In the future, the use of personal data may be controlled by the individual to whom the data refers, which will
          drive changes in business models, regulations and security.

          5.     Resilience & Recovery

          Ransomware and destructive malware are on the rise. Enterprises are adjusting to business
          disruptions caused by the pandemic, making disaster recovery and business continuity plans
          essential. Network outages can impact businesses for months. Companies need to develop their “Plan B”
          and be prepared with a reboot plan designed for the digital age.


          6.     Shift-Left

          Time to market is often prioritized over security. Developers are measured by how fast they can code, rather
          than on how securely. With no time to fix insecure code at the source, security is often “bolted on” once an ap-
          plication is fully developed – a risky approach. According to Forrester, 42% of organizations that experienced
          an external attack blamed the incident on a software security flaw, and 35% blamed a buggy web application.
          In today’s environment of micro-releases and daily or weekly software updates, software developers need to
          maintain a security mindset and rely on controls throughout the coding process.


          Despite this, the migration to a developer-driven security paradigm has been slow; Google reports that only
          20% of firms are considered “elite performers” with DevOps. “Shift-left” highlights the need for security teams
          to work with developers from the very beginning of the development lifecycle to build in information security
          and security automation. Ideally, developers are empowered to embed security while creating a product or
          service, with tools that not only make code more secure but also codify intent. Security pros should develop
          their coding skills, and developers need to have the training and tools to code with security in mind.


          7.     Smarter Security

          With organizations deploying and managing more security tools to manage their expanding
          networks, CISOs are being bombarded by vendors with tools that solve specific problems but that don’t in-
          teroperate. The tools also have hidden costs associated with managing the data and tying it all together to
          create actionable insights. The  shortage of skilled cyber talent exacerbates the problem. Enterprises need
          smarter security that leverages automation, data and AI so that humans can focus on decision making.

          We are entering a new age for the cybersecurity industry.  As companies accelerate their digital transforma-
          tion, systems become more complex and expansive, and attacks become more frequent. This historic shift
          will set the stage for the next cybersecurity cycle and the generation of companies it develops.



























             55    Cyber Defense eMagazine – April 2021 Edition
                   Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.