As we learned in 2020, vendors predict, and the universe laughs. But this year we polled our experts at Netskope to get their view of the year to come. Here’s how we see 2021 shaping up for networking and security, in the form of some pretty safe bets, and some harder calls.
Safe Bets
Economic benefits of network and security transformation will be realized—and quantified.
As more organizations consolidate and move away from appliance-based security technologies, IT and security teams will realize the cost savings and operational efficiencies the move to cloud brings. Organizations following a cloud transformation framework model such as SASE could see cost savings average between 20-40% in the first year alone.
10% of Fortune 1000 CISOs will be asked to take on networking teams because of SASE.
As organizations continue the move to cloud, employees are no longer on a corporate network and the operational investment must move with the data. Networking and security teams will further converge, and the traditional legacy network and security stack will become less relevant.
Zero Trust and SASE will converge.
SASE architecture will be needed to truly support a holistic Zero Trust implementation, and these two requirements will be the cornerstone for any future workforce digital transformation, providing full visibility, control, and enablement for a secure cloud transformation. As remote working accelerates, and ZTNA sales grow exponentially as a result, networking teams that initially boosted their VPN spend to cover the rapid rise of home workers will see the benefits of massive ZTNA bandwidth and cost advantages. Zero Trust and SASE are inextricably linked.
Cloud-enabled threats will become a weapon of choice, and insider incidents causing or contributing to successful breaches will accelerate thanks to the overall shift to remote work.
Cybercriminals will increasingly benefit from exploiting the trust model of SaaS apps, with many whitelisted to bypass security controls. Insider threat training and response programs will need to rapidly transform and mature as a result.
Security vendor consolidation will continue—apace with creative marketing.
Legacy security vendors will continue to acquire technologies to their portfolio that unfortunately aren’t integrated and won’t create a true platform except when it comes to what’s in their corporate vaporw-, uh…slidewa-, uh… “product roadmap.”
Long Shots
We will pass the cloud traffic “tipping point” for security—and then some.
In 2021, 70% of all enterprise internet traffic will be destined for the cloud (IaaS or SaaS or PaaS) vs. historically traditional websites that firewalls and proxies were used to dealing with. This will create a massive hole in security visibility, impacting data protection and/or slowing down business app transformation.
Next Generation Secure Web Gateways (NG SWGs) will become a default requirement.
As the traffic profile for most organizations has already changed to consume more cloud applications than traditional web traffic, we predict the NG SWG will become a default requirement for organizations as they look to replace their legacy SWG appliances. NG SWG offers the ability to manage SSL/TLS traffic at scale and, when combined with CASB, offers the ability to decode API/JSON traffic to manage cloud applications, prevent cloud-enabled threats, and use context for cloud application instance awareness (i.e., corporate vs. personal instances of cloud apps) to ensure freedom and flexibility for an organization’s workforce.
Data Protection transformation will become a top strategic topic, with 25% of the G2000 projected to enhance or rethink their data protection capabilities.
Data governance controls will also move to the cloud as organizations further adopt cloud data protection controls, such as NG SWG and cloud DLP, to manage their cloud applications and infrastructure. Best practices will automate data protection and privacy requirements that also support the latest data protection regulations and ensure data transfers are supported by a valid data transfer agreement.
AI/ML threats will arrive a lot faster than you think.
As AI and ML plays a greater role in developing technology capabilities, AI/ML specific threats will grow, such as poisoning of training data sets and model corruption. The impact will be significant and we will soon see a number of breaches relating to data integrity especially for organizations that fail to secure their data lakes and supporting infrastructure.
Backhauling traffic through corporate data centers will soon be a thing of the past.
In 2021, most network and security teams will have a project to stop backhauling traffic to the data center using legacy VPN solutions as much as possible. More than 80% will start to use new technologies to let users go directly to a secure cloud solution to access the cloud and web vs. backhauling back to HQ.
Agree or don’t agree with any of our picks? What do you think?
