My cybersecurity trends outlook for 2020 builds on my forecast for 2019. Identity and application security are still top-of-mind this year, but in new and more advanced ways.
As we approach RSA 2020, these are four trends in cybersecurity that I expect will make an impact this year.
1. Zero Trust goes beyond the hype and becomes reality.
Zero Trust had its buzzword breakout at RSA 2018, but there were a lot of questions. What is it? What does it mean? What does a Zero Trust architecture truly look like? As this security approach matures, it’s clear why Zero Trust is so important – there’s data to prove it.
- According to the 2017 Verizon Data Breach Report, 81% of breaches involved compromised credentials
- According to Imperva, 54% of web app vulnerabilities have a public exploit available to hackers
- According to Positive Technologies, 92% of external penetration tests led to a breach of network perimeters
As a colleague of mine says, “Hackers aren’t breaking into networks, they’re logging onto networks.” We need to be smarter about how we establish the identity of a user or device connecting to a network or application before access is approved or denied. The principles of Zero Trust are consistent, but the “how” varies depending on what’s being protected – whether it’s a user, container, IoT device, or something else.
Zero Trust technology is maturing and customers are gaining a more consistent understanding of it as they begin this journey. Moving to Zero Trust is the No. 1 topic for many customers I speak with and it was a top priority for many at Cisco’s CISO Forum.
2. Customers lean toward a platform approach that embraces best-of-suite, instead of best-of-breed.
Security is complex, and CISOs today don’t want a complex solution to an already complex problem. In response, we’re beginning to see a majority of customers shift from a “best-of-breed” to “best-of-suite” approach to security solutions.
I’m seeing a push for fewer strategic partners and more out-of-the-box value from products designed to work together. And I think that push is only going to get stronger. Many CISOs I talk with can’t afford to spend more money for more tools that require more effort to get a team up and running on each tool. This loss of time keeps security teams from high-value work, like applying security insights to keep the enterprise secure.
As I mentioned in my most recent blog post, our annual CISO survey revealed a trend toward vendor consolidation, which tells us CISOs are looking for ways to make network security easier to manage. This trend toward simple solutions will only continue in 2020 and will be a key topic for Cisco Security at the 2020 RSA Conference.
3. SASE principles take hold as cloud security replaces on-prem security.
I personally hope 2020 is the year we can agree on a new acronym for SASE (pronounced “sassy”). But even if it isn’t, the underlying principles of Secure Access Service Edge are legitimate as more customers adopt security in the cloud. You can read more about the principles of SASE in this article from SDxCentral.
Gartner’s recent 2019 Hype Cycle Report states SASE will be as disruptive to network and network security architectures as IaaS was to the architecture for data center design. The principles of SaaS (software as a service) will unlock a new set of capabilities for security as SASE connects individual users and equipment to the cloud – which, by the way, is now a highly dependable and trustworthy place to house all of your applications and services.
This trend is important because the move to cloud is fundamentally changing how users and devices connect to applications and data. As this happens, we need to re-think the type of security controls required and where those controls should be placed. The ideal model will provide flexibility to security teams to place those controls optimally based on the traffic and access patterns of their environment. In some cases those controls will continue to reside on-prem, but increasingly those controls will move to a cloud edge.
We have already seen this with DNS security, and now are seeing capabilities such as secure web gateway and cloud delivered firewall. A key to this transition will be meeting the security efficacy requirements—and is an area that we at Cisco are leaning into.
4. Security moves into application development via DevSecOps.
Another key point coming from Cisco’s CISO Forum is the continued evolution of application security. We’re seeing it in the plethora of new technologies targeting this space. But I’m also seeing a significant change in the organizational model to deal with it. One of the more surprising data points from our fall CISO Forum was the number of CISOs who are embedding security staff directly into application development teams, often without establishing an ongoing relationship with the security organization. DevSecOps enables greater security knowledge within application development teams, gives security a true stake in the development process, and enables security to build relationships within apps teams.
In my conversations with CISOs over the last few years, I’ve seen application security rise dramatically in importance. And now we’re seeing this come to fruition as security talent is moved into the application development process.
A benchmark in the security industry each year is the RSA Conference, and this year is no exception. We’ll be talking about how these trends are already making an impact in the industry and within Cisco’s security strategy. I hope you can join us in San Francisco on February 24-28, 2020.