Cybersecurity in 2021: new threats need new solutions

The pandemic has forced organisations and individuals to embrace new practices such as social distancing and remote working. The focus on cloud acceleration, business risk and data privacy, combined with increasingly sophisticated threats and broader attack surface, are driving the need for a new, holistic and agile approach to security.

Vendors and distributors are responding to these challenges, and in 2021 we will see extended detection and response (XDR) capabilities improving accuracy and productivity. Privacy will become a security discipline of its own. Network security will continue to migrate from LAN-based models to SASE. Cloud-native apps will require full life cycle approach to protection, and Zero Trust Network Access will begin to replace VPNs.

1. Never trust, always verify

The pandemic has had profound effects on the enterprise, with remote working rolled out, increased adoption of cloud resources and applications, and a shift to greater workplace flexibility. These changes have brought significant security challenges, and organisations that implement a Zero Trust Access approach will be much more resilient to threats and crises in the pandemic and beyond. Zero Trust Network Access can be defined as ‘never trust, always verify’ access to the internet, data and applications, with verification applied to people, devices, traffic and interfaces before access is granted.

2. SASE is more than a buzzword

Secure Access Service Edge (SASE), one of the biggest trends for 2021, describes a technology trend in which networking and security functionalities come together in a single product to protect organisations from SaaS- and web-based threats. For companies still using VPNs and remote-access tools to give employees secure access to the cloud, SASE wants to serve as their core network and security infrastructure. On the security side, capabilities include next-gen firewall functionality, secure web gateway, cloud access security broker (CASB) for SaaS access management and access control (zero trust or VPN). It represents a market poised to grow five-fold between 2020 and 2025.

3. DevOps is powering digital transformation

Agile software development is the true differentiator in the age of digital transformation, and the market for DevOps software tools is expected to rocket to $15 billion by 2023 as businesses realise they need software development and automation to maintain a competitive advantage. But the dynamics and agility of the DevOps methodology requires a new approach to security, and a successful DevSecOps strategy starts with integrating security into the DevOps cycle, with security teams positioned as enablers and facilitators in the DevOps way of working.

4. What is the future for SOC?

As attacks grow in volume and sophistication, the Security Operations Centre (SOC) needs to evolve to stay ahead of these ever-changing threats. At Westcon, we see five requirements for a next generation SOC to protect organisations from the latest threats.

• Alert handling powered by AI and machine learning through machine learning engines in SIEM and NDR/EDR
• Automated and orchestrated response through a SOAR
• Elastic scalability combined with low operational and maintenance costs through a Cloud SIEM
• Support for diverse data sources including cloud logs and detections combined with threat intelligence
• Mapping to the MITRE ATT&CK framework

5. Securing IoT/OT

During 2020, home networks and devices became a significant attack vector as workers were forced to stay home. IDC predicts that by 2022, more than 40% of enterprises’ cloud deployments will include edge computing. But with proliferation comes increased vulnerability and the attack surface has expanded significantly. Security surrounding IoT deployments in critical infrastructure such as healthcare and industry is essential. Additionally, an evolution toward virtualisation of the global workforce has started to emerge in response to the pandemic. This will stimulate faster adoption of 5G to address current requirements and prepare contingencies against future demand. As this technology begins to take shape, 5G will be a key driver of the IoT security market.

6. New threats, new solutions

These new technologies present a huge opportunity for the channel. The global cybercurity market expected to expand at a compound annual growth rate (CAGR) of 10.0% between 2020 and 2027 with high growth areas such as SASE and IoT security expected to be worth $25B and $73b by 2025 respectively. But the market is also complex, fragmented and rapidly changing.

At Westcon, we leverage our expertise to manage this complexity, reduce risk and create value, so partners can unlock new opportunities and navigate new routes to market. Our Next Generation Solutions (NGS) deliver the technologies end-customers need for a secure path to digital transformation, and the predictable recurring revenues partners need in today’s software-driven, cloud-first world.

Our portfolio of emerging, cloud-native vendors is underpinned by specialist services, deep technology know-how and data-driven demand generation. The portfolio includes cloud-first vendors such as Crowdstrike, Ordr, Menlo Security, Ping Identity, Sumo Logic, Cybereason, Firemon, Skybox, Certes, Vectra and Titus. These integrate with our existing portfolio of established leaders including Palo Alto Networks and Check Point.

Strategic synergies and technology crossovers create a vendor ecosystem underpinned by high-value enablement, support and services that partners need to realise the potential of this fast-growing IT market.

Find out how to unlock recurring revenues in a cloud-first world.

To learn more about the biggest changes impacting the channel in 2021, download our industry trends eBook.