By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP and John Martin, CISSP-ISSAP
In February 2020, we put together our thoughts on Security Predictions for the upcoming year in a two-part series (Part 1, Part 2). Little did we know that COVID-19 would happen and change the way that folks work in our organizations, nor we as security practitioners work.
In our original blog, we suggested that the following issues would be of concern to the industry:
Data Privacy changes
Lack of secure coding practices
5G and WiFi-6
Phasing out passwords
Lack of perimeters
Backups and their role with ransomware
We believe that we got several predictions right. However, due to COVID-19, we have moved a few to 2021 or beyond, increased concern over a couple and added two new ones.
Predictions Moved to 2021
Lack of secure coding and development techniques
We still feel that many organizations want development to happen as quickly as possible but focus on this key issue may be delayed until mid-2021. It is still critical that security be implemented into the Software Development Life Cycle (SDLC) beginning in the design phase and each subsequent phase. This means actively introducing SecDevOps into the DevOps SDLC, especially where organizations have adopted Agile methodologies and the resultant culture.
Phasing out of passwords and what that would mean to the industry. Is the replacement secure enough?
This is still a valid concern for the balance of 2020 and is rising in concern d ..
Support the originator by clicking the read the rest link below.
² COMMUNITY OF SECURITY PROFESSIONALS){kind=link}