Remote working. Increased attack vectors. Intelligent cyber crime. Organisational risk is endemic.
If one term could be used to define 2020 it would be disruption. Service, system, organisation, workplace practice and technology – all disrupted by a global pandemic and new ways of approaching work style, investment and infrastructure. The digital-first mindset has influenced the use of artificial intelligence (AI), automation, analytics and data, and it has significantly impacted how companies approach security.
As the NTT 2020 Future Disrupted report points out, these changes have spawned a renewed acceptance of the importance of security being embedded into all aspects of technology throughout the business estate, from application to the workload to cloud.
So how is security being disrupted? What technologies and future trends will influence its evolution and adoption? The answer lies in secure by design and in infrastructure evolving alongside security where it is part of the system and not a bolted-on afterthought.
One of the biggest trends identified by the report was the need for a solid data strategy that’s intelligent and flexible enough to ensure accessibility and security. This is likely to be influenced in its development and adoption by the rise of robotic process automation (RPA) that allows employees to work more effectively. The ability to automate certain tasks and to minimise time spent on grunt work means that more people can focus on higher-value work, and this will reduce risk around basic security hygiene practices that can be automated and controlled.
The future of work will be shaped by the steady infiltration of reliable RPA solutions, but equally, these need to be taken in context with data strategy and security. The year that was has also shone a light on the need for employee productivity to be balanced against the required compliance and regulatory awareness. It’s expected that there will soon be as many as 50 billion devices online, generating vast quantities of data, powered by edge computing, AI, machine learning (ML) and RPA.
The capabilities of the Internet of things (IOT) will stretch outwards into business and lifestyle, introducing even more data touch points and risk. This shift was shoved into high gear by the global pandemic, introduces fresh ways of working and optimising operations and all new vulnerabilities. It is time to take stock of the steps taken to put people online and refine security strategies and investments to ensure security remains a priority.
It’s worth noting that security itself is being disrupted by AI, ML and automation. Solutions that leverage these always-on algorithms and tools are fighting the cybersecurity war on frontlines too small for the eye to see and introducing new ways of managing security for human and machine alike.
Optimised data and connectivity
Now that the home has become the new branch office, organisations need to think long and hard about how they optimise and secure their connectivity. To enable digital transformation, the organisation has to be clear about what it wants from cyber security. The secure access service edge (SASE) is likely to influence decision-making over the next year, getting the best end-user experience in a world defined by 'as a service' and the software-defined network without compromising on security. Secure APIs can capitalise on solutions such as firewall as a service and cloud access security broker (CASB) as a service.
To start with, data has to be classified. What’s the most important versus what has got to go – and then layer on the security accordingly. This will help guide the next step in optimising security, which is to understand where the workloads are running and then implementing the right firewalls and micro-segmentation to match. This is further refined by application management and consumption.
The ways in which customers and employees are engaging with end-point protocols, workloads and applications will refine platform and security strategy. This is also the right time to assess existing network and application strategies to ensure they’re still fit for purpose, and whether or not your organisation should consider moving towards SD-WAN.
Best practice security
The Future Disrupted report offers some clear best practice steps to take when it comes to managing security in the wake of 2020. Implement a zero-trust approach to security along with strong identity and access management policies and a renewed focus on CASBs to ensure that applications and data are secure in the cloud. Augment security with AI, ML and emergent technology and work with trusted service providers to gain access to skilled cyber security specialists.
These steps are further refined by future-forward security best practice that looks at the potential impact of quantum computing and how this will define current approaches and encryption. This is very likely to disrupt how businesses encrypt data and will highlight how the human remains the weakest link in the hi-tech security chain. Finally, protect internal operations and employees by design, moving away from point security to embedding security into every aspect of the environment. With training and an inherently secure environment, the business can build a security culture that’s capable of handling disruption.