It is not only the COVID-19 pandemic and the associated rise of remote work that is shaping the everyday routine of network security practitioners. Let’s take a look at 5 major trends in network security.
#1 Consolidation to Enable Effective Hybrid-cloud Monitoring & Security
Cloud is definitely a go-to strategy today. 92% of organizations report their IT resides in the cloud to some extent. But they also preserve on-premise infrastructure, so it is no exception that businesses operate different systems from different vendors across different environments. A core ERP might be run on-site, disaster recovery in the AWS cloud, and back-office systems (email, Office 365, HR system) via SaaS, etc.
Unfortunately, satisfying the monitoring of hybrid-cloud usually implies using different tools which not only adds to the complexity of security monitoring operations, but can also cause visibility gaps. As the trend of a heterogeneous environment is becoming a new normal, it also intensifies the need for a consolidated view of application performance and security (application experience). We can expect strong demand for tools capable of full cross-environment visibility, where a mix of traditional network and application monitoring together with cloud and SaaS deliver the right balance.
#2 Merging of NetOps and SecOps for Better Protection
In the modern world, there is no security without monitoring. Precise monitoring strengthens security operations with IoC detection, complements legacy solutions (antivirus, firewall, IDS/IPS), and in general contributes to risk reduction. NetOps and SecOps complement each other in their joint effort of ensuring smooth and agile business operations and security.
When NetOps and SecOps teams share a dataset and toolset, they gain the ability to make joint decisions for infrastructure design, security policies, and incident resolution workflow that do not affect performance. This is why analysts consider joining NetOps and SecOps efforts to be imperative for successful mitigation of challenges brought by cloud computing, mobility, IoT, and other digital initiatives that both sides face.
#3 Focus on Detection and Response
Cloud computing, remote work, IoT, and other trends have changed the typical business IT environment and dramatically expanded the attack surface. Coupled with the rise of more complex and sophisticated threats capable of bypassing perimeter and endpoint protection, the “prevent and protect” mindset continues to shift towards “detect and respond”.
In 2021, businesses will continue to seek solutions that deliver the required visibility across all their different environments. Capabilities that will allow them to detect indicators of compromise and understand the context, impact, magnitude, and root cause of breaches in order to respond quickly, either in an automated or manual way, will become crucial. Also, in this regard, we can expect wider adoption of MITRE ATT&CK framework.
#4 Businesses to Meet More Security Requirements
The covid-19 pandemic impacted business operations worldwide in 2020. Unfortunately, cybercriminals have soon after started to capitalize on the resulting confusion, anxiety, and rapid change. We have seen ransomware, extortion campaigns, and new methods targeting remote workers hit 2020 with full force.
To keep pace with the change of working perspectives in 2021, businesses must add new controls to reduce the risk of remote workforce because cybercriminals will only continue to drive their efforts towards businesses and individuals in order to steal private data or breach business systems.
More industries and different organization types will be affected by regulations and compliance, introduced by governments, i.e. regulations on IoT security or HIPAA extensions.
#5 Midmarket Will Start SASE Adoption
Remote workers usually access resources via VPNs, when firewalls at each location or on individual devices are required. Such architecture might not be convenient for the complexity of the business environment we are seeing today. SASE represents a holistic approach, a combination of different network and security functions in one cloud solution delivered as a service, that provides a single secure access point to all resources the users are authorized to reach.
When the shift of business resources to the cloud forces businesses to rethink their edge computing strategy, SASE seems to be the right approach. It ensures easy access to both cloud and on-premise resources for employees no matter where they are located, which has become a critical task today. Thus, Gartner predicts around 40% of businesses will adopt strategies for implementing SASE by 2024 (in 2018 it was only <1% of businesses). However, covid-19 seems to be a catalyst that may speed up the adoption even more.