In the wise words of Will Smith, our lives have indeed been flipped turned upside down. And if the title of this article made you do a double take, you’re not alone. Cybersecurity predictions for 2021— where’d all the time go? Well, we’d like to take a minute so just sit right there and we’ll tell you about the 2020 cybersecurity scare.
With coronavirus ravaging the U.S., organizations have had to completely rethink their technology and security processes. As we’re sure many of you have experienced, this includes everything from internal processes and business functions to cloud migration and remote worker support. Worst of all, organizations have had to battle the widespread increase in cyberattacks. 2020 brought some of the worst hacks and breaches we’ve seen to date. We’re talkin’ full scale nation-state digital espionage and state-backed phishing— the whole nine yards.
In the face of nationwide uncertainty and chaos, it’s time for organizations to step up their cyber game. Last year, we predicted (quite accurately, might we add) that there would be increased risks in connected devices due to exploits in 5G and IoT and growth in phishing, malware and ransomware. Similarly, with more devices connected to vulnerable remote and at-home networks due to the coronavirus pandemic, we expect that these risks will continue to rise. Here are a few security trends that you should keep an eye on heading into 2021:
- Cloud computing: The IDG Cloud Computing Survey 2020 revealed that growth in cloud adoption and cloud investments are expected to soar in 2021 with 32 percent of organizations IT budgets dedicated to the cloud. While cloud computing will enable organizations to support their workforce and organizational shifts during the coronavirus pandemic, the cloud also presents large challenges. ‘Cloud jacking’ or ‘cloud hijacking,’ where an attacker uses an automated exploit script to take control over an organizations cloud infrastructure, will grow due to the lack of proper protection. Cloud service providers and third-party IT security providers should regularly review security policies and procedures to prevent vulnerabilities.
- BYOD and mobile security: Nowadays, it’s common to work from your bedroom, kitchen table or even the couch. The coronavirus pandemic has flipped houses into offices and made work-from-home the new norm for the foreseeable future. With more people using personal devices to access confidential files on home and public networks, there’s a significant threat to an organization’s data. Without secured access, hackers may be able to bypass antivirus and detection tools that rely on connectivity to block attacks. As the pandemic continues to accelerate the remote workforce, the attack surface will grow tenfold.
- Skills shortage and user awareness: As the coronavirus pandemic exacerbates the number of exploits and hackers find new ways to hit us where it hurts, the cybersecurity skills gaps will once again fall behind. With so many new technologies at play, it’s hard to keep up with the changing security landscape. And while entire workforces are investing more in cybersecurity training, humans still remain the top vulnerability to an organizations cybersecurity infrastructure. Educating employees to correctly identify different forms of phishing and malware infections through web-based awareness training will help avoid preventable threats.
- AI, ML and 5G: How could we forget these three? While there are many ways security analysts use them to prevent cybercrime, they can also be exploited for malicious contexts. Hackers are using advanced technologies to their advantage, mimicking human behavior with AI and using ML to generate malware and phishing threats, thus improving their attacks. Given the scope of 5G, the vulnerabilities that will come along with its deployment are far and wide, driving the imperative to secure its services.
Carolina Advanced Digital is a leader in security and secure infrastructure solutions. As you get ready for 2021, contact us now for updates on relevant technologies such as CASB, secure remote access and teleworking options, services to monitor and protect against domain spoofing, and our suite of security and compliance offerings including consulting, vCISO services, security awareness training and our COVID-19 Executive Briefings.