3 Cybersecurity Trends for 2021

2020 has been the year of the unprecedented, which has forced industries, organizations, leaders and teams to prepare for both the known and the unknown. The threats that couldn’t be seen have often been the scariest and, in turn, a challenge for security teams.

While the year may be winding down, the lessons learned amid a pandemic and a contentious U.S. election are just starting to take shape. The upside of this frenzied year is that cybersecurity professionals already know where to focus their efforts in the year ahead. That’s because three key trends have emerged for 2021:

1. More Intelligent Firewalls

Virtual private networks, better known as VPNs, became a must-have tool this year during COVID-19 as companies outfitted and enabled remote workforces around the world. But as STANLEY Security Solutions Engineering Consultant Andrew Gibson shares in Toolbox, VPNs are just one step toward a long-term remote work structure. As companies prepare for a lingering and worsening pandemic, they’re now turning their attention to security policies and intelligent firewalls. That’s because Gibson says adaptable firewalls “will automate much of a company’s threat detection and prevention, helping cybersecurity teams stay abreast of the threat landscape.”

2. Automated GRC 

Speaking of future threats, LogicGate CEO Matt Kunkel sees the next frontier of risk tech in the cloud. In a piece for Information Age, he makes a case for automating legacy tech and in-house solutions to make governance, risk and compliance (GRC) programs more proactive. Kunkel says automating GRC cloud-based solutions allows you to “work smarter, save time, and focus on strategic approaches to a company’s biggest challenges and lingering threats.” The takeaway: The push toward digital transformation and investment in cloud solutions can actually serve as a revenue driver for organizations.

3. Push for DMARC

And finally, while the U.S. election may be over, scrutiny over election security and the threat of impersonation-based phishing is not. In fact, Alexander García-Tobar, the CEO and co-founder of Valimail, told Channel Partners “the same techniques that an attacker might use on election day would also work to sow doubt, confusion and misinformation in the days and weeks following the official election date.” Valimail, a leader in zero-trust email security, has been calling on federal and state officials to prioritize domain-based message authentication, reporting and conformance (DMARC) for all domains involved in elections. DMARC prevents attacks in which malicious third parties try to send harmful email using a counterfeit address.

Do you have perspective you would like to share on the cybersecurity field? Reach out to Lindsey Groepper to find out how BLASTmedia can help you join the conversation.

3 Ways SaaS Companies Can Prepare CISOs for Cybersecurity Needs

In an age of increasing online threats, SaaS companies are strengthening their cybersecurity efforts by creating systems to protect their digital presence and planning for future threats as they scale.

The chief information security officer (CISO) has emerged as a critical role in companies’ cybersecurity plans. CISOs exercise their expertise to build today’s walls and tomorrow’s blueprints. Despite their importance, companies have seriously struggled to recruit and retain top-quality CISOs.

3 ways to prepare CISOs for success

Preparation is key to a CISO’s success. But how can SaaS company leaders prepare new CISOs for the demands of cybersecurity?

Provide a clear role plan 

Cybersecurity’s profile is expansive. And without clear plans for a role charged with maintaining a company’s protection, CISOs burn out quickly.

According to Jill Knesek, Cheetah Digital’s chief security officer, CISOs typically need 3-5 years to roll out new cybersecurity programs. If they leave before then, it leaves a company vulnerable. “High turnover in this position can result in a company never getting a successful security program fully implemented,” she said in a recent Wall Street Journal article.

When CISOs know the company’s focus areas and how their role will develop over time, it’s easier to put in the considerable time and energy required to create a strong cybersecurity program.

Keep them informed

CISOs need to manage a lot of information. Some information, like new regulations, can make or break companies — and being in the know is always better. 

For example, when California introduced the California Consumer Privacy Act (CCPA), it affected how many companies managed their data security profiles. Matt Kunkel, CEO of LogicGate, believes CISOs play an important role in guiding companies through the CCPA’s regulations. 

“Because CCPA has such a broad view of personal data, companies have to be especially vigilant. It’s up to the CISO to allay concerns via a sound compliance strategy and timeline,” he said in a recent article on The Compliance and Ethics Blog.

Provide your CISO with access to industry news and information like this. When they spot issues or new legislation, they can proactively prepare your company to adapt to needed changes.

Streamlining Risk Management for CISOs

One notable aspect of contemporary cybersecurity is the increasing emphasis on security questionnaire automation. This technology is becoming integral to the defense mechanisms of SaaS companies. The repercussions of a security breach, especially one stemming from a vendor’s negligence, can be avoided.

By collaborating with vendict, CISOs can take the lead in integrating these tools into the overall cybersecurity framework. Their expertise is essential not only in building current defenses but also in strategically planning for the evolving landscape of cyber threats. The symbiotic relationship between CISOs and vendict reflects the industry’s commitment to staying ahead of the curve and fortifying digital fortresses against ever-persistent online threats.

Form and maintain good partnerships 

Even the best CISOs will run out of steam if they work alone. Companies need to create cybersecurity partnerships if they want CISOs to thrive. 

“The right partner will be an extension of your team,” said Jeff Ton, SVP, product development & strategic alliances at InterVision in a recent Forbes article. “They will relieve the pressure the team feels, and provide information sharing and training of internal resources.” 

CISOs should continue internally championing your company’s cybersecurity needs. But if there are other job functions you can shift to partners, explore how you can give your CISO space to better plan for your company’s future.

With a clear role plan, up-to-date information and strong partnerships, CISOs can succeed in their crucial places within SaaS companies and protect them now and in the future.

Do you want to share your perspective on cybersecurity and how SaaS companies can best prepare CISOs? Reach out to Lindsey Groepper to find out how BLASTmedia can help you join the conversation.

How Data Privacy and Cybersecurity are Changing the Tech Industry

With tech becoming such a prominent part of our society, and companies increasingly storing consumer data in the cloud, the conversation around data privacy and cybersecurity continues to grow. While data privacy focuses on who is authorized to access data, and cybersecurity focuses on securing data from those unauthorized to have it, it’s imperative that SaaS organizations are actively considering both in today’s digital-first world. Continue reading “How Data Privacy and Cybersecurity are Changing the Tech Industry”