The ‘new normal’ induced by the COVID-19 pandemic has led to the confluence of various trends. As the storm passes over, the adoption of various technologies has accelerated: New processes and systems to expedite the pace of digital transformation were created. According to an article by Forbes, 83 percent of enterprises transformed their cybersecurity in 2020.
As companies struggle to adapt to the new normal, it comes as no surprise that data breaches have grown by 273 percent, as per a study by Iomart. With a renewed focus on cybersecurity in 2021, an article by Forbes highlights the major trends that are shaping cybersecurity in 2021 and beyond.
- Remote workforce risks
As offices closed and employees shifted to a remote-working-environment, cybersecurity threats have increased exponentially. A Keeper Security report that surveyed 2,215 IT and information security personnel in the United States, New Zealand, Australia and Europe had startling revelations: 71 percent of the companies surveyed expressed concern about endpoint security being compromised due to remote workers. Employers highlighted that they were mostly worried about physical security practices on the personal devices of remote workers. Many organizations, as many as 42 %, did not know how they could prevent cybersecurity attacks on remote workers. Only a mere 35 % used multi-factor authentication and as many as 31 % did not implement authentication protocols for remote-workers.
31% say they are not requiring remote workers to use authentication methods, and only 35% require multi-factor authentication. The use of remote desktop protocols and virtual private networks increased significantly.
- Managed Detection and Response services
It is easier to fix a breach if it is identified quickly. It is here that a managed-detection-and-response (MDR) service can play a critical role. MDR services are forecasted to be used by 50 percent of the organizations worldwide by 2025, according to Gartner.
Companies need expertise to remediate, and figure out how root causes of breaches can be circumvented: MDR solutions must not only offer alerts but also actionable advice. MDR services usually use analytics and threat detection as their areas of emphasis. Companies must seek MDR service solutions that offer real-time alters, quick responses, and 24/7 monitoring.
- Zero Trust Networking Strategy
There are many devices connected to a network in a remote working environment. Consequently, the potential for threats increases and trust is a critical factor. Once a network is compromised, hackers gain access to increasingly critical information that can make such breaches very expensive for organizations. Zero trust is a security model defined by Forrester in 2010, which serves as a set of guidelines for a security strategy to cater to the security needs of dynamic workplaces.
A zero trust model can help mitigate such threats by choosing to never trust and always verifying connections. Such an approach creates an effective protocol for keeping cybersecurity vulnerabilities in check. Further, IT teams can focus on more critical tasks as there are fewer points to administer. Employees work in an environment where they gain access to only those systems and applications that they have to work with.
- Security Awareness Education And Training
Human error or at times careful sabotage is a weakpoint for even the most robust security systems. Endpoint security is cause for much concern as 30 % of the data breaches in 2020 were due to endpoint security breaches, as per a 2020 Data Breach Investigations Report from Verizon.
Employees must have an awareness of best practices for security and implement good security hygiene. Since cybersecurity threats are constantly, training too should be in a continuous manner as remote-work becomes the new normal.
2020 has accelerated many trends in cybersecurity including cloud adoption. As organizations focus on agile infrastructures and remote-work, cybersecurity measures must also be scaled-up. A strategic approach towards cybersecurity is needed where business leaders, industries, and regulators collaborate to address cybersecurity challenges better. While there is no panacea, an effective and continually evolving policy framework can help keep threats in check for the long-term.