- Cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.
- There will be 3.5 million cybersecurity job openings by 2021.
- There will be more than 26 billion global IP networked devices or connections by 2020 (up from 16.3 billion in 2015).
On Premises & Hybrid ITCisco provides some predictions on where IT systems will be found by 2021, suggesting 94 percent of workloads and computing instances will be processed by cloud data centers; six percent will be processed by traditional data centers. Building your own data center seems like a not-so-great idea. Seventy-five percent of the total cloud workloads and computing instances will be Software-as-a-Service (SaaS), up from 71 percent in 2016. The slow death of client-server on premise applications continues to linger. So if most of the IT systems will be found in cloud data centers by 2021, the security revolution in tools & training has to be applied to securing those cloud data center hosted systems. The endpoint defense-in-depth or layered security model is still relevant, but the investment in those layers needs to change; with most of those systems located in the cloud and as SaaS offerings, credential management along with multi-factor authentication becomes the most important layer. This is something which very few companies are doing today (mostly due to legacy systems), and it’s no wonder that cyber criminals keep pillaging them. There is an unexpected ally in user account management in SaaS – the accounting department. In the SaaS monthly billing model or pay-as-you-go billing, the question will be near constant: “can we shut that account down to save money?” Look for accounting to become the “Committee of Account Safety” and be wary of their budget guillotine.
Applications and Data on the LANImplicit in the prediction of where the IT systems will be found by 2021 is where the data in those systems will be found - “in the cloud data center.” As we move towards an environment where endpoints connect to SaaS and SaaS systems talk to each other using APIs, it becomes increasingly necessary to secure access to those systems with strong credential management with less important on the hygiene of the endpoint. Credential-stealing payloads and even ransomware payloads become less impactful when no important data is found on an endpoint and it can’t be accessed because of multi-factor authentication protections. The future of business IT can be found in moving business applications and data into cloud-hosted services (as quickly as possible) and reducing exposure of any data in an unencrypted format on any endpoint. With robust credential management in place, the detection of a compromised endpoint becomes easy (failed login due to multifactor account protection alerts), and the impact of that compromised endpoint from a compliance perspective becomes minimal. No data on the endpoint = no data to disclose in an unauthorized manner or to encrypt with ransomware. From the IT management perspective, imagine if the build you have stops at the web browser of the user’s choice, completely platform-agnostic with all the applications the user needs found as webservices. Access and provisioning are controlled by the user’s manager through a console, and one of the only large expenditures in security is on the multi-factor authentication and VPN solution for mobile workers. Vulnerability management on the endpoint as well as anti-malware defenses are still required for compliance, of course, but the impact of a security breach will be significantly decreased and confined. So, how close are we to the security utopia I propose? It depends on who you ask. 56 percent of C-level executives believe that their organizations have migrated workloads to the cloud. But 35 percent of IT directors who believe the same, with 53 percent of companies committed to a hybrid approach (combination of on-premise and cloud). Sigh, it appears we are only halfway there, and for those companies that are not moving to the cloud with all do haste, their security posture may be living on a prayer.