2021年顶级企业的IT趋势
2021 Top Enterprise IT Trends
2021年,网络安全团队将面临新一轮的威胁和挑战
Cybersecurity Teams Face New Round of Threats and Challenges in 2021
居家办公和数字商业模式的“新常态”将在来年考验IT的安全策略。以下是2021年必须应对的三大挑战 。
The “new normal” of home working and digital business models will put IT security strategies to the test in the coming year. Here are three key challenges that will have to be met in 2021.
By Tim Wilson for Dark Reading
该系列文章一共分为四篇,对2021年企业IT最主要的技术趋势做出了多方分析,请各位同学持续关注~
前文回顾:
1、边缘计算篇
2、远程管理篇
网络罪犯真的很期待2021年。他们何不呢?毕竟,2020年给他们带来了一系列新的机会和攻击面。2019新冠病毒大流行几乎迫使地球上的每个人都在家工作,这为窃取企业数据开辟了一个宝贵的新切入点。原来的实体企业被迫转向线上运营,造成了一批仓促规划、缺乏安全保障的数字企业,而无论企业大小都不得不完全依靠他们的线上渠道来生存,这为勒索软件和勒索提供了天赐良机。
Cybercriminals are really looking forward to 2021. And why shouldn’t they? After all, 2020 brought them a new range of opportunities and attack surfaces. The COVID-19 pandemic forced virtually everyone on the planet to become a home worker, opening up a treasure trove of new entry points for stealing corporate data. Brick-and-mortar businesses were forced to go online, opening up a treasure trove of hastily planned, poorly secured digital businesses. And enterprises of all sizes had to rely entirely on their online channels to survive, opening up a treasure trove of opportunities for ransomware and extortion.
对于坏人来说,2021年看起来相当不错。随着新年的开始,大多数企业都不得不承认,他们今年的线上业务可能会仍然多于线下业务。即便已经可以安全返回办公室办公,但很多员工还是会呆在家里。而这些仓促准备的网络防御措施,很有可能是窃取有价值的企业信息仅剩的障碍。
For the bad guys, 2021 is looking pretty good. As the new year begins, most enterprises are conceding the likelihood that they will face another year of doing more business online than they do in buildings. Many employees will likely stay home, even when it’s safe to return to the office. And many of those hastily prepared cyber defenses will likely remain the only obstacles to valuable corporate information.
2021年,网络安全领域出现了大量新的威胁和挑战。纵然这些挑战不计其数,但Dark Reading已经确定了三个我们认为在来年里最重要的关键问题:终端安全、勒索软件和云安全。
For the cybersecurity community, 2021 presents a plethora of new threats and challenges. While those challenges are too numerous to count, Dark Reading has identified three key issues that we believe will be at the top of most priority lists in the new year: endpoint security, ransomware, and cloud security.
终端安全
Endpoint Security
随着移动客户端的快速增长 ,在COVID-19爆发之前,终端管理已经是企业面临的主要安全挑战之一。而随着该流行病的爆发,这个挑战呈指数级扩大,因为几乎所有用户都成为了远程/移动用户。
With the rapid growth of user-owned mobile devices, the effort to manage the endpoint was already one of the chief security challenges for enterprises prior to the onset of COVID-19. With the outbreak of the pandemic, these challenges expanded exponentially, as virtually all users became remote/mobile users.
2021年,企业将需要在网络安全战略中做出关键选择,特别是涉及远程端和移动端访问企业数据的战略。企业组织将认真研究他们的身份管理、多重身份验证、虚拟专用网(vpn)和移动设备管理的方法。关键问题将是如何既能使最终用户能够访问他们完成工作所需的所有关键系统和数据,又不为线上攻击者打开新的攻击窗口。
In 2021, enterprises will need to make crucial choices in cybersecurity strategy, particularly as they pertain to remote and mobile access to corporate data. Organizations will take a hard look at their approaches to identity management, multifactor authentication, virtual private networks (VPNs), and mobile device management. The key question will be how to enable end users to access all of the critical systems and data they need to do their jobs without opening new windows of opportunity for online attackers.
勒索软件
Ransomware
在COVID-19爆发前 ,勒索软件就已经对企业构成了严重威胁。2020年,网络罪犯利用COVID-19疫情的机会扩大了勒索软件的传播,甚至他们还创造出了新的获取、持有和销毁企业数据的方法。许多企业组织不顾专家的建议,直接支付了赎金,这使得通过勒索软件来敲诈的策略对罪犯来说利润更加丰厚。
Ransomware was already a critical threat to enterprises before the COVID-19 sea change in IT. In 2020, cybercriminals used COVID-19 to amplify the spread of ransomware, even as they came up with new methods to capture, hold, and destroy enterprise data. Many organizations defied experts’ advice and simply paid the ransoms, making the ransomware strategy seem even more lucrative to attackers.
2021年,企业将必须找到更有效的方法来预防勒索软件的广泛传播,也就是要找到一个当遇到数据被攻击者破坏或摧毁时备份和恢复数据的更好方法。网络安全业界将面临挑战,要想出一套更好的行之有效做法来对付网络攻击者,而不是去支付赎金。
In 2021, enterprises will have to find more effective methods for preventing the spread of ransomware, as well as better methods for backing up and recovering their data if it is damaged or destroyed by attackers. The cybersecurity community will be challenged to come up with a better set of practices for dealing with online attackers rather than paying the ransoms.
云安全
Cloud Security
在新冠疫情爆发前,很多企业就开始大规模转型使用云服务,来节省成本和降低IT运营的复杂性。在COVID-19到来后,许多组织将更多资源转向云服务,以求支持居家办公和新的数字化商业模式。这种向云服务广泛转移的趋势引起了网络安全管理人员和专家们的关注,他们担心云中的数据的可视度更低,核心政策和实践可能无法正确地在云服务环境中执行。
Even before the pandemic, most enterprises were making a massive shift towards the use of cloud services, seeking cost savings and less complexity in IT operations. After COVID-19 arrived, many organizations shifted even more of their resources toward the cloud, seeking ways to support work-from-home operations and new digital business models. This broad movement toward the cloud has aroused the concern of cybersecurity managers and professionals, who worry that data in the cloud is less visible and that key policies and practices may not be properly executed in a cloud services environment.
许多专家认为,在2021年云安全政策和实践将必须实现自动化,以便在高自动化的全球云服务中有效实施。各种工具和策略正在形成,来帮助实现网络安全自动化,未来网络安全行业和IT行业的管理人员将只用做出某些关键决策,来决定部署哪些技术以及如何实施。
In 2021, many experts believe that cloud security policies and practices will have to be automated so that they can be effectively implemented in the largely automated world of cloud services. A variety of tools and strategies are emerging to assist with this automation, but cybersecurity and IT managers will have to make some critical choices on which of these technologies to deploy and how to implement them.
2021年的展望:IT领导者将更加依赖智能系统
2021 Outlook: IT Leaders Rely More on Intelligent Systems
为了更好地管理分散的劳动力和大量的企业数据,企业的CIO们需要在不断扩张的企业中加入更多的智能化。
To better manage a decentralized workforce and a glut of corporate data, CIOs will need to include more intelligence within their expanding enterprises.
By Brian Gillooly for InformationWeek
过去一年中,IT行业最引人注目、也是最迅速的变化之一就是居家远程办公,这使得IT公司领导者不仅需要反思工作流程的管理,而且要反思公司数据的管理、保护、开发和分析。随着企业向更加分散管理的方向转变,大家认为这对许多公司来说将是一个长期甚至永久的转变,这愈加清晰地表明,2021年将是IT公司领导者更加依赖智能系统的一年。
One of the most dramatic — and swiftest — changes in the IT industry in the past year was the shift to working from home, which has prompted IT leaders to not just rethink the management of workflows, but also the management, protection, development, and analysis of the company’s data. With the move to a more decentralized enterprise, which by many accounts is going to be a long-term or even permanent transition for many companies, it becomes increasingly clear that 2021 will be a year in which IT leaders rely more on intelligent systems.
InformationWeek的预测在2021年,IT行业的技术突破将涉及边缘计算、分析的多元化技术,有一点在我们所有的预言中是一致的:IT领导将受益于更加智能的技术,用来帮助他们更好地管理不断扩张、更加复杂的商业技术生态系统。可以说,我们处于真正“智能”技术的前沿,基于这些技术,正在改造一些现有的IT平台和后台进程,以帮助进一步发挥它们的潜力。
InformationWeek’s predictions for IT breakthroughs in 2021 touch on diverse technologies, from edge computing to analytics, but one thing is consistent in all of our prognostications: IT leaders will benefit from smarter technologies that will help them better manage a growing and more complex business technology ecosystem. We are on the forefront of true “smart” technologies transforming some of the existing IT platforms and processes to help advance their potential.
比如,随着边缘计算变得越来越普及,并能向企业提供越来越多的实时数据,我们预计,在高速网络上,依托自主运行的数据分析的智能设备,将给IT领导者提供他们需的实时洞察力,以便做出更快、更准确的业务决策。以更快的速度从相关领域积累更多的数据只是边缘计算商业价值的一部分:我们还预测,更强的分析能力将帮助企业加速其商业智能化、分析能力和人工智能程序等,来开拓新的商机。
For example, as edge computing becomes more prevalent and delivers more real-time data to the enterprise, we predict that smarter autonomous devices running data on higher-speed networks will give IT leaders the real-time insights they need to make faster and more accurate business decisions. But accumulating more data from the field at a faster pace is only part of the business value of edge computing: We also predict that augmented analytics will help enterprises accelerate their business intelligence, analytics, and artificial intelligence programs and discover new business opportunities.
在企业内部,智能将改变技术的使用方式。就在InformationWeek内部,可以发现更智能的应用程序开发方法,如DevOps在内部协同中,不仅要流程安全性,而且还利用人工智能来处理一些可重复和更普通的开发任务。由于新冠疫情大流行,许多企业开始更多地依赖数字渠道来完成工作,在当今的应用开发过程中,这意味着需要整合人工智能(AIOps)来测试应用程序、模拟现实需求,并监控动态变化的管理手段,以加速项目进程并提高开发准确性。
Even within the building blocks of the enterprise, intelligence will change how technology is used. At InformationWeek, we also see smarter approaches to application development as DevOps begins to incorporate not only security in the process but also leverages artificial intelligence to handle some of the repeatable and more mundane development tasks. Because of the pandemic, many businesses have begun to rely more on digital channels to get work done, and in the app dev process in 2021, that means incorporating artificial intelligence, or AIOps, to test applications, simulate real-world needs, and measure change management to speed the process and improve accuracy.
展望2021年,让我们备受鼓舞的是看到不断对智能技术的重视将使管理、存储和分析商业数据变得更简单。让我们拭目以待它的到来吧!
So as we look ahead to 2021, we’re encouraged that a greater emphasis on smarter technology will be making the process of managing, storing, and analyzing business data much easier. Is our crystal ball polished enough?
未完待续
翻译:
王学峰
世图兹空调技术服务(上海)有限公司 华中区售前技术经理
DKV(Deep Knowledge Volunteer)白金成员
校对:
柯志刚
深圳市特发信息技术服务有限公司 项目经理
DKV(Deep Knowledge Volunteer)精英成员
公众号声明:
本文并非原文官方认可的中文版本,仅供国内读者学习参考,不得用于任何商业用途,文章内容请以英文原版为准。中文版未经公众号DeepKnowledge书面授权,请勿转载。