Top 7 Cybersecurity Trends CISOs Must Watch Closely in 2021

2020 brought unprecedented challenges for IT leaders, with businesses’ reliance on technology growing like never before. 

On the one hand, IT teams faced shrinking budgets and mobility restrictions due to social distancing. But on the other hand, concerns around cybersecurity, remote connectivity, and infrastructure resilience only increased. What does 2021 have in store for the sector? How can IT leaders rise to the occasion, preparing for the most critical trends that lie ahead? 

To answer these questions, we turned to recent research and comprehensive industry surveys, unearthing a set of telling insights. 

SpiceWorks Ziff Davis’s 2021 State of IT report surveyedOpens a new window 1000+ technology buyers and IT decision-makers across North America, Europe, and the U.K. for the latest insights. We also dug into findings from two cybersecurity leaders –  HeimdalOpens a new window Security and RebycOpens a new window – to present the top seven cybersecurity trends that should be on every CISOs’ radar in 2021. 

Let’s dive right in. 

1. IT Leaders Must Invest More to Secure Remote Work

This one is a no-brainer. The SWZD reportOpens a new window found that 64% of businesses enabled a remote workforce in 2020, and over half plan on retaining these policies even after the pandemic. Expectedly, this will cause additional security concerns, as employees operate outside of the corporate network core and perimeter. In fact, Rebyc predicts that cyberattacks will spike by 20 to 40% in a remote working environment. 

Worryingly, Rebyc also mentioned that just 27% were prepared for this move, leaving significant gaps in their cybersecurity bulwark. WFH cybersecurity investments must gain fresh momentum in 2021 – even as existing spends on firewalls (45%) and network monitoring (40%), as per SWZD research, will continue to grow. 

Learn More: IT Budgets 2021: More Tech Dollars Will Go to Cloud & Hardware 

2. IT Will Pay a Price for Scaling Down Automation

Any crisis will bring with it a shift in company priorities, and the pandemic is no different. As IT teams spend on beefing up WFH infrastructure and processes, investments in emerging technologies will cool off considerably. One of the key areas of impact SWZD found was IT automation technology. 

IT automation implementation is expected to shrink by 11 percentage points in 2021 (reversing the upward curve we saw between 2019 and 2020). 

But this could have negative repercussions, experts at Heimdal believe. “Sadly, companies that are not automating updates are still likely to become targets for vulnerability exploits, especially as the organization grows,” writes Morten Kjaersgaard, CEO of Heimdal. 

3. Interest in AI/ML for Cybersecurity Will Spike Dramatically

Surprisingly, even as investments in emerging technologies stall, businesses won’t shy away from growing their cybersecurity posture. Security awareness training, ransomware protection, hardware-based authentication, etc., are all poised for a spike and AI/ML lends perfectly to these cutting-edge solutions.  

In 2021, implementation of AI/ML-powered security solutions will grow by eight percentage points from 2019, found SWZD. 

This could have myriad implications, such as threat intelligence, automated issue resolution, and smarter user monitoring. “As malicious actors are refining their tactics, so must the intelligence of defensive systems,” mentions Kjaersgaard, writing for Heimdal Security. 

Heimdal Security is looking into the power of AI/ML to improve its smart detection technologies, training its complex neural networks on a wide variety of intelligence vectors. 

Learn More: Is Behavioral Biometrics the Answer for Digital Identity Crisis? 

4. Small Businesses Could Be Especially Vulnerable

Small businesses were already spending less on cybersecurity, and the consequences multiply during a crisis. 

SWZD revealed that mid-sized businesses (100 to 999 employees) and enterprises are far more likely to actively prepare for 2021’s new challenges. 36% of enterprises and 27% of mid-sized businesses will react to compliance/regulatory changes, compared to just 8% of small businesses. Also, only 4% of small businesses will scale IT investments in response to a security incident, compared to 13% of mid-sized businesses and 22% of enterprises. 

This leaves small businesses with limited IT teams especially vulnerable – Rybec predicts that cyberattacks for this segment could rise at a 40-60% faster pace than their larger counterparts. 

Even the smallest of businesses must recognize threats looming on the horizon and partner with low-cost/easy-to-implement cybersecurity platform providers. 

5. Secure Cloud Services Should Be in High Demand

Amid the pandemic, companies were reborn in the cloud. The acceleration of cloud adoption and SaaS enabled organizations to rapidly shift to remote work over the last few months.  As Rebyc notes, the overall cloud computing market grew at a 37% annual rate this year. SWZD confirmed this, as 35% of companies have/plan to accelerate workload migration to the cloud owing to COVID-19.  

Though cloud applications typically provide native security functionality to enable some degree of visibility and control over 

data at rest, cloud-hosted processes and storage opens up new vulnerabilities that IT teams must address across 2020-2021, Bitglass CTO and co-founder Anurag KaholOpens a new window observed. 

“An application’s natively configured functionality provides security in a “one-off” fashion only for the app itself. As IT departments are faced with dozens of disjointed cloud apps, managing them each individually becomes a massive, time-consuming endeavor. As a result, organizations that rely solely upon apps’ native security features are more susceptible to threats such as malware and data leakage,” he told Toolbox. 

Right now, security solutions rank low on the list of cloud hosting priorities, behind backup, productivity, email, web hosting, and several others. Companies intend to spend just 5-6% of the total IT cloud budget on cloud security – this is something that needs to change. Secure cloud services will allow employees to continue to work from home without risking company assets. 

6. A Diverse Hardware Landscape Will Create More Security Vectors

One of the major cost areas for IT in 2020-2021 is endpoint purchase and management. 

Companies will spend on laptops (20%), desktops (14%), servers (12%), mobile devices (8%), networking equipment (8%), and more to support remote work. Unfortunately, this will create fresh vulnerabilities for hackers to exploit. “Devices used by remote workers, such as smartphones, will be attacked by cybercriminals more this year than in any previous year. This is because workers will be using these devices more often to conduct business,” predicts Rybec. 

So, it is no surprise that endpoint device security is the no.1 concern for IT, impacting 55% of IT teams. This is followed by vulnerability management, which is a concern for 44%. According to Adaptiva CEO Deepak Kumar, “Endpoints are typically less controlled than, say, the data center. And with everyone working from home, they are literally on the front lines and potentially more exposed due to the enterprises’ lack of control over home networks.”

Endpoint security has to become a dedicated objective for IT leaders to maintain overall enterprise resilience in 2021. 

Learn More: Why CISOs Should Prioritize Securing Privileged Access 

7. Data Analytics Could Help to Stay One Step Ahead of Hackers

A useful tactic for IT leaders in 2021’s complex cybersecurity environment could be leveraging data analytics. Analytics features among the top ten “emerging security solutions” for 2021, with 44% of organizations looking to implement user behavior analytics tools. 

Data analytics converts cybersecurity from a reactive or resolution-focused vertical to a proactive function. As Rybec mentions, “companies want to identify the weaknesses, gaps, and vulnerabilities in their networks before bad actors do.” This is probably why cybersecurity providers like Heimdal are keenly focused on advanced analytics capabilities. In 2021, Heimdal plans on offering scalable threat analytics to its customers via a flexible unified dashboard. 

With data-backed cybersecurity solutions available in the market, IT leaders will have all the tools necessary to stay one step ahead of hackers. 

These seven predictions encapsulate some of the landmark industry shifts we saw this year and what they mean for the future. As the IT operating landscape transforms for good, rethinking purchase decisions and scaling up security capabilities in the right places will help to hold down the fort, even as your business grows in 2021. 

What, according to you, will be the no. #1 cybersecurity threat in 2021? Comment below or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!