2020 Predictions for SecOps, Cybersecurity Human Resources and Organizations  

This is our first annual roundup of expert predictions for the coming year. Here’s what leading industry figures have to say cybersecurity issues affecting human resources, organizations and SecOps in 2020.

Cybersecurity Human Resources

• In light of the ever growing cybersecurity skills gap, and an exploding attack surface, infosec leaders will shift their focus from increasing headcount to increasing efficiency. By prioritizing tasks based on risk, solving the most impactful issues first, CISOs can ensure that even a small team can have maximum possible impact. – Gaurav Banga, CEO and founder, Balbix

• Businesses will adopt automation to plug the industry-wide skills gap. Security teams are understaffed and will remain so in 2020. Sadly, sophisticated attackers are probably as well or better resourced and staffed than most security departments. In 2020, businesses will increase their investment in technology as a force-multiplier for security teams that are already stretched thin. Greater automation and contextualization of security alerts will help teams comb through mountains of false-alarms more quickly to prioritize the real threats. Unfortunately, any technology used for better cyber defense can also be applied by cyber attackers. Cybersecurity is a journey, not a destination. The most secure enterprises will focus on information governance to protect their most valuable information, will use smart automation to deal with cyber threats at scale, and will adopt a zero-trust mindset toward endpoints and identity. The burden of providing InfoSec solution will begin to shift from “pure play” cybersecurity vendors as we see application and infrastructure providers will begin to incorporate security into the core of their core software and hardware solutions. – Anthony Di Bello, Vice President, Strategic Development, OpenText

Cybersecurity and Corporate Organizations

• In recent years, CISOs have gotten much desired access to the board of directors, yet have struggled to speak in a language that resonates. This has limited the value of their exposure to the board, with many struggling to achieve the appropriate backing for their initiatives. In 2020, CISOs will recognize that business leaders will never understand technical security details such as threats and vulnerabilities, and will begin to leverage education and new tools to communicate business risk and economic exposure to the board. – Gaurav Banga, CEO and founder, Balbix

• The Changing Role of the CISO: CISOs have increasingly assumed responsibility for securing OT networks as those networks converge with IT networks. To date, that trend of IT-OT convergence has largely been a technical one. Networks for IT and OT have increasingly overlapped, with 84% of organizationsalready adopting or planned to adopt an IT-OT convergence strategy in 2019, according toSANS. This trend will expand in 2020 to become a cultural one, as well. As CISOs increasingly assume responsibility for securing OT networks, previously relegated to teams running those networks, many more will choose to combine the IT and OT security teams into one cohesive organization. This will require not only a cultural shift as the teams come together, but also new skills and training for IT, OT, and hybrid IT-OT teams. It will also mean the creation of a roadmap for how IT and OT will work more closely together. Some CISOs may also choose to further combine the security teams with the network or other teams inside of the organization in an effort to create even more efficiencies. A few organizations have already started doing this, with the idea that security will be more integrated throughout the company. – Rob McNutt, CTO at Forescout

• Unfortunately, poor understanding of the massive enterprise attack surface will continue to be the root cause of much cybersecurity-related frustration and anxiety. Discussions with BoD members and C-suite execs on security posture will still be based on gut instinct and incomplete data. Vulnerability management tools will continue to report 1000s of issues, and BU owners will still not be able to keep up, leaving thousands of assets unpatched. Senior executives will still fall for phishing attacks, with embarrassing and expensive consequences. Security teams will still not fully understand the risk of breach of sensitive data like intellectual property. CFOs will once again approve bigger security budgets, and the organization will continue to have no idea whether that was money well spent. Infosec leaders will still not be able to tell curious execs whether the company is vulnerable to the next Wannacry. Business unit teams will still surprise the security team with new soon-to-go-live product offerings that just need to be “blessed.” And by the end of 2020, most organizations will still be one bad click, a single reused password, or one unpatched system away from a major cybersecurity incident. The others will use risk-based tools to transform their cybersecurity posture. – Gaurav Banga, CEO and founder, Balbix

Security Operations (SecOps)

• Automation and Orchestration – While many organizations (and security vendors) will continue to focus on developing and deploying new detection technologies, progressive enterprises will look for ways to better utilize the tools they already have in place. In most cases this will involve automating and orchestrating common and repetitive remediation tasks to free up security analysts to focus on more sophisticated threats and vulnerabilities. The battle cry from many CISOs in 2020 will be, “Stop giving me ‘actionable data’ and tell how we can take unattended actions that don’t require people.” Srinivas Mukkamala, CEO of RiskSense 

• More Money Doesn’t Mean Less Problems: Enterprise spending on cybersecurity will reach an all-time high in 2020. Today, companies spend an average of $18.4M on cybersecurity each year, and 58% plan on increasing their IT security budget in 2020. This increased spending is due to emerging cybersecurity threats, the need to support enterprise technical transformation, and C-suite and boards becoming more involved in their company’s cybersecurity strategy. What’s truly alarming is that 53% of IT experts admit they don’t know how well the cybersecurity tools they’ve deployed are working. Enterprises must have full visibility into their environments and be able to identify if tools are working as expected, if there are gaps and if any tools overlap or are misconfigured. British Airways and Marriot are both examples of why having visibility at all times is important with the companies receiving hefty fines of $230 million and $123 million, respectively for their data breaches. While cybersecurity insurance can help, it is not always enough. Companies should invest in a programmatic approach that includes automation which continues to validate that security is working as expected, at all times. – Christopher Kennedy, CISO and VP of Customer Success at AttackIQ

• The rise of automation in cybersecurity; Robotic Process Automation (RPA) – This rise will be partly due to the shortage of human cybersecurity professionals and the need for automation to fill the gaps. Growth in RPA technology adoption will continue to be steady – as the technology provides huge cost savings for organizations and amass reduction in repetitive administrative tasks for staff. – Gary E. Barnett, CEO of Semafone

• Businesses will better utilize their IT staff to address high-priority needs. By automating change requests to reduce the need to remediate misconfigurations, IT security resources will be better utilized, resulting in both a reduction in cost and time. Further, the ability to offload highly repetitive tasks could give security professionals 40 percent of their time back in a day. – Tim Woods, FireMon VP of Technology Alliances