Finally! 2020, an unprecedented year from our nightmares, is coming to a close. Between pandemics and politics, I’m sure we are all ready for the fresh slate that the New Year presents.
But, before we dive into 2021, it’s important to reflect on the lessons we’ve learned. This year has taught many of us the importance of preparation. For some this was accomplished by stockpiling toilet paper, hand sanitizer, and an assortment of frozen meals. While others, especially businesses, prepped by acting on the need to upgrade their network security as more of their employees transitioned to working remotely. Whatever form was exercised, one universal message rang true; preparation is the key to getting a leg up on the competition, ensuring safety, and gaining confidence in future success.
While no one has a magic crystal ball (although we wish we did), 2021 is guaranteed to bring new ideas and changes into the world of cybersecurity. These changes are certain to affect how, where, and when we work and the devices that are put to use.
Set your business up for success by taking a sneak peek at these six cybersecurity predictions that are sure to play a role in 2021.
Work From Home
Work from home is expected to continue well into the new year as businesses have remodeled their business models in response to the COVID-19 pandemic. In consequence, BYOD, or bring your own device, rates have shot up approximately 85% as more organizations are allowing employees to use their own devices for work. While many businesses are drawn to this option thanks to its convenience, concerns about the security of sensitive work-related information have risen.
In a recent Bitglass survey, 70% of respondents reported that employees are allowed to use personal devices in their day to day business efforts, while 63% of respondents raise their concern about data leakage, insecure app downloads, or unsafe content. Many personal devices lack proper security protocols, creating an unstable network of insecure devices. This allows vulnerabilities to run rampant, increasing the chances of a data breach.
For this reason, businesses have been seeking alternatives to regain control. Some organizations have even gone as far as requiring employees to give them access to their devices, forcing them to give up the pins and passwords to the cloud services they use. As one could guess, employees are not fond of this practice and feel that their employer is breaching personal privacy and has led business owners to question whether or not to embrace the adoption of BYOD. While many stay-at-home orders are still enacted, businesses are encouraged to look into the next steps when it comes to sensitive data and device use.
The Threat Landscape
According to Verizon’s annual Data Breaches Investigation Report, 22% of data breaches featured a social engineering aspect. These social engineering schemes often feature phishing emails that aim to impersonate people that you work with or companies that you do business with.
Deepfakes, a newer component in phishing attacks, have become a hot term for cybersecurity professionals. This malicious technology uses artificial intelligence to superimpose and combine both real and AI-generated images, videos, and audio, making them indistinguishable from actual footage. This malicious addition had effectively fooled employees to reveal their security passwords and sensitive data. For example, in 2019, a British energy firm lost a quarter of a million dollars after the CEO thought he was on the phone with the chief of the company’s parent organization. While this isn’t as common as the typical phishing email, experts forecast that this type of attack will eventually become the norm.
On another note, mobile app malware will also become a larger issue in 2021. Applications like Google Play or SpyPhone applications have been discovered to have insecure security measures in place, leaving its users at risk of breach. Before downloading any mobile applications, be sure that they are made by a reputable source.
The Possibilities (and Risks) of 5G
5G is officially here after the recent release of the iPhone 12. This long-awaited advancement of 5G is introducing faster speeds and stronger network capabilities for users. However, as excited as we are about 5G and its capabilities, users should be aware of some risks.
5G allows for faster connection and quality due to the increased bandwidth. The dramatic expansion will put companies at risk with its use of more, smaller antennas than its 4G predecessor. The increase in the number of antennas means that there are more hard targets for cyber criminals to seek vulnerabilities in and use for attack.
This extra space allows for more devices to be connected and efficiently supported. However, by connecting all your devices, especially smart devices, you could create a network of hundreds of security risks that could leave your company vulnerable to attacks like 2019’s VPNFilter hack that infected more than 500,000 consumer grade routers across 54 countries. Before jumping on the new tech trend, be sure that you have proper security in place.
The Future of the Cloud
Not very long ago, it was typical for businesses to store company data on private servers hidden in closets, offices, or even warehouses. Now data storage has reached new heights with the common use of cloud computing, a term coined in 2006 by Google’s CEO, Eric Schmidt.
Cloud computing services like Amazon Web Services and Microsoft Azure have seen a dramatic increase in sales over the past few years. In fact, Alibaba Cloud, a Chinese cloud computing company, has had its sales climb 59% year over year. While this service was expected to take off in the coming years, the COVID-19 pandemic quickened the timeline for cloud adoption as the remote workforce has become more of a permanent shift for many large firms. We now expect the industry to achieve record-high sales of $307 billion in 2021 as reported by Gartner.
Not Spending On Cybersecurity Could Cost You
If 2020 has taught us anything, it is that we must expect the unexpected, especially when it comes to cybersecurity.
A recent Clark School study at the University of Maryland reported that cyberattacks, on average, occur every 39 seconds and affect one in three Americans annually. To make matters worse, the costs of cyberattacks on companies are climbing dramatically, forecasted to cost 6 trillion dollars globally in 2021. That is twice the amount of commercial losses caused by cybercrime in 2015, making it a record year in cybercriminal activity.
With cybercrime becoming more profitable than all of the illegal drug trade of major drugs in the world, combined with the fact that 43% of technology leaders expect over half of their staff to remain working from home, it is safe to say that cyber criminals aren’t going anywhere anytime soon. No longer is this situation an “if I get breached then..”, rather “when my business is hit by a cyber attack, am I properly prepared to defend against it?”
The Lack of IT Talent
The search for tech talent is ongoing and will continue well into 2021. In fact, 3.5 million cybersecurity jobs are expected to be left vacant, tripling 2014’s deficit of 1 million positions. Many businesses are struggling when looking for qualified IT teams to build out a force of front line cybersecurity soldiers.
However, recent studies discovered that the shortage isn’t due to a lack of talented individuals with a passion for technology. Rather, companies are hesitant to invest in developing tech talent, are unable to find the right fit, or can't offer reasonable pay or benefits for specialized tech positions. Until these problems are addressed, it is likely the tech talent shortage will worsen.
Meanwhile, businesses struggle to get the proper security measures in place, are overwhelmed by the demands of the IT world, and their current IT staff members are pushed to their limits—forced to work long hours, interrupted on weekends or during vacation, and have little time to further their skills with ongoing training.These issues combined with the talent shortage have made co-managed IT a desirable option for many.
All in all…
Get ahead of next year's problem and plan accordingly with these predictions. The New Year will bring in great potential with the use of 5G and cloud storage, however businesses should be aware of their risks. As businesses continue down the path of remote work, the risk of being exposed to deepfakes and phishing emails are considerably increased. Investing in powerful cybersecurity solutions is an essential part of your upcoming business strategy to adequately defend against 2021’s challenges.