*by Lucas Pereira
Anyone who follows the technology market knows that one of the main characteristics of this industry is the constant transformation. Even so, the truth is that the acceleration of digitalization in recent years has taken this dynamic to a new level, which means, in turn, that it is increasingly difficult to predict what will become of the technological tomorrow. In relation to cybersecurity, however, identifying trends and anticipating the steps to be taken is extremely important. And in this scenario, without a doubt, one mission seems certain: protecting business-related data.
According to a recent survey carried out by Dynatrace, a company specialized in digital performance, together with information security directors, 97% of organizations that operate with multicloud cannot have real-time visibility into their vulnerabilities. Additionally, 74% from Chief Information Security Officers say that traditional security controls such as vulnerability scanners no longer adapt to today's Cloud-native world.
The fact is that we must prepare ourselves to work and live in a cybernetic world, fully connected, but this scenario has also made the work of protection and control over applications and data more complex. So, in addition to new tools, we need to think more deeply about the impacts of digitalization and digital security on the sustainability of business – and why not for our lives.
Not coincidentally, a Gartner survey found that no less than 88% of executive leaders already consider cybersecurity an operational priority to protect their organizations in the marketplace. Increasingly, CIOs are advised to maintain active planning on how to use this strategic approach to mitigate threats and meet opportunities.
At this same point, according to Gartner, the coming years will require CIOs and cybersecurity professionals to assume new roles with business attention, in addition to dealing with technical issues. This means that they will always need to be aware of new threats and market trends so they can take the necessary measures to protect the company's important systems and data.
Above all, it will also be important that CIOs are always open to dialogue with other sectors of the company, such as legal, sales and finance, for example, to ensure that everyone is aligned on information security strategies.
However, it's worth noting that there are also other issues for CIOs to watch out for. One of them refers to possible conflicts between privacy (of customers and users) and the efficiency of processes and experiences offered by companies. You will need to balance the use of information with practices that also improve security. This dilemma between data analysis and privacy will be a challenge to be watched carefully in the coming years, directly affecting the position of managers.
Indeed, with increasing awareness of the importance of cybersecurity, the search for ways to expand defenses will also become a priority for operations. One of the trends in this movement is the proposal to unify the web, cloud services and access to SSE applications. This will allow 80% companies to improve the security of their systems and reduce the risk of cyber attacks by 2025, highlights Gartner.
Another approach that should gain traction is the use of Zero Trust as a starting point for security. This model assumes that all users and devices are, or could be, potentially malicious. So, rather than relying on history and profiles to keep attackers out, digital security forces filter everything and everyone – which will require using new types of identity-based, passwordless access controls (passwordless), to ensure that only authorized users have access to sensitive information.
The adoption of Zero Trust is being driven by the growing number of security threats, as well as new regulations such as the LGPD (General Data and People Protection Law). Companies are more aware of the risks associated with data and this should lead to new layers of protection being added to traditional security technologies such as Next Generation firewalls, VPNs, MFA and others. New generations of these products and services need to be dynamic and updated according to local customer demands.
In this environment, a culture of organizational resilience will be critical. After all, it is not enough just to invest in IT solutions and infrastructure to protect the company from cyberattacks, if employees are not aligned with a series of best practices.
Cybersecurity is a complex area and executives must be prepared to deal with an increasing number of threats. Companies are looking for innovative solutions to protect their data and ensure their operations continue to run smoothly. Therefore, it will be up to CIOs to develop their business vision, in addition to the technical aspects of security.
*Lucas Pereira, Product Director at Blockbit
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
