Forrester: Insider threats, online sellers and non-U.S. cyber investment likely to rise


Ever since the COVID-19 pandemic hit, businesses around the world have been grappling with the fallout and changing their IT operations on the fly. That has many research firms scrambling to revisit their IT or security market forecasts and pick up on new trends in the wake of the virus.

Technology research firm Forrester is making a number of evaluations for how the pandemic will upend security and tech in their 2021 cybersecurity predictions report, including big changes in how companies sell their wares or deal with insider threats and where Venture Capital firms choose to invest their dollars.

Insider threats have been around forever, but they have become much more widely discussed over the past decade as leaks high-profile leaks from Edward Snowden and others have splashed across the front page of newspapers and scores of companies and government agencies have reported data breaches.

Today, internal survey data at Forrester shows that 25 percent of security incidents were caused by internal actors. By next year, they expect fully one-third of all breaches to have an insider component. That acceleration is partly due to an increased willingness of companies and law enforcement to publicly discuss when insiders compromise an organization. Pollard said insider threats went from being “a dirty secret” in the early 2000s to something that more and more companies felt comfortable talking about or disclosing when discussing a data breach and an increasingly proportion of federal indictments contain some element of insider participation.

But it’s also being fueled in part by the telework shift of 2020.  Now more than ever, employees are taking their sensitive work home with them or accessing them through leaky VPNs rather than printing them out or viewing them within more secure work networks. They’re sharing digital copies of sensitive research or data with clients and contractors instead of paper they control. Additionally, a bitter recession this past year has also led to layoffs, pay cuts and other forms of financial distress that are viewed as prime incubators of insider threat behaviors.

“For a long time, the network was our easiest point of visibility into the enterprise,” said Jeff Pollard, an analyst at Forrester and one of the authors of the report. Today, “even if you have invested in an insider threat solution, think about the behavioral models for that technology: they were based on a model where 80 percent of your workforce was in a building. Suddenly it’s 100 percent of your company is now working from home so even the behavioral models have taken time to update.”  

The researchers also think the pandemic and budget cuts will cause chief information security officers to be choosier about the new tech they buy and more mindful of possible security issues, gravitating more toward risk quantification solutions for new investments.

As retailers and manufacturers switch to online selling and direct-to-consumer marketing and purchasing strategies, it’s opening up a whole new realm of customer data for malicious hackers to try to access. Instead of selling at brick and mortar stores or selling through third party online providers, companies are setting up their own online storefronts, implementing new software or platforms and introducing new code and configuration responsibilities to their operations. This by itself increases the overall attack surface, but it’s made worse by the fact that many businesses tried to do virtually overnight and may not have the institutional cybersecurity chops to do it safely.

“Some of them aren’t doing it because they want to, they’re doing it because they have to,” said Pollard. “Some folks are already doing that pivot and they’re certainly factored in, but it’s also the fols that are being pulled in that direction based on the conditions they’re operating in. They’re less experienced, they’re less mature from a security perspective and now they’re directly on the public internet.”

Venture Capital investors may look to put their dollars into startups that aren’t headquartered in the U.S., where geopolitical tensions between America and rivals like China or Russia over hacking, controversial national security laws and where companies send their data loom increasingly large in policy debates.

While overall investment in cybersecurity will likely continue to rise, especially as businesses continue to grapple with a post-COVID technology and business environment, less than half of the $11.7 billion invested in cybersecurity startups in 2019 was raised outside the U.S., but that could change. As the balkanization of the internet continues, more firms could look to set up shop in countries where their data is less likely to become a political football for superpowers, and Forrester is expecting a bump in non-U.S. investment dollars of around 20 percent for 2021.

“In particular in this case is really a rise in the desire of countries and businesses within those countries to start trying to make sure they are not a tenant or a captive tenant of a technology provider from somewhere else or from another country that may  be an adversary or a competitor or something along those lines,” said Pollard. “The internal way we talk about it is almost like farm-to-table cybersecurity in a way: locally sourced and locally owned.”

Derek B. Johnson

Derek is a senior editor and reporter at SC Media, where he has spent the past three years providing award-winning coverage of cybersecurity news across the public and private sectors. Prior to that, he was a senior reporter covering cybersecurity policy at Federal Computer Week. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.