The debate around how data is stored, accessed and used is not set to disappear in 2021
By Sean Duca
With the Covid-19 impact likely to be felt for years, businesses are having to relook at their strategies to navigate the new normal in the longer term. With increased dependence on technology, how successfully are businesses securing their digital future? Here are our cybersecurity trend predictions for 2021.
Get ready to share personal data
Research from Future Market Insights suggests that new contact tracing apps will launch at a 15% annual rate, driven by recurring infection waves across countries. Besides health authorities-led public sector initiatives, private sector initiatives are being rolled out too.
In order to revive the travel and make hospitality sector safe for travelers, personal data will need to be shared across borders with the right security controls, accompanied by transparent communication about how such data will be handled/stored.
With this critical need to move data between government agencies and enterprises such as airlines, airports and hotels, the debate around how data is stored, accessed and used is not set to disappear in 2021, particularly as individuals are conscious of sharing their personal data. However, sharing of medical data derived from rapid Covid-19 testing, combined with constant tracking and checking-in of citizens on government deny lists, will make travelers think twice about the information they share when leisure travel resumes.
The wait for 5G is over
While 5G networks may have been introduced in a few markets, the iPhone 12 availability will see mass adoption of 5G-enabled devices for the first time. The sheer number of nodes required to be installed makes the deployment of such networks far more challenging, dramatically increasing the potential surface area for cyberattacks. Private sector infrastructure owners cannot afford to deploy the same approaches to designing and rolling out 5G networks, lest they fall victim to attacks as they did in 3G and 4G.
WFH gets smarter and safer
The value of cloud computing becomes less cloudy. Security will then need to be delivered via the edge, which will see solutions like secure access service edge (SASE) being the new cybersecurity norm, thanks to its flexibility, simplicity and transparency.
Getting the house back in order
This wider move to the cloud beyond light-touch functions will force many companies to review their existing cloud security environments. While network security controls remain an important component of cloud security, an additional layer of identity and access management (IAM) governance is now needed to scale their cloud presence. This year, Palo Alto Networks Unit 42 researchers observed that a single IAM misconfiguration could allow attackers to compromise an entire, massively scaled cloud environment and bypass almost every security control. Our findings indicate these identity misconfigurations are prevalent across numerous cloud accounts, representing a significant security risk to organisations, with the potential to impact entire environments, with thousands of workloads, in less than one week.
When it comes to unraveling the misconfigurations, this will likely see existing cybersecurity teams and roles being redesigned to align with an overall emphasis on getting the house in order, building a more resilient cloud environment. Security now needs to work at cloud speed.
The writer is vice president and regional chief security officer, Asia Pacific & Japan Palo Alto Networks