Cyber ​​Security Trends in 2021: Increase Budgets, Focus on Endpoints, Cloud

In 2021, the work-from-home trend will continue to shape the cybersecurity landscape. Therefore, mobile terminals will become the main target of hackers.

–

After shrinking in 2020 due to the impact of the pandemic, the 2021 cybersecurity budget will increase again. Authentication, cloud data protection, and application monitoring will be at the top of CISOs’ budget and security priority lists. According to experts, this is one of the topics that will lead the security market in the coming year.

Home is where cyber attacks will take place in 2021

Due to the COVID-19 pandemic, information technology employees have to work from home. Therefore, they have to invest more in cybersecurity and begin to depend on new technologies such as cloud services and digital collaboration systems such as Zoom, Skype, and Slack. These trends occurred in 2020 and will have a lasting impact.

Nearly 70 organizations participating in Skybox’s survey said a third of their workforce will still work remotely for at least the next 18 months. That will trigger the need for endpoint protection for these employees in the coming years. Protecting endpoints will impact 55% of IT staff’s workload, as companies look to protect employees and associated assets remotely.

Failure to secure endpoints and insecure home routers will result in sensitive information being transmitted over insecure or unmanaged channels leading to data breaches and leaks.

–

Unmanaged work-from-home demands lead to data breaches and leaks.

Internal threats

The change in human resource needs and remote working will create a huge attack vector for hackers. Forrester researchers believe the trend of remote workers will fuel insider threats. About 25% of data breaches are tied to insider threats; in 2021, this rate is expected to increase by 33%.

In addition, 2021 will witness the development of the “insider-as-a-service” model. Attackers will be recruited as employees, from whom the attackers will collect sensitive information. These attackers will become agents who overcome the interview process and other barriers created by human resources and security teams.

–

Be careful with your Inbox

Endpoint protection solutions confront the most common challenges of today and tomorrow. Inboxes or incoming emails will be the perfect medium for ransomware attacks, phishing attacks, and malware infections.

In the future, researchers warn that organizations and businesses should be wary of a sharp increase in phishing attacks in 2021 due to high automation. Cybercriminals have begun creating tools that can automate aspects of phishing attacks that they previously needed to do manually. This will significantly increase the number of phishing emails that attackers can send at once, which will improve success rates. However, these high-volume automated phishing campaigns can be less complex and easier to detect than attacks tailored by hackers to individual victims.

–

Exploding cloud security

Cloud adoption will only accelerate over the next few years with Software-as-a-Service (SaaS), cloud hosting. About 35% of enterprises plan to accelerate workload migration to the cloud in 2021.

In the coming years, budget allocations for cloud security will double as companies look to protect the assets they built on the cloud in 2020. Distributed cloud is the process of migrating business operations to public clouds, private clouds, or hybrid clouds, and distributed clouds will be the focus of businesses in the future and have significant security implications.

When moving to the cloud, businesses have transferred the responsibility and tasks of operating hardware and software infrastructure to cloud service providers. This change drives security actions such as looking for misconfigured network connections, assessing data risks, detecting accounts with over-granted permissions, and monitoring the cloud to detect violations. Policy violations, and automatic misconfiguration detection…will be complied with common Security standards such as GDPR, HIPAA, and CCPA.

–

Automation, artificial intelligence, and machine learning

Hyper-automation is a process by which businesses will automatically perform as many business operations, and information technology processes as possible using artificial intelligence (AI), machine learning, robotics, and other automation tools.

47% of IT executives say cyberattacks have increased significantly since the pandemic began. Recently, 36% said they have experienced an increase in security vulnerabilities due to remote working.

The number of security alerts is too large for the cybersecurity team to handle. Now, automation and machine learning help security teams separate urgent security alerts from a sea of ​​data and can instantly remediate certain threats.

–

Mobile threats

Threats on mobile devices including spyware, exploiting Android vulnerabilities… are increasing rapidly in the context of the Covid-19 pandemic. Security people need to pay attention to protection programs for mobile devices. While working from home, employees are constantly on the move using mobile devices such as tablets and smartphones and connecting to public Wi-Fi networks, thereby connecting to other companies. Remote working tools, enterprise cloud services.

These employees will be the biggest security risk because security will reduce employee productivity. Employees say security is interfering with personal privacy. Accordingly, employees will hinder the implementation of security on mobile devices, which contain many types of the most important data of both individuals and businesses such as photos, emails, messages, accounts, etc.

–

Source: Trong Huan (Antoanthongtin)