The shift to work from home and financial constraints, alongside a growing cyber threat landscape, will impact the day-to-day role of cyber security professionals in 2021, according to Kaspersky.

“Understanding the challenges but also perceiving opportunities in IT and IT security management is key for companies to maintain their protection,” the cyber security firm said.

Kaspersky, in its recent report, Plugging the gaps: 2021 corporate IT security predictions, provided a range of IT security recommendations for businesses in 2021, with advice for each role related to cyber security, including CEOs or business owners, CISOs, SOC team leads and IT managers.

Cybersecurity investment expected to increase 10% in 2021

According to the report, businesses will need to assess and monitor home security as well, moving forward. Home-office assessment and certification will be needed.

“There should be tools to scan the level of security in a workplace — from the presence of software vulnerabilities to connecting to an unreliable or unprotected Wi-Fi hotspot. It will also require wider adoption of VPN, privileged access management, multi-factor authentication systems, the implementation of stricter monitoring, and the updating of existing contingency and emergency plans,” it said.

In order to manage the financial constrains, organisations may require to transition to a service model that can provide necessary IT and IT security services at lower investments.

Cyber Security: 64,000 jobs on offer

Management skills

According to Kaspersky’s survey, 79 per cent of businesses in the Asia Pacific region said that they are planning to use a managed service provider (MSP) or managed security service provider (MSSP) in the next 12 months.

“This is for good reason as the service model helps to minimise capital investments and transition business costs from CapEx to OpEx,” Kaspersky said.

Furthermore, moving forward, businesses should incorporate management skills within training for internal IT security specialist.

“Cyber security professions split into very narrow specialisations, meaning that hiring staff for each specific role may be too expensive. This is where outsourcing can help plug the gap. However, businesses that outsource key cyber security components still need to focus on developing management skills for their in-house teams to handle those outsourced functions,” it said.

Cloud paradigm

The changing cyber security landscape and digital transformation in businesses will include an increased reliance on cloud services. This makes dedicated management and protection measures necessary.

According to the survey, in 2020, employees in 95 per cent of enterprises and 94 per cent of small and medium businesses (SMBs) used non-corporate software and cloud services such as social networks, messengers or other applications.

“This is unlikely to change when staff return to the office. To ensure that any corporate data is kept under control, better visibility over cloud access will be necessary. IT security managers will need to align themselves with this cloud paradigm and develop skills for cloud management and protection,” Kaspersky said.

Deep integration

Along with incorporating new cyber security practices, the quality of cyber security tools will be just as important, moving forward.

“We have seen two important changes in what customers expect from corporate cyber security offerings. Firstly, the quality of protection is no longer up for discussion — now it’s a ‘must have’. Another major trend is that deep integration between various components of corporate security, ideally from a single vendor, now plays a bigger role. For instance, there was a long-held belief in the industry that various specialised solutions from various vendors can help create the best combination for protection. Now, organisations are looking for a more unified approach with maximum integration between different security technologies,” said Alexander Moiseev, Chief Business Officer at Kaspersky.

comment COMMENT NOW