The year 2020 has changed our interaction with our workplace – some of the organizations have announced a long-term plan for working in a distributed environment. Everyone around us can relate 3 terms – Remote, Dynamic, and Modular with the year 2020. This year has provided us an opportunity to view things differently – 2020 has highlighted the pace at which we can adapt to the change.
For example, the speed at which we have adopted Digital technologies is unprecedented, the year has tested our Business resiliency plans and provided the organizations to re-evaluate the long-term strategy. Finally, the year 2020 has also sent across the message to IT world that having short-term goals are as important as having a long-term vision about challenges and opportunity.
Experts also believe that 2020 has urged organizations to re-evaluate and re-look at the Cybersecurity, given the rise in cyber threats, changed attack surface, and increase in sophistication with which cyber-attacks are being carried out. It has brought the Cybersecurity agenda closer to the board room. CISOs, CROs, and CIOs have begun working on bringing in architecture-level changes within the IT infrastructure.
Some of the examples that we have come across during our industry consultations are a shift from managed endpoints and VPN towards unmanaged devices and VDIs; shift from the ring-fenced corporate network and perimeter centric security towards network segmentation and borderless security; shift from a hybrid model (on-prem and cloud) towards cloud-based and Platformized security.
The industry leaders are also working on new security use cases to support distributed teams. Advancements such as Password-less authentication, Zero-trust architecture, and software-defined perimeters have gained traction in 2020. Some of the examples of new security use-cases that we have seen are need-based access to the critical assets, fast enrollment, provisioning and secure management of machines, the security of endpoints that are remotely connected to the corporate networks, etc.
While there are so many opportunities areas that we have come across and discussed above, the Cybersecurity journey also faced challenges in 2020. Different organizations across different points of the cyber maturity curve must find ways of adopting cybersecurity that suits their business needs. CISOs must ensure that the board members understand the criticality of Cybersecurity and that is possible if CISOs across the organizations (SMBs and larger organizations alike) provides regular updates in terms of business objectives.
Once CISOs can better communicate in terms of business impact that security has on the organizations, it will be simpler to negotiate on the cybersecurity budget. Business leaders must evaluate investments in Cybersecurity using the same parameters that they use for other investments. This, in turn, will help CISOs understand the ROI and evaluate the security technologies in more efficient ways.
DSCI hopes to bring out expert opinions and have meaningful discussions in AISS 2020 around all the developments in Cybersecurity and its impact on business, focusing not just on 2020, but also the next 5 years. This session is most relevant for Business leaders – CISO, BISO and CXOs – who are involved in planning and strategizing the investments in the organizations. Through this session, DSCI hopes to make Cybersecurity a Boardroom topic that is critical not just to the IT team, but also to the business community.