taking shape. Workers are engaging with company resources from diverse locations. At the same time, businesses have ramped up their digitalization journeys to be more flexible and agile after COVID-19’s disruption of supply chains.
The result is a dynamic tech environment where the continuity of business operations – and ultimately market competitiveness – will rely on robust cyber protections.
It’s an exciting time for cybersecurity and the professionals who work in space. We’re in a moment where our work to build a more secure digital future is critical to helping our society recover and move forward from this crisis confidently and resiliently. To do that, I see the following three areas playing an instrumental role in the security space.
The first concerns the sophisticated cyber tools we can now deploy. To protect proprietary information, as well as employee and customer data, the security of our new way of working must be rigorous, with both pragmatic and innovative approaches.
The pragmatic approach involves a philosophy of zero trust, in which there’s continuous verification of who you are. The idea is that, if an attacker compromises one person’s machine, they can’t jump to another because authentication is required at every level.
This approach will even start to permeate our critical infrastructure. As the pandemic demonstrated, in difficult times it is essential to keep the lights on and the water running. We’ll need safety, efficiency and effectiveness in a digitalized critical infrastructure, and it will be accompanied by the early indications of zero trust, allowing personnel to do more while distributed across various networks.
On the innovative front, we’re seeing a rise in strategies like behavioral heuristics, where machines flag suspicious behavior based on the data analytics of behavior patterns. There’s also the integration of artificial intelligence and machine learning, since artificial intelligence (AI) can interact with complex IT operations – spinning up and down microservices or connecting and disconnecting to an API – much quicker than a human could.
Ongoing research suggests even more innovative tools are on the horizon, such as a digital twin for more efficient and effective security that Siemens is exploring. It joins other emerging cyber tools like postquantum cryptography, homomorphic encryption and self-healing systems that could be part of our future security environment.
The second area of focus is on our workforce. As workers engage with advanced technology on scattered networks, we’ll need to do more than the occasional email or annual training to raise awareness about cyber threats within entire organizations.
In addition, with millions of cyber job openings expected in 2021, the field urgently needs cybersecurity professionals. To close this gap, more lanes for entering the cyber workforce should be created, including those that may take nontraditional routes.
Cyber jobs are now so specific that on-the-job training and certifications can provide a fruitful pathway for more people to become qualified and explore their interest in the field. There’s a real need to think creatively about what resources will support smart and capable individuals on this journey, regardless of where they are in their careers.
Lastly, we’re going to continue to see cyber services in the marketplace become increasingly holistic. It’s easy to understand why, given today’s dense tech landscape, and the tendency of companies undergoing digitalization and deep changes in their infrastructure to feel overwhelmed by the process. To simplify cyber services, larger companies are acquiring startups with niche products that fit into their security portfolio and driving hyper consolidation across the market. Earlier this year, for example, Microsoft acquired Cyber X to complement its IOT security offerings.
We’re also likely to see more cloud security offerings for organizations as they shift to the cloud, in which providers help enterprises figure out the appropriate security controls for their needs and prevent the misconfigurations that could lead to breaches. In acquiring these robust tools and expertise, companies can have stronger security in a cloud-based environment than they could deploy on their own turf.
Meanwhile, companies like Siemens are embedding security into their own products and services so that once our tech is deployed it can be trusted. At Siemens we’re intentional about these protections so our customers can continue to co-create and innovate in a safe way. Likewise, integrating cyber into operations as soon as possible will be essential to harmonizing operational technology and information technology over the long run.
We’re hearing that the repercussions of this year’s pandemic will reverberate far into the future, maybe even for decades. As these cyber trends attest, COVID-19’s impact is already shaping the tools we use, the workforce engaged with those tools and the marketplace as a whole. In the process, it’s become abundantly clear that cyber will remain a central focus as organizations digitalize and modernize their operations.
It’s my hope these conversations around cyber will continue to grow and inspire broader collaboration across the public and private sectors. As states and localities become more involved and academic institutions help spearhead innovation, we can move the needle on cyber standards and practices in ways that will benefit everyone.