Maksim Kabakou - Fotolia

Security Think Tank: Are security teams the unsung heroes of 2020?

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes?

It would have been difficult for anyone to have predicted a year like 2020. From a business, societal and personal perspective, it has been like no other in our lifetime. It goes without saying that this has had a knock-on effect in the IT world.

For some teams, it offered up opportunities to get digitalisation strategies approved that had previously seemed ambitious – or at the very least disruptive. For others, it caused tremendous pressure as they needed to deliver IT services to the remote user, with similar security controls and management. The overwhelming theme in IT departments during the Covid-19 pandemic was the need for speed. Business operation needed to continue, and IT was tasked with making that happen.

This catalyst to digitisation was supported by many cloud services. There were the obvious collaboration and communication platforms, such as Zoom, Microsoft Teams and Google Meet. Working requirements did not stop at the ability to see and interact with colleagues, however. IT teams also had to deliver new solutions and reinvent old programmes in a digital-only environment.

The ability to adapt, go digital and deliver in this new online world will determine the business winners and losers of 2020 from both a growth and a contingency perspective. Restaurants embraced apps to deliver a restaurant service to the home, GPs gave advice online and many government services were also digitised. The cloud infrastructure sitting behind many of these services also reduced exposure to risk, as capacity could fluctuate, and investment could scale.

The adoption of the cloud shows no sign of stopping. Forrester Research predicts that the global public cloud infrastructure market will grow 35% to $120bn in 2021 as a result of the pandemic.  Gartner also predicts worldwide public cloud spending by users to grow 18% next year to $304.9bn, up from $257.5bn this year.

This environment of change, rapid digitisation and adoption of cloud services will lead to shift in security strategies, particularly for small and medium organisations. Many organisations will not have the resources to buy every tool or solution and secure every asset within their infrastructure. In 2021, this will lead to a more thoughtful and risk-based view of security. It will focus on the assets you cannot afford to lose.

There will be more reliance on frameworks and official guidance to focus security efforts and prioritise different types of security. This will give organisations the ability to measure their level of security risk and reassure existing and potential customers. Having a handle on where risk is, what you have secured and how resilient you are will also prove helpful for compliance with regulations. The CMMC is a perfect example of this, where defence contractors must meet a certain level of cyber defence to provide solutions and services.

Technology choices will change to meet these guidelines and to prioritise assets that simply cannot be breached. There will be a much greater importance placed on understanding the behaviour of users on the network. This intelligence allows potentially malicious behaviour to be identified earlier, which gives organisations a much greater chance of stopping an attack and mitigating the damage done.

Artificial intelligence (AI) will play a greater role here, as it can bring together patterns and analysis that would take a human far longer to bring together. By avoiding valuable security team staff getting bogged down in manual tasks like rudimentary data crunching, they can be used for higher value tasks such as interpreting intelligence and building overall resilience strategies.

In fact, the most important investment companies can make in 2021 will be in their people. IT and security teams are perhaps the silent heroes of the pandemic. They’ve kept businesses in operation, adjusted to a world never before envisaged, and battled an onslaught of vulnerabilities and cyber attacks to boot. These teams now have better understanding of the company’s IT infrastructure than ever before and they will be critical to the business’s stability and growth in 2021.

It also goes without saying that the IT industry has faced a skills gap issue for many years, and this will only become worse in the coming years where those resources are under increasing pressure.

Keeping an experienced team with a deep understanding of your infrastructure will be invaluable as the digitalisation rollercoaster continues through 2021. It could even become your differentiator. So, invest in those people. Embrace tech that maximises the working lives and effectiveness of your security team. This will not only bring a more productive workforce to 2021, but a more resilient organisation.

Josh Bregman is chief operating officer at CyGlass.

Read more on Business continuity planning