Seldom has world affairs been so dynamic and far-reaching as it is now. And it was hardly more difficult to provide assessments about further developments for companies. Nevertheless, important findings for 2020 can be derived from the developments in IT security 2021.
The year 2020 was unprecedented. Looking back, it is initially difficult to identify highlights or “good news”. Looking at the year from a technology perspective, on the other hand, there is a silver lining: stay-at-home orders from governments have resulted in a major leap in corporate digital transformation efforts.
Digital transformation as a goal
Digital transformation has been a long-term goal in a large number of organizations since the early 2010s. The arrangements for remote work have now ensured that companies have completed several digitization steps at once: The use of the cloud has increased in order to maintain work processes and to be able to provide business models quickly. It is quite possible that without the need to work remotely, digital transformation would still have been on the to-do list of many companies in the coming decade. Now, however, the ghost is out of the bottle: Companies that perceive an improvement in efficiency due to the fully digitized processes are now starting the discussion about a new work culture. The 5G network expansion, which is currently being promoted worldwide, offers them a perspective with a wide range of design options.
Boom for hackers
After all employees around the world had quickly switched to a self-isolated daily work routine with often temporary digital equipment, cyber criminals were also bustling with activity. The crimes reported to the FBI's Internet Crime Complaint Center (IC3) have almost quadrupled since the beginning of the corona pandemic. A development that will continue in 2021. The number of active Internet users, which amounted to 2020 billion in July 4,6 and thus represented 59 percent of the world's population, will continue to grow this year. 84 percent of companies will continue to support high levels of teleworking, depending on the status of local regulations. In combination with technologies such as 5G, which also make cybercriminals' work easier, it can be assumed that the number of those affected by cyber attacks will continue to rise.
This year, too, large-scale phishing campaigns, which, for example, use news about the infection process or advice on government subsidies as bait, can be expected. Phishing attacks are far from new. Fortunately, awareness of such attacks has grown significantly in recent years. Nevertheless, hackers with this social engineering tactic are extremely successful in uncertain, stressful times with nervously tense victims. The recipients of these messages are more likely to click malicious URLs, open attachments, and divulge personal information. The management of insider threats will therefore remain one of the most urgent challenges for IT security teams in 2021.
Medical institutions and financial companies as targets
From the developments in 2020 it can be concluded that cyber criminals will increase the effectiveness of their attacks. Clinics or other medical facilities such as laboratories could increasingly be selected by hackers as targets for ransomware attacks. Due to their high relevance in the pandemic crisis, criminals may see higher chances of successfully extorting ransom. Likewise, the ability to steal sensitive data makes medical facilities an attractive destination.
Financial service providers, on the other hand, are attacked comparatively rarely. If this is the case, however, the damage is much greater and more detrimental than for companies in other industries, as Bitglass found: In 2019, only seven percent of all security breaches were caused by financial service providers. However, the data sets stolen there had a majority share of 62 percent of the total annual amount. The high resale and utility value of financial data makes financial institutions a lucrative target for cyber criminals.
In addition, financial and medical institutions could also act as secondary targets: hackers infiltrated them to steal records that enable them to credibly appear on their behalf in other criminal campaigns. Authentic-looking e-mails with typical formulations and seemingly real case numbers can ensure a higher success rate in broad-based phishing attacks.
Data security with tight budgets
IT teams are currently faced with the task of ensuring the security of company data with tight budgets even in unusual situations. After years of growth, IT spending fell nearly 2020 percent in 10. That trend is expected to continue in 2021, as Forrester predicts US tech investment will decline another 1,5 percent - a drop of $ 135 billion from the 2019 high. Not surprisingly, considering the U.S. economic deficit rose from $ 779 billion in late 2018 to $ 2,8 trillion in July 2020.
Despite budgetary adversity, CIOs need to close the digital transformation gap in their organizations. Failure to figure out how to maintain data security while working remotely resulted in nearly 2020 percent of organizations paying unexpected costs for cybersecurity breaches and malware infections in 25. If companies don't rethink their security approaches, cyber criminals will develop their tactics and use remote workers as ideal entry points into the company's IT ecosystem.
Decision-making pressure for companies
In terms of technology, companies currently have the best prerequisites to carry out the digital transformation once and for all. However, difficulties can arise in IT security from the heightened threat situation. Organizationally, you are faced with the challenge of keeping your business model agile for relevant, short-term market events, even in remote work operations. On the other hand, they have to find suitable ways of permanently establishing data security. In these extremely uncertain times, companies see themselves under significantly greater pressure to make long-term strategic, rational decisions.
More on this at Bitglass.com[starboxid=4]