Lessons learned from 2020 that can inform cybersecurity planning in the years ahead