The recent Kaspersky study, ‘Plugging the gaps: 2021 corporate IT security predictions’, suggests advice for each role related to cyber security, including CEOs or business owners, CISOs, SOC team leads and IT managers.
As remote working looks to continue and cyber threats continue to advance, the day-to-day role of cyber security professionals will continue to evolve, and cloud security and management skills will become a ‘must have’ to coordinate managed service providers along with using multiple cloud services.
Some of the key trends cited by Kaspersky were as follows:
Home office assessment and certification will be required
The continuation of remote working will call for stronger, more appropriate security measures, as solely protecting the perimeter proves insufficient.
Any presence of software vulnerabilities and unprotected wi-fi hotspots will need to be quickly detected, and more of the workforce will need to adopt a VPN, privileged access management, and multi-factor authentication systems.
In addition, stricter monitoring will need to be implemented, and existing contingency and emergency plans updated.
Service model transitions will enable IT and security levels with lower investments
Recent Kaspersky research found that 65% of businesses plan to use a managed service provider (MSP) or managed security service provider (MSSP) in the next 12 months.
The managed service model looks to minimise capital investments and transition business costs from CapEx to OpEx.
How the CTO can drive the enterprise’s shift to the cloud
Training for internal specialists will need to cover management skills
With cyber security professions commonly split into specific specialisations, hiring staff for each specific role can prove too expensive.
While outsourcing can help to plug this gap, businesses that outsource key cyber security components will still need to focus on developing management skills for in-house teams to handle those outsourced functions.
Increased reliance on cloud services will call for dedicated management and protection measures
Kaspersky research found that in 2020, workers in 88% of enterprises and 92% of small and medium-sized businesses (SMBs) used non-corporate software and cloud services, such as social networks and messaging platforms.
This common trend looks set to continue even as companies return their operations to the office, and better visibility over cloud access will be necessary for corporate data to be kept under control.
IT security managers will need to align themselves with this model, and develop skills relevant for cloud management and protection.
Addressing the cyber skills shortage by nurturing talent
“We have seen two important changes in what customers expect from corporate cyber security offerings,” said Alexander Moiseev, chief business officer at Kaspersky. “Firstly, the quality of protection is no longer up for discussion – now it’s a ‘must have’.
“Another major trend is that deep integration between various components of corporate security, ideally from a single vendor, now plays a bigger role.
“For instance, there was a long-held belief in the industry that various specialised solutions from various vendors can help create the best combination for protection.
“Now, organisations are looking for a more unified approach with maximum integration between different security technologies.”
The full Kaspersky IT security report can be found here.