Cybersecurity will be a top priority for organisations of all sizes in the new year as digtalisation strategies are ramped up. But with such a complex and continually evolving threat landscape, it can be difficult to know which areas to prioritise. Here, Andy Heather VP, Centrify, outlines the cybersecurity trends of which SMEs need to be aware as we move into 2021.
‘Cybersecurity’ has been surging exponentially in importance year-on-year as dependency on information technology, Big Data and the Internet increases in fortitude and expands to new industries and organisations of all sizes.
Over the last year especially, as COVID-19 forced millions of office workers into a remote environment, the gap between security provisions in business, or lack thereof, compared to the severity of the cyber threatscape, has never been wider.
This is because the uncertain climate caused by COVID-19 has stripped organisations of their resources and staff, while simultaneously providing cybercriminals with more opportunity for attack, via newly remote workers, unsecured home devices and dispersed networks of computers and endpoints, for example.
Unfortunately, small and medium sized enterprises are currently some of the most vulnerable organisations to the surging cyber threatscape, with a recent report even revealing that UK SMEs face more than 10,000 serious cyberattacks a day, with individuals attacks poised to set back UK SMEs by £1,300 on average.
Now that we’ve reached the end of 2020, businesses will be looking optimistically towards the new year, with promises of a new vaccine generating hopes for a buoyant global economic recovery and prompting a review of IT and tech spend.
As a result, new trends in cybercrime and technology could surge like we’ve never seen before. Here I will delve into some expected trends and what businesses can do to beat the curve, stay ahead and remain safe.
Cloud adoption in 2021 will continue to grow rapidly amongst SMEs as more companies look to leverage the scalability, flexibility and efficiency enabled by cloud infrastructure and SaaS solutions.
In fact, a recent Centrify study revealed the remote work shift rapidly accelerated half of companies’ cloud transformation plans. For those who were not cloud-first, the pandemic revealed a glaring reality: businesses must embrace the cloud as a necessity in the modern tech landscape rather than view it as an option.
Looking to 2021 and beyond, almost all businesses will most likely rely on cloud storage, infrastructure and workloads to survive. Mid-size, large and global enterprises will look to leverage multiple cloud providers to meet a range of requirements and utilising an approach focused on increased efficiency, agility and security, businesses can be better-equipped for this inevitably multi-cloud focused future.
Our results have suggested that messaging and video conferencing platforms will become the catalysts for the next wave of phishing attacks. Spear phishing attacks have steadily been on the rise as a result of COVID-19 and affected many businesses worldwide. As organisations continue to work remotely and rely on video conferencing and messaging platforms for daily correspondence among team members, cybercriminals will likely creatively leverage the range of ways we connect in a remote world. From video conferencing platforms to messaging apps, these channels keep us virtually connected to our colleagues but leave substantial room for cyberattacks.
Throughout 2021 as we grow accustomed to communicating digitally in real time, we will see a rise in cybercriminals utilising employee accounts to conduct phishing attacks, potentially even including spear phishing by video (e.g., using ‘deep fake’ technology) and spear phishing on third-party messaging platforms (often through hackers weaponising webhooks).
Prevention for this new, opportunistic wave of phishing will need to go beyond training. Organisations of all sizes should plan by requiring multi-factor authentication (MFA) wherever possible as well as ensuring they leave zero standing administrative privileges.
MFA is designed to create more certainty that the person using the username and password is who they claim to be based on something they know (such as a password or PIN), something they have (such as a smartphone or hardware key), or something they are (such as biometrics including Face ID or a fingerprint scan).
Ransomware incidents will triple – and data exfiltration will overtake encryption as the attackers’ end game. Since the beginning of 2020, research has shown that ransomware attacks are rapidly increasing. It is likely that ransomware variants will continue to evolve into more sophisticated threats.
These statistics illustrate a persistent onslaught of threat actors that could indicate 2021 will be our most challenging year yet in combating ransomware in the enterprise. What is important to understand is that the attacks do not just attempt to execute a lockout or encryption of data anymore but are increasingly aimed at extraction or stealing data from organisations.
While some cybercriminals may sell the data on the Dark Web, others may threaten to leak the data for a higher pay-out on the ransom. We predict that this will become hackers’ ransomware end game – though the risk of detection rises along with the potential payday.
Granting ‘least privilege’ is essential in preventing unauthorised access to business-critical systems and sensitive data by both external actors and malicious insiders.
Striving towards zero-standing privileges and only granting just-enough, just-in-time access to target systems and infrastructure can limit lateral movement that could lead to data exfiltration and additional damage.
AI will re-learn how to squash insider threats
September was Insider Threat Awareness month and a lot of attention was paid to the threat but not always to the remedies. Fortunately, more tools are relying on AI technology to address this challenge, such as data loss prevention (DLP) and user and entity behaviour analytics (UEBA).
However, these tools must establish a behavioural baseline first, which has not been helped by the pandemic because those baselines basically need to be redone to make those tools effective again. While this represents the drawback of relying too much on AI, it also shows the dynamic resiliency of AI in that it can re-learn what it needs to be an effective security tool, which will be important as we continue to adapt to pandemic-related challenges in 2021.
When AI is utilised in authentication, it provides the ability to be far more dynamic, create less friction and guarantee real-time decisions. In the context of privileged access management (PAM), we know that adaptive multi-factor authentication (MFA) is one example where a multitude of authentication factors combined with taking dynamic user behaviour into account can dramatically reduce risk when making authentication decisions.
In 2021, this could lead to AI being used more frequently to establish real-time risk scores and stop threats at the authentication stage before they can get in to do real damage.
The drastic COVID-19-related changes to the way people live and work has changed the way attackers operate. The implications of these shifts for 2021 are significant. Over the past year, companies became less secure due to hastily-deployed remote work solutions. That has translated into a lack of employee training, default laptop configurations left unchanged and vulnerable remote access connections. Together these trends have opened up a myriad of new attack vectors, including targeted ransomware campaigns.
Disruption caused by COVID-19 is inevitable and SME leaders have enough to worry about without contending with things like cybersecurity and compliance issues.
Unfortunately, cybercriminals have sensed an opportunity amid the pandemic, launching a spate of attacks that exploit people’s fear and uncertainty. It’s therefore more important than ever to make sure your organisation is capable of fending off attacks and preventing data breaches.
Cybercrime in 2021 is set to evolve, with new hacking practices becoming more widespread, ransomware gangs consolidating and advanced exploits being used more effectively to target victims.Click below to share this article