Cybersecurity encompasses everything that pertains to protecting one’s sensitive data, protected health information (PHI), personal information, personally identifiable information (PII), intellectual property, data, and industrial and governmental information systems from damage and theft attempted by adversaries and criminals.
Cybersecurity risk is increasing, driven by global connectivity and usage of cloud services, such as Amazon Web Services, to store personal information and sensitive data. Poor configuration of cloud services with increasing sophisticated cyber criminals globally, implies that the risk that an organization suffers from a successful data breach or cyber-attack is on the rise.
Cybersecurity: A Global Threat
Gone are the days where simple firewalls and antivirus software were our sole security measures. Organisations can no longer leave information security to cybersecurity professionals.
Cyber threats can come from any level of the organization. We must train our employees about social engineering scams such as cyber phishing and even more sophisticated attacks of cybersecurity like malware or ransomware attacks designed to steal personal data or intellectual property.
GDPR and other laws mean that cybersecurity is no longer something businesses of any size can ignore. Security incidents regularly affect businesses of all sizes and often make the front page causing irreversible reputational damage to the companies involved.
Top 7 Cyber Security Trends
“It’s difficult to make predictions, especially about the future”, Niels Bohr once famously said. Nevertheless, during the mid of this year, let’s try to identify some key cybersecurity trends and developments we should expect to see in late 2020 and 2021. No more quotes for now, let’s dive into the 2020-21 trends:
- Data breaches to stay as highest security risks
Breaches concerning personal data are likely to stay as a major security and privacy concern. Organisations will increase their defensive measures not only due to tighter privacy legislation, but also due to negative consequences of a breach on their image.
- Phishing as top entry route into organisations
Over 90% of attacks will still use e-mail as their primary entry route into a target’s organisation, with more sophisticated and customised phishing attacks on the rise.
- Automation and orchestration
Driven by lack of personnel and in order to match the speed of automation, integration and orchestration in cyber security will be a key trend in 2020-21.
- Get cloud smart
Cloud adoption has been a savior during critical times of COVID-19. Companies need to strengthen cloud solutions to secure data stored on the cloud.
- Artificial intelligence and machine learning
While companies are using AI and ML tools to defend from cyber-attacks, attackers are using AI and ML models to intrude into the security systems.
- IOT: more devices, more risks
The speed of the technology life-cycle and for cost reasons, security will still stay an afterthought for a lot of IOT-device manufacturers, both in the consumer and industrial area.
- Building awareness
Lack of cybersecurity understanding amongst the employees has resulted in data breaches. There will be an increasing focus of organizations in cyber-security training for employees to help them in identifying phishing and malware attacks.
With the ever changing threat landscape, it’s clear that companies will have to continuously reassess their indicative and specific security risks, redefine their mitigation approaches and enforce corresponding security controls.
The COVID-19 Pandemic dominates the Cybersecurity World
The COVID-19 crisis has redefined means of official operations. Work from home is now the new normal. While the employees are managing work from home, there has been a surge in cyber-attacks in the form of COVID-19 themed phishing mailers, malware campaigns and ransomware attacks.
Here are a few examples of phishing and ransomware mailers:
- Information on COVID-19 vaccines, masks and hand sanitizer
- Free access to download tech solutions for video/audio conferencing
- Updates for social media applications and enterprise solutions
Security leaders from Small Medium Businesses to large enterprises need to continue their focus on the entire threat lifecycle which constitutes planning and detection, in-the-moment response, and remediation – recovery. This will help to prepare for additional unforeseen scenarios in the near and coming future.
This has ignited the need for robust system and basic security hygiene to protect home networks.
The COVID-19 pandemic has also forced organisations and individuals to embrace new practices such as social distancing and remote working. Governments are reconsidering ways to ensure that their countries are stable by developing and enforcing new economic plans. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cyber criminals around the world are undoubtedly capitalizing on this crisis.
The world has observed a spike in phishing attacks, malspams and ransomware attacks as attackers are using COVID-19 as bait to impersonate brands thereby misleading employees and customers.
This will likely result in more infected personal computers and phones. Not only are businesses being targeted, end-users who download COVID-19 related applications are also being tricked into downloading ransomware disguised as legitimate applications.
Cybersecurity Implications for the Post COVID-19 Era
As COVID-19 reshapes social interactions and transforms our work environments to more digital culture, the threat landscape on the cyberspace is also evolving with new vulnerabilities emerging.
Whether its cyber criminals looking to sell the Statue of Unity for $4 billion or a fake UPI handle that dupes monetary donations to the PM CARES Fund, policy efforts to “flatten the curve” on cybercrime leave a lot to be desired. Security flaws in platforms such as the videoconferencing tool, Zoom highlight the need for adequate cybersecurity preparedness, both amid enterprises and individuals.
Digital Immunity for the Future
The synapse between the COVID-19 pandemic and cybersecurity imperatives can be addressed with a call to action that the new Cyber Security Strategies on the anvil across the globe can address. New red lines that have emerged only draws to us the reality that it isn’t possible to hermetically seal our societies or the networks. The new policies by the world governments must be in sync with the modern realities and look to adapt to future disruptions in reinvigorating trust and boosting our digital immunity.