Cybersecurity: An Arms Race for Talent and Tech
CISOs have a lot on their plate. 2021 saw several, large-scale ransomware attacks, new vulnerabilities created by hybrid work environments, and stricter government standards. Today’s enterprises must keep pace with an evolving and growing list of threats while maintaining compliance with the latest regulations. Without a robust and comprehensive approach to cybersecurity, organizations are more likely than ever to suffer significant financial, legal, and reputational consequences.
The pandemic gave bad actors new opportunities to gain access to sensitive data and damage networks. While there are plenty of unknowns this year, one certainty is that cyber threats will continue to grow in number and sophistication.
This year, three major trends are set to shape the cybersecurity landscape:
Security experts in short supply
In the shadow of the “Great Resignation,” companies are struggling to manage increased employee turnover and a lack of qualified candidates for high-level security positions. This lack of talent is particularly problematic when considered against the backdrop of an increasing number of cyber-attacks. While organizations continue to invest in recruitment and retention, emerging cybersecurity vendors aim to address the same problem by leveraging technology that makes security teams more efficient.
“As organizations of all sizes increasingly emphasize cybersecurity while the talent shortage persists, many will choose to outsource their security entirely…”
Cybersecurity professionals must battle “alert fatigue,” which results from several security tools that each create a regular stream of warnings and notifications. With fewer employees left to manage a seemingly endless increase in security solutions, false positives and low-priority alerts make it hard to identify and respond to true threats. Some cybersecurity vendors have found success focusing on smart detection and prioritization to simplify this process of filtering out unnecessary alerts, including the security analytics platform Securonix.
Both prioritization and automation solutions aim to allow security professionals to focus on higher-level problems by reducing the volume of menial or repetitive tasks in their workflow. In practice, cybersecurity automation can initiate a penetration testing session automatically and automate responses to specific types of attacks without the need for human intervention. These SOAR (security orchestration, automation, and response) tools promise to dramatically reduce the workload for security professionals and make it possible for fewer people to manage an organization’s cybersecurity.
As organizations of all sizes increasingly emphasize cybersecurity while the talent shortage persists, many will choose to outsource their security entirely to a managed service vendor. The coming year could see a significant increase in the adoption of managed detect and respond (MDR) and SOC-as-a-service providers that take charge of monitoring and addressing threats for their customers.
A New Playing Field
Gone are the days of cybersecurity professionals maintaining a secure perimeter of on-premises devices and networks. The surface area for potential attacks has expanded dramatically because of:
- Remote and hybrid work environments leading to more data residing outside firewalls
- More connected devices attached to a company’s systems and networks, including IoT devices
- Increased use of third-party microservices that may not maintain the same robust security protocols
More digital identities (including login information and devices) per employee to access different systems
Each of these factors creates new opportunities for hackers to access and exploit vulnerable networks. As a result, many in the security world have shifted to a “zero trust” model. While previous security measures would validate a user’s identity and access once before allowing them to operate freely, zero trust architectures validate each device, user, and activity on a consistent and continuous basis.
Zero trust solutions require multiple tools and technologies, including single sign-on (SSO), identity and access management (IAM), and privileged access management (PAM). Several key vendors have established themselves in this market, most notably Ping Identity with their PingOne SSO. Other players have sought to address the specific vulnerabilities posed by service providers, with risk management companies like Black Kite aiming to disrupt hackers that “island hop” via third parties on the way to their end target.
Relentless pace of change
With the COVID-19 pandemic forcing a wave of digital transformation initiatives, organizations are now adopting and developing software at an unprecedented pace. Security operations must keep up with this rate of change. Concepts like DevSecOps and Shift Left Security (shifting towards the beginning of code development), which aim to help developers write secure code from the beginning, will be critical in enabling organizations to remain safe while deploying unprecedented amounts of code.
Organizations must also leverage the latest industry intelligence to ensure awareness of the tactics used by cyber attackers. SnapAttack, a threat intelligence vendor, provides a collaborative solution for security teams and publishes regular intelligence updates to protect against the behaviors of bad actors. Regardless of the sophistication of specific cybersecurity tools and technologies, this human, creative and communicative approach to cybersecurity will always be critical for organizations to keep up with their adversaries.
“…[T]his human, creative and communicative approach to cybersecurity will always be critical for organizations to keep up with their adversaries.”
In this digital environment of increasing and dynamic cyber threats, Volition Capital will continue to partner with companies leading the next generation of safety and privacy.