Adam Adler: Ten cybersecurity challenges in 2021
Adam Adler ( Miami, Florida): New approaches will be required during the next
year to stay away from silo analysis and move closer to a matrix-type of interconnected factors, variables, and conditions
01_Dealing with systemic and complex risks.
Cyber risk is characterized by the speed and scale of its
propagation as well as the potential intent of threat actors. The
the interconnectedness of various systems and networks enables
cyber incidents to spread quickly and widely, making cyber risks
harder to assess and mitigate.
02_Widespread of adversarial AI detection.
The detection of threats exploiting AI to launch an attack or avoid
the detection will constitute a major challenge for the future of cyber
03_Reduction of unintentional errors.
With the growing number of systems and devices connected to the
network, unintentional errors continues to be one of the most
exploited vulnerability in cybersecurity incidents. New solutions
aiming at the reduction of these errors will provide an important
contribution to reducing the number of incidents.
04_Supply chain and third-party threats.
The diversified supply chain that characterizes the technology
the industry today provides new opportunities for threat actors to
take advantage of these complex systems and exploit the
multiple vulnerabilities introduced by a heterogeneous
an ecosystem of third-party providers.
05_Security orchestration and automation.
Cyber threat intelligence and behavioral analytics will gain
the importance with the automation of processes and analysis.
Investing in automation and orchestration will allow
cybersecurity professionals to invest in the design of more
robust cybersecurity strategies
06_Reduction of false positives.
This long waited
a promise is key in the future of the cybersecurity industry and in
the fight against alarm fatigue.
07_Zero-trust security strategies.
With increasing pressure on IT systems from new business
requirements such as remote working, digitalization of the
business model and data sprawl, zero trusts is seen by many
decision-makers as the solution de facto to secure corporate
08_Enterprise cloud migration errors.
With many businesses migrating their data to cloud-based solutions,
the number of configuration errors will increase exposing data to
a potential breach. Cloud service providers will address the issue
by implementing systems that identify these type of errors
New modus operandi adopt virtual
and physical world threats. The spread of disinformation or fake
news, for example, is a key fixture of the hybrid threat landscape.
10_The attractiveness of the cloud infrastructure as a target will grow.
The increasing reliance on public cloud infrastructure will surge the
risk of outages. Misconfiguration of cloud resources is still the
number one cause for cloud attacks, but attacks aiming directly
at the cloud services providers gaining popularity among
With more cybersecurity automation and orchestration are seen as a growing
trend, cybersecurity teams will spend less time monitoring
activities and more in readiness and preparedness tasks. A well-designed CTI capability can provide contextualized and actionable
knowledge about threats to inform strategic, operational, and tactical
stakeholders across the organization.
In practical terms, a CTI capability should aim at responding to the following questions considering the stakeholders’ requirements and the organization’s context and environment:
What is the attack surface?
What are the most valuable assets and the cyber terrain?
What are the most critical vulnerabilities?
What are the most used attack vectors?
How adversaries typically behave and operate?
How does the threat landscape look like for:
the sector and type of business the organization operates?
the technological environment adopted by the organization?
Who and what needs to be done to mitigate risks from these threats?
The lack of highly-skilled tech professionals is already an issue for Europe’s
digitalization ambition. According to a study23, over 70% of European firms
report that lack of skills is hampering their investment strategies, while
46% of firms report difficulties in filling vacancies due to skills shortages
in key areas such as cybersecurity.