Cyberpredictions 2020
Cybersecurity as a field is both fun and innovative. For almost every problem, there are myriad potential solutions – almost too many to make sense of. The cyber architect must understand the problem, think about their requirements, understand business culture nuances, define success, and blaze a path to get there. To this end, in any given year there always seems to be certain technologies or niches in the field that appear to be given either more weight, time, money - or all the above.
WaveGard’s cyberpredictions for 2020 is really just our musings over those topics, terms, and technologies that we think will be a big focus for the coming year. In a way it’s a discussion on cyber trends and areas that we see our clients, colleagues, and partners focusing on. As you’ll see we’re not going out on a limb with any crazy predictions, but it will be a bit of fun to see just how things pan out when we get to the end of the year!
If you think about the last many years, technologies have floated from wireless security, to next-gen firewalls, to mobile device management, to NG anti-malware, AI and machine learning, zero-trust, and beyond. While fundamentally all of these areas will continue to thrive and grow for the enterprise, there are some interesting iterations and innovations of these technologies that we are increasingly seeing.
Prediction 1: Convergence of SD-WAN and Cloud Firewalling Accelerates
During 2020 we see cloud based firewalls gaining ground as “traditional edge” appliances lose some luster. Think about it… as our organizations push harder and faster to the cloud, there is diminishing value in putting powerful, heavily licensed appliances at our corporate office edge just to handle a diminishing amount of our most sensitive transactions. Everyone we talk to is lightening up on their on-prem systems, pushing users to more flexible (and remote) work models, and more strongly leveraging smart cloud systems. Why continue to invest in inflexible, monolithic appliances at each and every office edge when a more centralized (cloud friendly) approach might make sense?
Add to this the need for highly dependable Internet connectivity to support cloud apps and the explosive growth in SD-WAN and we have a killer combination.
Think of it this way. What if we can:
Deploy lightweight edge solutions that provide robust, resilient connectivity (think SD-WAN perhaps with some easy to manage firewall capabilities) .
Layer in sophisticated, scalable, cloud based next-gen firewall features.
Integrate in a smart remote access solution that provides consistent endpoint protections (via the solution above) and access to trusted on-prem, hosted, and cloud resources.
Deploy a centralized console to monitor, manage, and control each of these capabilities.
This certainly isn’t a huge stretch from the commonplace dual ISP with failover, office edge NG firewall, remote client VPN solution – but it does demonstrate a future looking evolution and streamlining of the technologies. There will be more cloud security convergence to come and the blending of access technologies and cloud security is just beginning.
Prediction #2: Watch for the growth in vendor provided managed services.
It’s easy to watch as managed security service providers (MSSP) or hosted security operation centers (SOC) gain ground to supplement an organization’s stretched (overburdened?) IT and cyber staff. Often the MSSP services want to be your “cyber-everything,” handling security from appliance configuration through regular patching and from basic alerting to event/incident management. While managed SOCs can be quite good at helping with security visibility through alert consolidation and 24x7x365 monitoring, organization’s need to really understand their requirements to fully leverage these broad service offerings.
What we are seeing more of is the rise of product specific “white glove” services being performed directly by the product vendor. If you want one interesting example, take a look at Crowdstrike Complete and their approach to next-gen anti-malware and endpoint management. If you already planned to move to a new platform you can now include services that help with setup, ongoing tuning, monitoring, threat intelligence, “hands-on” mitigation of risky endpoints, and the execution of playbooks to assist with more complex incident handling. For a second option to look at - Sophos launched their own “Managed Threat Response (MTR)” service on October 2019.
While these types of services have been offered by managed services or consultants in the past this shift to a vendor provided solution allows for the selective management of key technical controls without the need to buy fully into a comprehensive managed solution (or even sign a second contract with yet another vendor). An organization can more easily go with best of breed point solutions or select additional managed service options just for those complex or overly burdensome controls.
Other Musings for 2020:
There are plenty of other trends that we see coming down the road for 2020:
A vigorous push towards Intune or other unified endpoint management (UEM) products to gain visibility across the endpoint & device spectrum;
A renewed focus in data privacy due in part to the California Consumer Privacy Act (CCPA);
Growth in security focused data lakes and products leveraging this architecture. (Need I add that securing these data lakes will also be a major priority?)
While there is so much more, that’s it for now! Just a few thoughts and musings on a couple of interesting cyber trends. We hope you found it interesting. Please check back for our future blogs and updates.
Have an amazing 2020 and we at WaveGard look forward to seeing what surprises are in store for cybersecurity in the many months to come.