17 Mar What Are the Top 5 Cybersecurity Concerns for 2021?
Most of us are glad to see 2020 in the rearview mirror, but what does 2021 hold? What cybersecurity issues are keeping IT leaders awake at night in this new year? Let’s see what insiders and security professionals have to say:
Top Four Cybersecurity Concerns for 2021
1. Increase in Remote Workers
This past year saw a surge of employees thrust into remote work at an unexpected rate. Though a steady trend of remote roles was already on its way, 2020 escalated companies’ remote workforce from 22 percent to 58 percent. Organizations had little planning time and little experience with such setups. Many workers had to use their personal devices and wireless connections–devices and connections whose security statuses were unknown to the employer.
Even though some businesses have now had the time to refine their remote cybersecurity protections, many have not. Some have found find that they lack resources to adequately manage the risks … and cybercriminals are well aware of this. In 2020, the security firm Kaspersky reported a severe spike in brute-force hacking attempts against remote desktops, and the search term “how to remove a virus” increased by a whopping 43 percent. Rightly so, 52 percent of compliance and legal leaders express worry about third-party cyber risks related to remote work.
2. Unsecured Cloud Environments
This past year also brought us a rise in organizational migration to cloud services. Along with a remote worker rush, many organizations scrambled to maintain business continuity and productivity. Reports are coming in that businesses have failed to lock down cloud databases and storage, neglected to patch systems, stored credentials in vulnerable locations, failed to maintain general cybersecurity hygiene and as a result, suffered cyberattacks.
3. Insider Threats
Insider threats are another security risk that emerged as an offshoot of more employees working remotely. Many employees’ personal devices aren’t equipped with proper cybersecurity and subsequently, they put organizations’ data at risk. Additionally, many organizations don’t properly train their employees in cybersecurity best practices and the unexpected surge of remote workers didn’t help that situation. Unaware employees are more likely to inadvertently open infected emails or links. Perhaps, in fact, some workers feel more emboldened in their own environment and give in to temptation, intentionally committing malicious acts, like stealing data or selling credentials.
4. More Malware and Phishing
Malware and phishing are still favorites of cybercriminals, and experts don’t see them relenting. In fact, such attacks have escalated with increased remote environments. A staggering 47 percent of employees admitted that distraction was the main reason for them falling for a phishing scam while working from home.
Phishers, in particular, have exploited people’s fears, using current events and financial climates to lure vulnerable people into clicking on malicious links. Another new method to hook victims is “email thread hijacking.” This technique steals email data from a compromised system. The phisher then uses the data to reply to real conversations with messages infected with malware.
Help Your Clients Address Concerns
If your clients harbor these concerns, as an MSP, you can help them with an internal cybersecurity service. Often, more effort is focused on securing the external perimeter of the network using firewalls, anti-malware and other measures. However, many breaches originate from the inside of an organization. The most potent cybersecurity requires a full-spectrum approach. Complement external cybersecurity efforts with an insider threat detection solution that will monitor access and establish normative patterns of end-user behaviors.
Check out our helpful whitepaper to learn more.
Sources:
- New Security Report Breaks Down Increase in Cyber Attacks Due to Remote Work; Lack of Training, Overwhelmed IT Departments are the Main Issues, CPO Magazine, 2021
- Remote Spring: The Rise of RDP Bruteforce Attacks, Kaspersky, 2020
- 43 CV Cybersecurity Statistics, Panda Security, 2020
