Cyber Security in 2021
19th March 2021
THE CHANGING FACE OF ENDPOINT CYBER SECURITY
2020 was surely a year to remember that most of us will want to forget. The first rule of 2021 is to never talk about 2020!
However, as we recover from the worst pandemic in a century, we need to look back on the past year and learn from the cyber security mistakes we may have made and examine some predictions for the future.
BRING YOUR OWN DEVICE (BYOD), BUT NOT AS YOU KNOW IT
The pandemic has turned BYOD on its head. Workers are now bringing work devices to their homes instead of bringing home devices to the office.
For organisations that had BYOD under control in the past few years, this shift is a growing concern as staff carry out even the simplest work tasks at home with an increased risk of data leakage. As businesses rushed to support the massive increase in employees taking their devices home, no doubt many were exposed to cyber security gaps, challenges, and misconfigurations.
Company devices that had never moved beyond the organisation’s walls – kept safely behind firewalls, IDS, DMZs and set up with security solutions that kept cyber criminals from attacking them – are now outside those protected networks. These remote devices are potentially vulnerable to cyber attacks if existing on-site security solutions are no longer fully effective.
SECURITY STARTS WITH PROTECTING USER ENDPOINTS
More than ever before, it is now imperative that secure remote working starts with protecting the user endpoint. Strong cyber security awareness training is essential to prepare an employee to be the first line of defence. Privileged access security is critical to protect access to data, applications, and systems – and active endpoint security should control what activities can be executed on the device.
As explored in a previous blog in December 2020, we saw a rise in phishing attacks exploiting COVID-19 concerns through malicious domains, social profiles, and campaigns. We know phishing is here to stay, especially with the home workspace starting to blur the lines between work and personal life.
RANSOMWARE WILL GET WORSE WITH REMOTE WORKING
The widespread shift to remote working resulted in undetected security vulnerabilities, making it a matter of “when” not “if” a cyber breach will occur. As the pandemic forced organisations to quickly revamp their IT operations and establish remote working, the door was open to new security threats.
It’s important to remember that ransomware is not just a security incident where information is hacked; it’s a data breach by organised cyber crime groups stealing the data before they encrypt it. This means that companies not only have to worry about getting their data back, they also worry about it being shared publicly with the associated impact to brand reputation, customer trust and regulatory fines.
CLOUD SECURITY WILL BECOME FIRST-CHOICE FOR STRATEGY
During the COVID-19 crisis, investment in technologies supporting remote working and cloud solutions dramatically increased. This will continue to accelerate as we move towards more complex, data-intensive workloads. Cloud is no longer a cutting-edge experiment; it’s now a business requirement, fuelling better economics and more innovation at a greater speed.
Enterprises are looking for cloud-enabled capabilities including data analytics, artificial intelligence, and more resilient data solutions – all to help cut costs and generate revenues from new services. At CSI, we are seeing more and more organisations prioritising cloud spend as the largest share of their IT investment over the next two years.
CYBER SECURITY EXPERTS TO BUILD YOUR STRATEGY
In 2021, companies need to take stock of security awareness and provide the knowledge needed by their employees to recognise and fend off cyber and phishing threats.
Our Cyber Security Consultants are experts in developing security and risk strategies using our portfolio of Advisory, Professional and Managed Security Services.
We can help you run custom phishing campaigns to ensure security is front of mind while employees remain outside the office – or implement agent-based scanning to help you detect and monitor disconnected endpoints and shadow IT to reduce potential vulnerability.
To find out how CSI’s Security Services can help reduce your risk exposure to zero-day threats and enable your users to become a better first line of defence, download our security brochure.
Blog by Leyton Jefferies, Head of Cyber Security Services & Solutions at CSI