2020 turned every organization on its ear, and that means that security teams have been working overtime to protect data in a new, uncertain reality. That battle will continue in 2021, so arm yourself with Splunk’s 2021 Data Security Predictions and their execs’ and experts’ insights on key trends:
- Continuing remote work will increase the focus on endpoint security.
- Defending against adversaries’ new, pandemic-fueled avenues of attack. (Mind your peripherals.)
- Staying ahead of new social engineering threats like “vishing.”
Report Extract:
The baseline for IT security has been network security: The SOC protects the data within the network by protecting the network perimeter. But the idea of a solid, defensible castle wall has fallen apart, especially when any employee can inadvertently open a door. Sooner or later (sooner), attackers get through your defenses.
Zero trust doesn’t rely on network protection to keep data secure. Instead, if you secure endpoints and backend applications, the safety of your network becomes a secondary, rather than primary, line of defense. This is an idea that made sense in 2019, but in the COVID era’s sudden spike in remote work, it’s an even smarter approach. “I think zero trust is going to stick,” says Splunk Security Advisor Mick Baccio. “It’s a longstanding concept that has finally been put to paper: constant validation. That doesn’t go away. As the world changes and the workforce changes, visibility becomes an issue.”
A zero trust strategy ties employee access to their IT-managed device, and governs the level and range of access each employee has, and which devices can access sensitive data. That might mean that, from their authorized corporate laptop, employees can use all data and applications they’d have access to in the office, but their personal devices only access email and chat. The right endpoint policies make security independent of the network, and reduce the risk of data leaking onto unauthorized, undersecured devices.
A zero trust approach moves from implicitly trusting devices within a network to requiring verification from every device, user, application and session. Yet, it’s a simpler approach than traditional network security regimes. In 2019, Gartner predicted that by 2023, 60% of enterprises would move from virtual private networks (VPNs) to zero trust initiatives. Splunk’s CISO says that the coronavirus pandemic will only speed that shift.
“Endpoint security is critical in the COVID age,” Abousselham says. “Some organizations had to convert office-based workers to a 100% remote workforce overnight. The abrupt shift resulted in a tremendous pressure on these organizations’ VPN infrastructure. That became the single point of failure for the business, which drove organizations to accelerate cloud adoption to mitigate system availability risks. The change to how business systems are accessed creates security concerns that zero trust can help address.”