IT Security: Thought Leaders’ Predictions for 2020
Chris Goettl is many things to many people. Family man. Homebrewer. PC gamer. Hockey player. And IT security guru and thought leader. As Director of Product Management, Security, at Ivanti, Chris is a highly sought-after expert for his insights into how organizations can strengthen their enterprise IT security in an increasingly demanding environment.
Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. Chris’ commentary has been published in notable security news sources like SC Magazine, Redmond Magazine, ComputerWorld, Threatpost, Help Net Security, and others.
He and other noted authorities recently shared their security-related predictions on what 2020 has in store. Here’s a peek into Chris’s crystal ball:
- Windows 7 Will Remain a Security Target, Even After its End of Life: Our research shows that 39% of IT professionals report they won’t be completed with Windows 10 migration projects by January 14, 2020—the Windows 7 end-of-life date. That means Windows 7 and Server 2008\2008 R2 will continue to be common targets in 2020 for threat actors who are counting on the fact that these operating systems will still be very prevalent and exposed.
- Companies Move Toward Real-Time Security Response: While security threats continue to increase and malware becomes more sophisticated, the attack tactics have remained the same for 20 years. In 2020, companies will still be defeated by a lack of basic cyber hygiene. However, by 2021 companies will take a hard line with known exploited vulnerabilities and move toward real-time response to remediate threats in hours instead of months or weeks. To achieve this, companies will place risk mitigation before operational impact when it comes to these known threats. Concerning this basic lack of cyber hygiene, patching continues to play a critical role in protecting the enterprise IT environment.
And within the context of reducing the gap between working out which patches resolve which CVE’s and then deploying those to the devices that need them, Ivanti’s Andrew Souter, Area Vice President of Sales Engineering in Sydney, Australia, writes: “Two of Ivanti’s patching solutions—Ivanti Security Controls and Ivanti Patch for Endpoint Manager—feature a unique ‘CVE to Patch’ capability that lets you import a CVE list from any third-party vulnerability scanning tool. It then converts that automatically into a list of applicable patches ready to download and deploy. This feature alone can save your operations teams hundreds of hours spent researching CVE’s. It helps you deploy patches to your devices faster and reduces that 120-day patch gap to a matter of hours."
Executives at Lynx Technology Partners Share Their Predictions
The following predictions were shared by three security-savvy executives at Lynx Technology Partners, a Certified Ivanti One Partner: Mike Brown, Vice President of Security Engineering; Aric K. Perminter, Founder and Chairman; and Doug Yarabinetz, CMO.
- In 2020, Social Engineering Will Continue to Grow: Social engineering will continue to be the largest area for cybersecurity attacks. It will continue to be the most utilized form for breaches. There will also be more sophisticated phishing campaigns, backed by ransomware requests, targeted at large companies. We will also see a large increase in SMishing as more and more confidential and personal data resides on cell phones.
- In 2020, Hackers and Responders Will Both Use AI: AI will continue to shape and change security. AI will be a big help in speeding response to attacks, but hackers are using the same technology and techniques to exploit vulnerabilities. In 2020, we will see who can stay in the lead.
- In 2020, Mergers and Acquisitions Will Grow in the Security Space: Last year, we saw records broken with increased merger and acquisition activity within the security sector. This will continue in 2020 as new and emerging technology vendors are acquired by the big boys.
- In 2020, Integrated Risk Management Will Be a Focus as Organizations Evolve: The growing threat of attacks casts a big shadow over business financials, reputation, and overall viability creating a need for aligning security priorities with the overall corporate vision and goals to protect critical digital assets and systems. Integrated Risk Management (IRM) allows organizations to make better informed, more strategic business decisions. Every organization needs to continue to evolve in how they approach risk. 2020 will see more and more CEOs expecting their risk management strategy to align with organizational goals and objectives. IRM will become a focus for tying programs and activities to something meaningful for the business.
Ivanti’s Adam Jones and Melanie Karunaratne Weigh In
Adam Jones serves at Senior Director of IT within Ivanti’s corporate IT department, and Melanie Karunaratne is Director of Product Marketing located in Ivanti’s Bracknell, UK office. Here are their predictions on the topic of security:
- Zero-Trust Access and Architecture Will Be the Norm: By 2025, zero-trust access and architecture will be the norm. Whether cloud-delivered or on-prem, security will no longer be determined by where you sit or what network you’re connected to.
- By 2025, We Will Have Lost the War for Privacy: The War for Privacy is over. We will all surrender to the convenience and life improvements that sharing our data provides.
- In 2020, Security Teams Embrace Automation and AI: The continued shortage of cybersecurity professionals needed to fill vacancies will lead to accelerated adoption of automation and AI for cyber hygiene and decision support to counter the skill gap and free up personnel.
- In 2020, Data Centers Will Be Targeted: As organizations fail to meet their Windows 10 migration target dates, systems will remain vulnerable to attack. A number of high-profile attacks will take place in data centers as a direct result of the end-of-life support of Microsoft Windows Server 2008.
You can view more security predictions as well as predictions around service management, asset management, and the general future of IT in our new infographic.