2021 Predictions Are Foolhardy – Here Are Four of Mine
Why do we like predictions so much?
After all, we know they’re terribly unreliable. Take 2020, for instance: who predicted any of it?
ANY! OF! IT!
Even the one kind of prediction that we thought would get better in 2020, political polling, not only didn’t improve, it actually got worse (in part because the people who answer polls are “weird.”)
Remember, polling is a form of prediction that is relatively scientific; it’s based on tested practices like sample size and margin of errors.
But predictions like the ones you’re about to read are not scientific at all. They are purely subjective.
My predictions, for example, are based on my past experience. I’ve been in this industry for 13 years now, and for much of that time I’ve been consciously watching trends and patterns (and writing about them).
They’re also based on my hopes for the future, and I’m far from disinterested. I want the future to turn out a certain way, and in some ways, I’m trying to nudge it that way as best I can. You’ll see that in my predictions.
Awareness Is Everywhere
This is my safest prediction, for it’s a continuation of trends that have existed for years.
When it comes to how people run their security and privacy training and awareness programs, once-a-year training with little else is now a distant memory for most organizations.
In its place is a continuous stream of content, some of which resembles training, but more and more of which resembles the content we consume so voraciously and voluntarily on social media: short, funny videos; jokes, especially visual jokes; memes; and short, catchy articles.
A more continuous stream of helpful cybersecurity and privacy information is a great match for the subject matter itself. After all, our contact with digital communications and data is continuous, why shouldn’t our awareness of how to do it securely also be?
Virtual Will Get Better
If 2020 was the year that all kinds of presentations and meetings went virtual, then I predict 2021 will be the year virtual will get a lot better.
Over the course of 2020, we saw people who provide training and information in virtual meetings go through their own version of the five stages of grief; let’s call it the three stages of virtual meetings: denial, compromise, and embrace.
First, people were in denial that this would go on for long and accepted doing crappy presentations. People suffered with poor video setups or turned off their video all together and just used PowerPoint. (I did a virtual panel presentation early in the year where I had to beg the organizers to allow us to turn our cameras on! They just wanted a conversation against an unchanging slide backdrop.)
But soon it became evident that virtual was here to stay, so they turned to compromise. People who presented a lot fixed their office background so they wouldn’t have to float in and out of virtual backdrops like ghosts; they got new cameras and improved their lighting; and in some cases, they took care to make their decks more attractive.
But it wasn’t until late in 2020 that I saw people really begin to embrace the idea that they’d be doing more and more of their work via Zoom, Teams, Google Meet (or whatever it’s called).
Some presenters mastered the art of looking right at the camera, vastly increasing the feeling of immediacy and presence (Steve Wright of Privacy Culture is the best). Others dedicated themselves to bringing energy and personality to their presentations in really effective ways (Chase Cunningham from Forrester deserves kudos). Some even ventured into using live polling and other emerging “interactive” elements to increase audience engagement. And new tools will emerge to make virtual meetings and presentations even better. (Check out a new tool called mmhmm, for example.)
By 2021, all parts of virtual meetings will be better: presenters will embrace their role as performers; participants will adopt ways to participate actively; and the tools will enable much more dynamic, interesting events. Will such improvements make it worth paying to attend a virtual conference? In 2021, conference organizers will test this proposition.
We'll Choose Optimism Over Fear
Let’s face it: 2020 was the year of fear.
The big driver, of course, was the global COVID-19 pandemic, which made all too real the fears of losing our lives, our jobs, our friends, and maybe even our sanity (if we had to experience another day that felt like every other day!)
Here in the U.S., fear reigned elsewhere: in the presidential election, in the civil unrest that followed several high-profile killings by police, and by the specter of armed groups storming our cities and small towns. The cybersecurity profession has long relied on fear to motivate action, using the threat of cybercriminals and “hackers in hoodies” to motivate buyers and employees alike.
I for one am sick and tired of fear, in every area of my life. But it’s in my professional life that I’m most encouraged by the alternatives to fear.
Our company has dedicated itself to infusing the way we train and communicate to employees with optimism, enthusiasm, and resilience. Sure, people need to know that there are cybercriminals out to trip them up, but it’s better to focus on the actions they can take to protect data, theirs and others. Small steps like adopting a password manager, using multi-factor authentication, and getting good at identifying phishing make people feel confident about their digital interactions, at work and at home.
In the cybersecurity profession, then, I believe 2021 will be the year that we’ll adopt an optimistic approach to helping people be more secure. “You can do it” beats “Hackers are out to get you” any day of the week.
Privacy Rights Come to the United States
What happens when a powerful player in the world economy—in this case the European Union—adopts comprehensive privacy regulation, as it did in 2018? As many predicted, countries around the world followed suit.
Before long, many of the world’s other major economic players adopted privacy laws that largely aligned with the GDPR, including India, Brazil, China, and many others. Though federal privacy legislation in the United States is no closer to a reality, the country’s most sweeping privacy law—the California Consumer Privacy Act (CCPA)—was superseded in November 2020 by the voter-approved California Privacy Rights Act (CPRA).
The CPRA won’t be enforced until January 2023, but we’ll begin to see its effects in 2021 in a number of ways:
- First, affected businesses (and those affected are not just in California) will begin to reshape their practices to prepare for CPRA enforcement
- Second, other states will adjust their privacy laws to better align with California, which is always the 800-pound gorilla among American states
I think there’s symbolic importance as well in the inclusion of the word “Rights” in the California law. The concept of rights was central to the GDPR, but has not yet been adopted in American approaches to privacy—until now.
Rights are near and dear to the American political consciousness. Once Americans adopt the notion that privacy is a right—and not some scrap that companies throw their way—there will be a fundamental change in the way we approach our personal information. 2021 will be the start.
So there you have it: four predictions for the future I’d like to see, in 2021 and beyond.
And one thing is great about making optimistic predictions for 2021: it can’t be worse than 2020!