To call 2020 a rough year for enterprise cybersecurity teams would be something of an understatement.
The COVID-19 pandemic and the newly distributed workforce that it engendered upended security strategies and forced a rethink of approaches to securing remote workers and supply chains at many companies.
Security teams that had implemented controls for managing remote workers suddenly had to contend with a magnitudes-fold increase in the number of users they had to support this way. With more users accessing enterprise systems and data from their homes, attack surfaces increased dramatically. Enterprise security teams found themselves scrambling to implement new controls to manage threats due to their increased risk exposure.
Security operations teams found themselves scrambling to address issues around communications and challenges related to breach investigations and visibility into endpoint systems. Organizations that had adopted a zero-trust approach to security suddenly found reason to accelerate their plans.
Already overburdened security operations teams had to find ways to remain effective in a new threat environment, even as software-as-a-service (SaaS) and zero-trust initiatives attracted greater enterprise interest and investments.
Here, according to a half-dozen security experts, are the six main takeaways from 2020 for cybersecurity practitioners.