Hindsight is 2020 — and given the increase in cyber-attacks we saw in 2019 — we don’t need a crystal ball to predict that 2020 and the coming decade will keep cyber security in the limelight as the single most important foundational anchor to organizational success, and smooth operations. A fresh new decade will bring with it a freshly evolved set of threats, concerns and sophisticated cyber-attacks. As such, our focus on areas from data privacy and vulnerability management to risk detection and prevention and identity & access management will continue to grow and become increasingly important as foundational elements in the protection of organizations against threat actors.

Here, we give you a peek into the minds of our security experts as they highlight four critical areas that will remain front and center as we head into the next decade.

Vulnerability Management: Network Vulnerabilities Are Still Driving Increased Breaches
Marc Cohen, Security Solutions Director

Looking at whitepapers associated with the published breaches this year, along with market research from Gartner, IDC, Forrester, Verizon and others, some 34% of reported breaches are the result of unpatched vulnerabilities. Based on our conversations with peers and customers, we’re confident that number is higher.

Although cyber-risk is now a boardroom topic, many of the hurdles associated with the cyber security balance between people, processes, and technology have yet to be resolved. Unpatched or unmitigated vulnerabilities are the most common attack vectors for cybercriminals; it is far easier, and cheaper, for threat actors to take the path of least resistance than use (or develop) a zero-day attack to achieve their objectives – be they a lone-wolf or nation state attacker.

While important, organizations seem to have become so focused on protecting themselves against sophisticated threats, they are not focusing on fixing basic vulnerabilities in software and infrastructure. We call this “penny wise, pound foolish.”

Compliance, Data Protection and Privacy
Brian Zimmer, National Principal Architect – Data Protection

The trend of increased focus on data protection and privacy will continue to be driven by consumers, enterprises, and political constituencies. There are two primary catalysts for this: regulation and an increased demand for privacy. This provides increased pressure to improve process as well as capabilities and tooling.should have access to certain information actually do.

Proactive real-time visibility and monitoring with the ability to automate and orchestrate remediation is possible through mature cloud strategies with Identity & Access Management programs and Cloud Security Posture Management solutions in place.

The amount of change going on in public cloud, especially with automation and orchestration, increases risk and requires constant and on-going visibility of your infrastructure. Automated assessments are a foundational component to providing checks and balances against your policies and procedures, reducing your attack surface and minimizing risks to the organization.

Zero Trust: Reducing Your Attack Surface
Bill Wheeler, National Principal Architect – Enterprise Security

While just one of the “shiny new pennies” in the latest IT buzzword batch, Zero Trust has been gaining both mindshare and marketing face time. The evidence of this is prevalent on nearly every IT security website – but why is Zero Trust becoming so important?

The increases in sensitive data leakage, credential theft, phishing, ransomware and other nefarious activities demand that we rethink our entire infrastructure. It is no longer safe to “trust but verify.” The network security mantra has shifted to “do not trust and continuously verify.” Least privilege access and micro-segmentation are among some of the best practices that should be considered, if not mandated.

Zero Trust isn’t a single product or solution. Zero Trust addresses the fact that the lines of delineation between secure and non-secure are now blurred. Software Defined Perimeters (SDPs) help address this problem as part of a total Zero Trust solution. Building comprehensive Zero Trust solutions will help reduce your attack surface, increase threat visibility and protection, and help automate incident detection & response.

Conclusion
Whether working to stop disruptive cyber threats, secure multi-cloud workloads, reduce your attack surface, secure mission critical data or optimize your defenses through automation –the next decade will require that you step up your cyber security game to stay ahead of what’s coming. No crystal ball necessary.