Given the recent breaches, I think we will see a surge of interest in zero trust networking and moving beyond perimeter based security. The perimeter model has always been flawed and we need to move beyond it.
"Zero trust" is overloaded, but at the core, we need to assume our networks have already been compromised when we think about our security controls and apply a defense in depth methodology.
This means we actually need to care about secret management, and not have plaintext credentials everywhere. It means we need to encrypt/tokenize data at rest, and not depend on TDE/FDE. It means we need explicit AuthN/AuthZ for service to service traffic.
I'm excited about the @HashiCorp investments here. We are huge proponents of this model ( https://www.hashicorp.com/solutions/zero-trust-security) and we are continuing to invest in making it easier to apply.
Techniques like immutability are critical as well. Once you can build a new patched image + nuke and pave your whole environment, you avoid a lot of patch management and persistent access issues.
We often talk about "Mean Time to Recovery" for ops, but you can apply similar thinking around "Mean Time to Remediation" for security. Things like infrastructure as code play a huge part. How quickly can you change controls in an environment at scale?
The philosophy of security today is focused on mean time to breach much like ops was on mean time to failure. Increasingly, focus is now on mean time to recovery/remediation. Requires a different process and tooling.