Last Updated: 26th January, 2021
2021 Cybersecurity Wishlist: For several reasons, last year was particularly challenging for security professionals. Security professionals were thinly spread, from the rise in cyber attacks during the pandemic to the growing shortage of cybersecurity skills, and CISOs had to act strategically to maximize resources and defend their organizations.
Security leaders need to think about which initiatives they need to prioritize in their 2021 program as we embark on a new year and essentially draw together a ‘2021 cybersecurity wishlist‘ for the succeeding year.
With few CISOs and dealing the most significant worries, underneath is a recap of the most common responses answered about what is at the top of their ‘2021 cybersecurity wishlist‘.
1. All The Less Depending On Hunches And Becoming More Data-Driven
Security leaders are frustrated with their inability to accurately measure and understand their enterprise’s attack surface. As a result, many cybersecurity decisions are based on incomplete data. Due to this obstacle, CISOs worry about unseen cyber-risks and vulnerabilities, and struggle with how they can get better visibility.
Forward-looking CISOs want a system that can help them be more data-driven and quantify cybersecurity-related risks. This is worth the investment for enterprises because more accurate data enable security teams to have better intelligence, which leads to smarter, more well-informed business decisions.
2. Cybersecurity Wishlist: More Efficiently Use Resources
Many security teams are spending too much time and effort on items and actions that will not move the needle for their organization’s cybersecurity posture. Instead, security teams should focus on proactively tackling cybersecurity issues like unpatched vulnerabilities, misconfigurations, password hygiene, and other risk items in a timely manner. In addition, the budget can get eaten up by legacy tools that may not be effective.
Planning for 2021, CISOs want to be able to see where their resource utilization is less than optimum and understand what they can change to become more efficient. They also want to know how they can deploy their resources — both people and budgets — more effectively. This is achieved by prioritizing risk instead of chasing items that will not have an impact.
3. Get Insight Into An Overall Posture Of Cybersecurity
Cloudification and consumerization of IT have led to an explosion in the volume of different enterprise assets. Therefore, creating and maintaining a comprehensive and up-to-date inventory of IT assets has become much more complex.
It’s paramount for CISOs to have a bird’s eye view of the relative criticality of assets from a cyber-risk perspective, but it’s not always easy. Cybersecurity posture visibility should be broken down and available from a higher organizational level to a business unit level. Security teams need to have visibility right down to the individual risk owner level.
Furthermore, CISOs want this real-time IT asset inventory integrated into a system that continuously discovers and prioritizes vulnerabilities based on risk. These security tools also need to provide a way to map these vulnerabilities and risk items at the endpoint and network-level of the business units and risk owners.
By monitoring this trifecta of inventory, vulnerability management, and business risk, organizations promote better understanding and ownership of cyber-risk by individuals outside the security and IT teams.
Encouraging The Adoption Of Security-First Company Belles-Lettres
In addition to the top three 2021 cybersecurity wishlist’s items discussed above, CISOs agreed on other integral components of their 2021 security programs, which included ensuring they retain the appropriate people on their team and facilitating risk-ownership across the whole organization. All these initiatives are key for having a security-first company culture prepared for tomorrow’s cyber-threats.