The year 2020 has “offered” us a conflicting political environment, a deepening economic crisis and, above all, a pandemic. Disinformation has confused our ability to discern the truth, the ransomware has had real consequences when it hit hospitals, and internal leaks have continued to endanger privacy despite increased passage of laws relating to its protection around the world.
The IT security industry approaches 2021 with a heightened awareness of the links between the virtual and physical worlds. We have a better understanding of how the abuse of technology platforms affects the world around us. This understanding will shape our response in the New Year.
In 2021, every company will face three challenges: the need to verify information and certify credible sources; that of securing borderless networks; the need for cloud resiliency. In response, we can expect this year to witness the democratization of artificial intelligence (AI) and Machine Learning (ML); commercial technology focused on combating disinformation; and the maturation of security architectures serving borderless networks.
Democratization of AI and ML
In the security industry, AI and ML have taken on a negative connotation over the years. The industry has generally adopted a “black box” approach to embedding ML algorithms and models into products or has passed a rudimentary application of these technologies for a “next generation”. IThis has resulted in questionable effectiveness, with no way for security professionals to understand how these solutions work, while their optimization or modification requires extensive experience in data science.
In 2021, we will see the emergence of technologies allowing experts to create, train, test and deploy new models that take into account the specificity of their business. This will be the first step towards the democratization of machine learning and ML, essential for the wider adoption of the benefits long promised by AI and ML.
Fight against disinformation
Disinformation has multiple impacts on businesses and the general public. For a business, false or misleading claims can have a significant impact on its bottom line. In the general population, disinformation can tilt public opinion. These days, millions of lies per second are spreading at the speed of the Internet, propelled by massive disinformation campaigns, themselves amplified by the voices of those who have been influenced by false messages.
Fortunately, on a smaller scale, cybersecurity and digital forensics teams have experience with this challenge. Security professionals have already publicly dismantled some of the most glaring examples of disinformation last year.
Along with the increased ease of use of AI and ML platforms, one should expect to see the first applications of stand-alone fact-checking technologies appear on various platforms. We anticipate the arrival of applications intended for business systems, for the validation of critical business process data, alongside consumer applications on social networks. This involves applying supply chain security approaches to information.
Network security without borders
Until 2020, the cloud was still seen as an option by most companies. The outbreak of the Covid-19 pandemic and the switch to teleworking overnight made it an obligation. This will lead to a change in security priorities and attack targets in 2021.
As companies focus on adapting existing technologies to borderless and disconnected environments in 2020, we will see a massive shift to cloud native solutions in 2021. We will see more and more adoption of the SASE architecture (Secure Access Service Edge), authentication and identity management, and host, data, and user-centric security approaches. On-premise technologies will be modernized or discontinued in favor of cloud and container solutions. The IaaS (Infrastructure as a Service) and DaaS ( Desktop as a Service) will enter their golden age.
As things develop naturally, we will see attacks targeting container-based architectures like Kubernetes en masse, and it is very likely that we will soon see the first large-scale attack against such an environment. Suppliers will be forced to adapt their technologies to this new situation, under penalty of knowing the fate of antivirus vendors.
The year 2020 revealed gaps in our ability to trust information, triggered migrations to the cloud, and further put pressure on already overwhelmed IT security and digital forensics teams. These are the issues that will receive the most attention in 2021.