2020 security and risk trends

The digitalization of businesses caused the expansion of the Companies’ perimeter, expanding the circulation of data outside the Organization, requiring greater risk management and the adoption of a more complex level of security in order to ensure business continuity. 

Table of Contents

Points of attention for CISOs

According to GartnerNorth American consulting company, in reference to Technology, some points must be understood by CISOs to strengthen their security initiatives. These include: 

  • The need for quick responses to unexpected events, like the covid-19 pandemic 
  • Endpoint mobility; 
  • Rapid migration to the cloud and digitalization of business 
  • Rapid evolution of threats 
  • Conformity to compliance requirements 
  • Lack of security professionals and high demand

9 security and risk trends

Gartner has also identified 9 trends that will impact the security and risk ecosystem, reflecting directly on the industry. These include:   

1: Expansion of detection and response capabilities 

The interconnection of various security products improves the detection of threats, collecting, correlating and centralizing data, offering a more comprehensive incident response capacity than if it were performed by just one product. 

2: Automating the security process 

The automation of security tasks, guided by predefined rules and models, provides more productivity to the IT team, in addition to scheduling, minimizing errors and speed of execution. 

3: AI expanding visibility and defense 

The adoption of machine learning and artificial intelligence to the companies’ protection strategy, helps to improve the defense of security with AI and to guard against the harmful use of AI by cybercriminals. 

4: CSOs emerge to bring together several security-oriented silos 

With the incidence of threats outside the corporate IT systems in 2019, Organizations had to rethink a security strategy that was cyber and physical. 

Cyberphysical systems assemble several silos for defensive purposes. The CSO can, for example, incorporate IT security, OT security, physical security and many others. 

5: Privacy in focus 

Privacy becomes relevant throughout the Organization, from being just an aspect of legal compliance or auditing, to becoming part of the corporate strategy, aligned to security. 

6: Trust, digital security and integrity of consumer interactions in the new retail model 

Every day more consumers interact with the brands through different digital contact means, making it a differential to standardize the safety level in these points. 

7: Changing the focus of network security on LAN-based device models to SASE 

Like remote offices, cloud services have gained more adherents. Among them, secure access service edge technology (SASE), enabling Organizations to better protect mobile workers and cloud applications by routing traffic through a cloud-based security stack, rather than backhauling traffic to flow through a physical security system in a data center. 

8: A complete lifecycle approach to protecting the requirements of cloud-native applications 

Many Organizations use the same security solution for endpoints aimed at the end user, as they used for server workloads, a technique that often persisted during migrations to the cloud. 

However, native cloud applications require different techniques, leading to the development of cloud workload protection (CWPP). As applications become more and more dynamic, security options also need to change. To meet all security needs, it is necessary to combine CWPP with cloud security posture management (CSPM). 

9: Zero trust network access technology replacing VPNs 

The COVID pandemic has highlighted many problems with traditional VPNs. According to Garter, access to the emerging zero trust network (ZTNA) is a more secure option, as it allows internet applications to communicate and be accessed through the ZTNA service provider, allowing companies to control remote access to applications and the users’ access privilege. This reduces the risk of an attacker using the VPN connection to attack other applications.

VaultOne allows you to connect remotely immediately and securely, just needing to connect to the network to provide access.

Our platform directly accesses the company’s internal resources without the need for VPN or VDI. Through this platform, the employee can enjoy all the programs without compromising the processing power of his machine. 

Its installation is quick and simple, it can be connected to Google G Suite and Microsoft 365. 

In addition to providing secure access, VaultOne also has password manager, PAM and identity manager on its platform. 

Talk to our experts today and see how we can help protect your business.