Yes, right after an article about how security predictions may not always come through in the way they are predicted, we’ve rounded up a series of 2021 predictions from the very same experts, and even some hackers. Why? Because unlike previous years, we’re not seeing “next big thing predictions”, where new technologies or paradigm shifts are lauded. 2021 is full of scepticism and warnings. Although we might be seeing the light at the end of the tunnel as Covid-19 vaccines are becoming a reality, there seems to be no end to threat actors taking advantage of the pandemic. Because 2020 was a year of reaction, 2021 will be a year everyone has to pick up the pieces, so to speak.
Some things will certainly not change in 2021. Massive amounts of valuable data will continue to be placed online in public places with no protections. People will continue to choose easily guessed passwords that they use across multiple accounts and continue to click on sketchy links in emails. Organisations will continue to not keep up to date with software patches and versions. Organisations will continue to ignore more than a half-century of accumulated wisdom about defence in depth, least privilege, and all the other lessons about software development that organisations have learned the hard way.
In 2020, we saw attacks on unlikely-seeming targets, from Jack Daniels to tugboats. Looking ahead, attackers will continue to profit from the asymmetric advantage of software exploits, delivering punishing attacks on organisations of all types.
On a more hopeful note, 2021 should be the year where we officially bury the centralised, isolated model of software application security. This was the somewhat naïve approach many organisations first adopted, where a single group would have responsibility for the security of all applications the organisation was building. Time has shown that this approach results in a slow, frustrating process. Security and development organisations end up at loggerheads, and the end result is applications that are hardly more secure and are slower to market.
In the new model, what we might call Application Security 2.0, security is inseparable from software development. It is baked into every phase, from design through implementation all the way to maintenance. Security teams can provide expertise and support, but security is automated and integrated with the software development process, a seamless addition that results in safer, more secure, better products.
As 2021 progresses, I predict more and more application teams will take full responsibility for their own security, with appropriate support from the security team. As responsibility and budgets shift, application teams will increasingly adopt a DevSecOps process, in which automation is fully leveraged to maximise velocity, and a culture of continuous improvement allows each team to tune and optimise their processes.
By the end of 2021 there will be very few non-digital organisations. There will be many more that are just starting to be digital, plenty in the process of cloud migration and a growing number of organisations that are cloud-native and have been digital from the off.
Continue reading your story on the app
Continue reading your story in the magazine
THINKING OF JOINING CLUBHOUSE? THE MEMBERSHIP FEE COULD BE YOUR PRIVACY
With leading media and business influencers such as Oprah Winfrey, Kanye West, Drake and Elon Musk enthusing about Clubhouse, the invitation-only ‘drop-in audio’ app has created massive awareness and interest globally, even though it’s still in beta mode. It claims to have 10 million users, up from 2 million in January 2021, and its US$1 billion valuation makes it a tech unicorn ranking alongside the likes of Uber and AirBnb.
WHAT SHOULD YOU KNOW ABOUT CLOUD SECURITY SOLUTIONS?
First, let’s explain exactly what the cloud is, and how it relates to digital security. Intuitively, some people believe that “cloud” storage means your data is being held in the air somehow, but this isn’t really the case. Instead, most cloud applications store data on physical servers, in datacentres around the globe. Your data is stored remotely, and provided to you upon request.
Truly Lightweight And Powerful
Dyson Digital Slim
BREAKING THE GLASS CEILING
How women in tech succeed in a male-dominated industry
BUILDING FANTASIAN FOR APPLE ARCADE
A chat with Final Fantasy creator Hironobu Sakaguchi about his latest gaming opus.
This Monitor Does (Almost) Everything LG UltraGear 27GN950
LG’s UltraGear 27GN950 is a 4K gaming monitor that has pulled out all the stops to deliver a premium screen for gaming, content creation, and media consumption. And it has pretty much succeeded.
A Big Ol' JRPG Throwback
Bravely Default 2
The ‘Good Enough' Gaming Mouse
HyperX Pulsefire Haste
The Road Less Travelled
Raji: An Ancient Epic
Spooky, Not Scary