Cybersecurity Trends for 2021
As technology continues to rapidly advance, the way many businesses function will be impacted as they adjust to changes such as workflow automation and the cloud. Additionally, malicious actors are gaining more sophisticated techniques to exploit vulnerabilities in cybersecurity. Companies in the 21st century need to adjust to this. Particularly in light of the COVID-19 pandemic and how it has impacted work environments, 2021 will bring some notable trends and changes to the cybersecurity landscape. In this article, we go over the 5 most significant trends in cybersecurity for 2021.
Let’s start with the most obvious trend for 2021: Remote work. The massive shift to remote work is arguably the most notable cybersecurity trend for 2021. The COVID-19 pandemic has brought sweeping changes to many workplaces, some of which may continue even after the pandemic is over. According to a Gartner survey of 800 global organizations, 88% of them have started to encourage or require remote work due to the COVID-19 pandemic. Additionally, 97% of organizations said they have canceled all travel for work. Many companies won’t completely go back to the traditional work environment after this shift.
Remote work is the norm for many companies now, and there are obvious implications in regards to cybersecurity with more employees working from home and handling sensitive data outside of the workplace. Organizations that are encouraging or requiring their employees to work from home more than prior to the pandemic need to consider how that shift impacts cybersecurity concerns. For instance, companies need to employ the correct tools to ensure that employees’ remote access to sensitive data is secure and tested. Amid the COVID-19 pandemic, the number of unsecured remote desktop machines increased by over 40%.
This represents a massive increase in the risk of organizations experiencing a cyberattack. Clearly, there are significant considerations and preventative measures companies will need to bear in mind into 2021. For example, companies should consider testing that the endpoints their employees are using from home are properly patched and up-to-date and ensuring that their employees’ desktop machines are as secure as possible. The impact of remote work on companies’ cybersecurity policies and procedures will be felt into the next decade – it is estimated that by 2030 the demand for remote work will see an increase of more than 30% due to Gen Z joining the workforce.
A Spike in Ransomware
Consider this astounding statistic – SonicWall’s 2020 Cyberthreat report saw a 105% increase in ransomware attacks since the start of the COVID-19 pandemic. Clearly, the threat of ransomware will still be a top concern for many companies into the new year.
Ransomware has been rising for years but the advent of COVID has clearly provided a new impetus for malicious actors to spread ransomware and attempt to profit off of institutions that can’t afford disruption. At the end of 2020, there was a spate of ransomware attacks against healthcare organizations, many of which were locked out of their data for days or even weeks.
Given the difficulty of dealing with ransomware attacks, and the enormous ransoms that malicious actors can expect, it is highly likely that we will see a continuation of attacks going into 2021 and beyond. Check out our articles outlining healthcare cybersecurity and small business cybersecurity best practices to learn more about how to best protect your organization against ransomware.
An Increasing Emphasis on Cloud Security
The worldwide cloud market has grown by hundreds of billions of dollars in the past few years and looks set to continue on its ascendant trajectory. Unfortunately in many cases cloud security isn’t keeping up in the rapid growth of cloud technology. We expect more organizations to move from on-prem to the cloud in 2021, and more issues arising around companies failing to take adequate measures to secure their cloud environments.
A recent study indicated that 24% of businesses have critical, unpatched vulnerabilities in public cloud environments, and a further 84% believe that traditional approaches to cybersecurity are ineffective in the context of cloud environments. We expect to see concerns and solutions grow around the security of cloud environments heading into 2021. If your business is concerned with their cloud security posture, you aren’t alone. Here’s an excellent article providing an overview of cloud security tools that can help protect your environment.
Machine Learning & Digital Transformation
Another trend is threatening to upend the cybersecurity world, and that is the advent of machine learning algorithms. In previous years, attackers could spend weeks or months doing reconnaissance on a target. However, with the increasing prevalence of artificial intelligence, attackers can now gather data in minutes and AI attackers can learn and adapt to your network’s defenses.
In addition, machine learning algorithms can be used to launch sophisticated spear phishing attacks that learn and adapt to user behavior. Email and social media phishing attacks have always been a major issue for security professionals, but now they must contend with an expanding attack service, the vulnerability of cloud services, and adaptive phishing.
Fortunately, machine learning can be used in information security too. Increasingly, security companies are employing AI to help prioritize vulnerabilities and defend networks. Some cybersecurity companies are even adopting machine learning to use in simulated-phishing attacks that help train users to avoid clicking links that may contain malware.
Continued Concerns over Data Privacy
In 2018, Europe’s General Data Protection Regulation came into effect. GDPR has inspired many similar pieces of legislation around the world including the California Consumer Privacy Act in 2018. However, regulations have a difficult time dealing with the sheer volume and extent of user data that companies now ingest. Companies now ingest exabytes of data including location data, browsing history, interests, purchase history, financial information, and more. While this data can help them hone their business model and optimize advertising, it also represents an enormous threat to user privacy.
GDPR, CCPA, and other regulations made several positive strides towards giving users more control of their data, but in many cases didn’t go far enough. IT security teams will also need to watch out for user data. For example, employees may reuse authentication credentials for both personal and business purposes. Make sure you are using a dark web threat intelligence tool to monitor for exposed passwords and user information that may have gotten dumped from a data breach.
2021 is likely to bring many new cybersecurity challenges, some that are anticipated and some totally unanticipated. One thing we can be certain of is that the need for and importance of cybersecurity will continue to grow as more of the world’s business is done online. If your organization needs help protecting personal data, devices, and networks contact us today. Our team of cybersecurity experts can help you with a range of issues from network security to implementing zero-trust.