Cybersecurity Predictions 2021

Rob McFeely, Co-founder, Octiga

2020 threat landscape managed to keep the cyber professionals on their toes. We saw ransomware attacks, phishing attacks, business email compromises, and cloud-based attacks. These attacks not only cost organisations in terms of money but also their reputation. Building cyber resilience and identifying ways to fortify the existing security tools have become the mantra for the security vendors in 2021. Let us find out what to expect in cybersecurity in 2021. 

1. Cloud-first Security Strategy  

In the aftermath of the pandemic, Gartner forecasts that worldwide end-user spending on public cloud services will grow 18.4% I.e., from $257.5 billion in 2020 to $304.9 billion in 2021. However, this rapid momentum of cloud-based service adoption has also opened a big doorway for cyber threats. Between January and April 2020 alone, cloud-based attacks rose by an astonishing 630%. This makes cloud-first security strategy number one security trend for the year 2021. 

A cloud-first strategy refers to building programs & applications or moving to third party SaaS platforms in the cloud to save time and cost. The security challenge with migrating to cloud comes when organisations use the security protocols belonging to a pre-cloud era. These protocols are not only inefficient for cloud but also offer incomplete protection considering the degree of sophistication of threats today. In 2021, organisations should focus on strategies like securing native cloud applications, deploying web protection and limiting user privileges to achieve safe cloud access.  

2. Holistic Security Approach  

A robust cybersecurity strategy is not limited to just owning sophisticated security tools. The hackers in 2021 are much more intelligent and dexterous, and in many instances have more sophisticated hacking tools and techniques to break in. Thus, a holistic approach is necessary to get an accurate picture of the risk landscape. A holistic cybersecurity approach balances cyber resilience and efficient operations. It emphasises on remediating the attacks as well as solidifying the organisation against future attacks. This means including people, processes and technology in your risk management strategy. 

Source 

Year 2021 is all about choosing a holistic approach of cybersecurity, by making  NIST security framework as the backbone of your security posture. Choose technologies that help your business identify, protect, detect, respond, and recover, over just expensive software with a fancy-looking front end. 

3. Automation of Cybersecurity  

Cybercrime stats reached new peaks during the pandemic.  A report by Microsoft revealed that by the end of March 2020, every country in the world saw at least one COVID-19 themed attack, most of them belonging to categories like phishing and identity compromises. 

Source 

Going as many as 4000 attacks a day, one can imagine the level of pressure and workload a security personnel must be facing during these tough times. This is exactly why the year 2021 calls for hyper-automation of cybersecurity. This means automating as many security processes as possible through tools like AI and machine learning so that all the alerts arising from potential threats do not drive a security expert insane. Choosing security automation will thus offer a greater threat visibility, reduced human error and faster detection time. It will also make up for the current gap in cybersecurity talent demand and supply. 

4. Protection against Business Email Compromise Attacks for SME 

recent report on BEC attacks highlighted that the median number of business email compromise attacks increased by 15% in the third quarter of 2020. What we learnt from the latest BEC scams was cybercrimes do not discriminate against the size of the organisation. Approximately 1 in 323 emails that small businesses receive is malicious. In the past year alone SMEs have lost around $142 million to 4,255 email scams according to Smart Company. This year will be no different when it comes to BEC burning a deep hole in the pockets of the SMEs. SMEs need to re-define their security goals and increase their cybersecurity budgets to build a thorough cybersecurity approach. 

5. Device Administration Strategy 

The popularity of cloud computing led to the rise of BYOD or Bring Your Own Device. This trend helped organisations cut the costs of providing hardware to each employee and improved productivity by allowing access to enterprise data inside and outside the workplace using their personal devices like smartphones, laptops, and palmtops. What has fueled this revolution is the rise of remote working in the present scenario. It is expected that the BYOD market size will reach $366.95 billion by 2022. To avail of all the benefits of BYOD, organisations turned a blind eye towards the potential threats that came along. With the possibility of multiple entry points into the enterprise database, inability to transfer files in a secure network and failure to download security patches, make BYOD the prime hazard for 2021. Hence, revamping the BYOD policy should be the top priority this year. 

Make Cybersecurity Everyone’s Business 

Today cybersecurity is not just a matter of concern for the IT department in a company, it has become every employee's business. In 2021, security awareness should expand beyond just a few PowerPoint presentations once a month. For establishing it as a company’s culture, regular drills for different cyber-attacks and providing security tools that can be easily configured, irrespective of the level of technical expertise of employees, is the need of the hour.  

At Octiga, we cater to the need for automation, affordability and simplicity in cloud security to help organisations and employees secure themselves. As a true SaaS, born in cloud, Octiga solutions offer a holistic approach to cybersecurity, which is in alignment with NIST security framework to strengthen the security posture of organisations of all sizes.