To deal with these permanent changes and increased risks, organizations are looking at a range of piloted or adopted developments in 2021. These include zero confidence, deception technology, authentication solutions, access controls, application management, cloud-based security services.
FREMONT, CA: The COVID pandemic was a difficult one for security teams in 2020. Ransomware attacks have increased. Besides, remote work has undermined and damaged security processes. Thus, CISOs have been forced to change their short-and-long-term strategies. 2021 is going to be different, for better or worse is uncertain. Following are three main patterns in forecasting and how they could be applied in 2021.
Cyber-criminals are opportunists. The pandemic made companies more fragile as they tried to deal with the fallout. This aspect has made 2020 a boom year for ransomware attacks, mainly in terms of increased scale. It was also estimated that ransomware accounted for 41 percent of all cyber-insurance claims filed in the first half of 2020.
Businesses, universities, and healthcare institutions trying to deal with the pandemic cannot afford to get their networks off-line due to a ransomware attack, and the attackers recognize that they are more likely to pay. Increasing pressure to submit to blackmail, targeting the most vulnerable victims, and strategies that make it more challenging to retrieve encrypted data will keep ransomware the most lucrative business line for cybercriminals in 2021 and the single biggest threat to all organizations. This aspect makes it essential for CISOs to follow best practices to mitigate ransomware risk in the coming year.
2. Organizations Reassess Security Approaches and Technology Stacks
Many, if not all, the newly remote endpoints that security teams unexpectedly had to secure in COVID's home shift work will become permanent. The pandemic has also motivated businesses to initiate or accelerate digital transformation programs, the most important of which is to move more applications to the cloud. That, too, needs a review of the security policy and infrastructure.
Security officials are becoming more and more concerned about nation-states' direct and indirect risks and their proxies. To deal with these permanent changes and increased risks, organizations are looking at a range of piloted or adopted developments in 2021. These include zero confidence, deception technology, authentication solutions, access controls, application management, cloud-based security services.
3. Security Talent Acquisition: Demand Rise
As security leaders react to the pandemic's long-term changes, many are likely to recruit personnel or change the makeup of their security teams. It is hard in the best of times, but with everyone reassessing personnel needs, recruiting security expertise is bound to get more challenging in 2021.
One alternative is to accept remote security personnel. Many organizations have avoided recruiting remote security experts, but the pandemic has taught many that not all security expertise needs to be on site. This instance frees companies to extend their quest for hard-to-find talent to various geographic regions.
The other recommendation is for employers, educational institutions, and local labor development services to work together. By defining specific protection needs, talent can be built together at the local level. For example, organizations can make it easier for job-seekers to perform security roles by communicating the importance of security certifications and reducing their costs.