Forrester Releases Privacy and Cybersecurity Predictions for 2021
10 November 2020
Data and cybersecurity need to deliver change if it is to keep pace with the brave new world being shaped by a global pandemic and improve its service to customers, according to Forrester predictions for 2021.
1. Data Breaches Caused by Insider Incidents Will Increase
Insider incidents, accidental or malicious, will be a factor in a third of all data breaches in 2021, up from 25% today. Caused by remote working during the Covid-19 pandemic, fear of job loss, and the ease with which data can be moved. Organisations should keep in mind that trust is not a control.
2. VC Investment in Non-Us Based Cybersecurity Firms Will Rise
Due to EU digital sovereignty, CISO’s will need to consider point solutions based on region and should look for regional security tech opportunities by scouting start-ups.
3. Retail and Manufacturing Will Have More Breaches
This is due to direct-to-consumer shift as companies are evolving their engagement models with more applications, which will lead to more data breaches. As a result, brands that are shifting in this manner will need to prioritise product security, build a developer champions program, and explore breach and attack simulation tools.
4. Audit Findings and Budget Pressure Will Lead to Uptake of Risk Quantification Tech
Due to economic uncertainty, many organisations have made major cuts to staff and tech, which has led to compliance difficulties. In 2021, an increase in audits and budget pressure will mean that CISOs must look to address possible audit issues and risks, and that risk quantification technology will see an uptake.
Cyber risk quantification will therefore become the starting point to determining priority and budget importance, providing demonstrable evidence to inform investment decisions. Organisations have an abundance of untapped telemetry in their environment that can be examined to show key areas of interest which determine actions and operational change that are necessary to produce cyber maturity.
Cyber risk analysis and quantification is an alternative for companies without the budget to invest in new technologies but are keen to ensure data and cybersecurity can adapt to organisational and infrastructure change. An end-to-end process that provides a clear route to improvement and efficiencies in current systems and encourages greater confidence in existing technology.
In summary, adaptability and resilience will be key attributes for cybersecurity in 2021 while the future is still uncertain, and the impact of this year continues to reverberate. The continued viability of organisations will depend significantly on how they embrace these changes and adapt to new data and security risks to maintain the trust of both customers and employees alike.
Spending on cyber defence lowers the risk of a breach but investing in recovery means a quicker return to business. Getting the balance right minimises the impact of a cyberattack.
In a major update to the recent FireEye security incident, it has now been revealed that a sophisticated and long-lasting supply chain attack against technology vendor SolarWinds was responsible for the breach.
Cybersecurity firm FireEye has suffered a sophisticated state-sponsored breach resulting in the theft of their “red team” tools. To help affected organisations understand what they should do, this advisory contains several actionable steps our team suggests and further recommendations for security mechanisms to help manage/prevent these attacks.