Top cyber security predications for large enterprises in 2020

With 2019’s cyber security challenges and breaches tucked away, I wonder just how 2020 will fair?

As we all speculate on what the new year’s cyber security encounters will be, I’d like to add mine. As a  very much ’hands on’ CEO of Foresight Cyber Security, I offer a slightly different perspective: focusing on the cyber security domain from an angle of what large enterprises should prepare for in 2020.

The prediction centre around three themes:

  1. Cloud, Cloud and Cloud everywhere

  2. Going back to basics in cyber security

  3. Zero trust architectures shaping well and taking hold

Accelerated move to public clouds for IT workloads

Most CIOs have warmed / are warming to the idea of offloading their workloads to reputable cloud providers. Just as enticing is the move to Office 365 & Azure: having one key provider of cloud services is quite compelling – strategically, commercially and compliance-wise. It is therefore no surprise that Microsoft is winning over enterprises in the cloud tussle. A demand for Microsoft Cloud services, their integration to DevOps processes, and indeed securing the cloud is going to increase substantially. Microsoft understands these trends and is heavily touting their security portals and services, such as the recently introduced Azure Sentinel, a SIEM service.   But beware! The biggest obstacle for enterprises moving workloads to the cloud is the lack of specialists to ensure secure designs and implementations of the new architectures. The lack of expertise is also acknowledged by the UK government as expanded on in their recent study (

Focus on basics of cyber security

Would you be able to explain the Basic CIS Controls? I am frequently surprised (maybe I shouldn’t be!) by a lack of awareness amongst some security and many IT professionals of what these internationally recognised specific actions can offer in supporting an organisation’s cyber defences. The CIS Controls are recognised by experts as a great guide to implement cyber security policies, processes and technologies. More details can be found here: ( In my opinion, the most critical controls are:

  • IT Asset inventory and management – CIS controls 1 and 2

  • Vulnerability management – CIS control 3

  • Secure Configurations – CIS control 5

Enterprises should rethink investments into advanced ‘blinking boxes’ promising

‘unparalleled’ protection and detection of advanced attacks, because they are often inherently much less effective until the above CIS controls, are robustly implemented. When undertaking any client engagement, Foresight Cyber’s initial focus is on the above controls which, together with other internationally recognised frameworks, create a perfect balance between technical, procedural and administrative activities. My cyber security colleague’s mantra of, “Right first time, secure by design” is so true!

Exploring and trialling zero trust security architecture

The concept of zero trust architectures is not new. During my career, I was briefly engaged in the Jericho forum who had essentially invented the concept. At that time the technology was not mature enough to support ‘zero trust architecture’. I believe that today the technology is at a level ready for enterprises to start moving to architectures without perimeters…watch this space!


Foresight Cyber

71-75 Shelton Street 

Covent Garden



United Kingdom

+44 208 159 8942


VAT: GB144735213 

Company number: 06871193 

D-U-N-S number: 211601017

UK ICO number: 00011202777

Privacy Policy


  • LinkedIn
  • Twitter
  • YouTube
  • Vimeo

Copyright © 2009 -2020 Foresight Cyber Ltd. All rights reserved. Foresight Cyber are registered trademarks. Foresight Cyber Ltd is a company registered in England and Wales. Registered No: 06871193. Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom