Cybersecurity has quickly become a top priority for many organizations this year. This difficult time has shown us that even the largest corporations are not immune to vicious cyberattacks. Many organizations suffered breaches and lapses in security as they struggled to find the right solutions for staying connected while protecting valuable and sensitive information in the early days of remote work. As the months pass, the prospect of returning to full blown in-office operations anytime soon looks unlikely. Some companies are even looking to permanently transition to hybrid or full work-from-home structures.
Meanwhile, it has also been a very big year for data privacy, with new laws and protections being enacted, even as recently as November 3rd. On election day this year, California enacted an even tougher data privacy rule, which will make it much harder for large corporations (like Google and Facebook) to utilize user data by giving users the option to not disclose their personal data. The passing of this stricter legislation in California, along with Europe’s GDPR shows us that we’re clearly on the road to prioritizing and enforcing much stricter data privacy guidelines. As companies think about how to navigate this new landscape of privacy laws and cybersecurity threats, here are a few major trends and predictions to consider:
Growth of cyber breach costs will outpace the growth of the global economy. The economy took an absolute major hit, sending the U.S. into a recession in February of this year. In 2021, the global economy will slow to single-digit growth, as countries minimize activity in order to slow the spread of COVID-19. Meanwhile, as remote work and insecure data practices persist, cyber breach costs are slated to hit double-digit growth across all industries. Unless corporations, government agencies and nation states figure out how to mitigate these cyber risks the global community will suffer catastrophic economic losses that will take years to rectify.
Governments will demand data sovereignty solutions and move off the "global" cloud. It’s no secret that the political uncertainty in the U.S. has created unrest both domestically and globally. Not only has trust between nation states been at an all-time low, the increase of cyber attacks have challenged the defenses of local and state governments with many resulting in ransomware situations. Furthermore, the spate of privacy concerns have led to the emergence of the EU’s GDPR regulation, and the decision to strike down the EU-U.S. Privacy Shield due to concerns of U.S. government overreach. In this uncertain political climate, nation states will prioritize data sovereignty and move all systems that exchange or host data to domestic cloud or on-premise environments.
Large-scale video calls will be replaced with smaller, more efficient video groups and break-out rooms. The onset of the pandemic led to many enterprises embracing video calls with dozens, if not hundreds of participants - retrospectively a bad idea. We’ve seen time and time again that these open, large-scale video calls created opportunities for bad actors to gain access and disrupt meetings. As companies double down on cybersecurity and employees prioritize productivity and experience higher levels of online fatigue, the functionality of these all-hands calls will diminish. Instead people will prefer private, highly-focused video groups and breakout rooms centered around efficiency, specific goals and collaborative interactions.
Organizations will future-proof by diversifying and moving beyond traditional cybersecurity tools and strategies. As companies revise their work architectures to accommodate dispersed teams at scale, they will need to invest in diverse, future-proof tech stacks. The rising tide of mobile workforces and cyberthreats will result in several competing priorities such as convenience, security, high integration and privacy. To solve this problem companies will invest in tools that are most appropriate even if they are in similar categories.
A new architecture will emerge for secure collaboration. It’s safe to say that work culture has changed dramatically, and no one can really predict what the workforce will look like a year or two from now. What we know already is that major tech companies are pioneering the move towards permanent remote work structures - paving the way for organizations of all sizes to consider the same where possible. To meet the rising challenges of remote work and cybercriminals, communication platforms will need to be built with security-first architecture from the onset. While a number of tech vendors have only just started to incorporate some form of end-to-end encryption in their solutions this year (primarily as a knee jerk response to the rise of remote work, and customer demand for greater privacy and security), by the end of next year, companies will expect and incorporate end-to-end encryption across all tools used to communicate and collaborate with co-workers, prospects, customers and all external stakeholders. The drive for this will come directly from CEOs and non-security executives, as personal liability for cybersecurity incidents reaches an all-time high.
Next year will undoubtedly continue to throw new hurdles at organizations both big and small, so being prepared for a worst-case scenario will be crucial for the protection of both companies and employees. As cyberattacks continue to rise, data privacy becomes a key (enforceable) concern for businesses and governments, remote work becomes a permanent fixture in operations, and the economy slows under the weight of change, it’s crucial that we reassess the way cybersecurity is fundamentally approached.