Tech trends come and go; security is an everlasting concern for the enterprise. It is virtually certain that cybercriminals will continue to use the pandemic as a mask for phishing, ransomware, and other campaigns.
There is always one prediction that you can bet on: Forecasting enterprise security trends will never go out of style.
The recent cyber-attack on an American water plant rattled the world when a hacker attempted to poison the water supply in a town in Florida after hacking the plant’s computer system. And we just entered into 2021.
While 2020 was a strange and unsettling year for everyone, and perhaps even more so for IT security professionals. Whether it is working from home or working from Honolulu, we are now connecting from anywhere and everywhere. The threat landscape has become more intense and complex than before.
According to Gartner, “Due to COVID-19, enterprises have rapidly adopted new digital technologies to reset their strategies. This has resulted in new cybersecurity risks.” This makes it more crucial for organizations to reassess their security posture and tech stacks.
As companies look to transition to a new normal in 2021 and beyond, here are some key cybersecurity threats that security teams must keep their eyes on:
Assault on remote workers to continue
Nearly a year into the pandemic, companies are still struggling to support a remote workforce and devices without exposing sensitive information.
Don’t be surprised if there is an increase in attacks on personal emails and systems this year. Phishing and ransomware will continue to be a primary means for malicious activity. In 2021, these already widespread threats will increasingly target the many thousands of employees who will continue to work from home.
Following the seismic shift to remote working, we will continue to see an increased focus on securing beyond the perimeter and cloud deployments.
Rushing to the cloud; security playing catch up
Businesses deploying cloud-based applications and services often overlook critical security steps as they scramble to keep up with the latest technology, and the rush is putting them at risk.
People move to new technologies based on new features and capabilities. Security always follows. The gap between moving to the cloud and implementing strong security has shrunk as new technologies accelerate the process. Some businesses think the whole security issue is something that can be put into the provider’s realm. Well, think again.
Beware of the state sponsored attacks
Security leaders are becoming more concerned about direct and indirect threats posed by nation-states and their proxies. According to a Crowdstrike report, cyber experts fear that such cyberattacks can stifle business growth in a post-Covid world. Out of the cybersecurity experts surveyed, 73 percent of respondents believe that nation-state sponsored cyberattacks will pose the single biggest threat to organisations like theirs in 2021.
Apart from state-sponsored attacks, a ransomware attack is another major threat looming over businesses.
Not everything is bad news. The pandemic is forcing many companies to accelerate their timetables for digital transformation. And it is also reinforcing the critical need for security programs to be agile enough to react to minor and major extraneous shocks.
IT and business leaders must continually familiarize themselves with up-to-date threat intelligence and invest in the resources necessary.
For data-security and privacy professionals, the lesson of 2020 is that data security is no longer just about the confidentiality of data. Data security needs to also focus on the integrity and availability of data, especially in the face of rising disinformation and frequency of ransomware attacks.
A banking CISO friend shared a priceless advice, and I quote, “in any warfare, intelligence is the key. The idea is to not fight the war in isolation, but to fight the war with friends who have fought it earlier.”