The global COVID-19 pandemic dominated all aspects of life in 2020 and pushed the workers of the world to switch to remote working. This resulted in a major shake-up of IT and security practices to which businesses have had to quickly adapt.
Security experts have reviewed some key aspects that shaped cybersecurity through the pandemic and made some important predictions for the coming year. While making predictions about the future is as difficult as ever, one thing we know is that cyberattacks have continued to evolve and take advantage of the current technical and economic landscape and the need to safeguard you organisation against cyber threats is as important as ever.
The rapid shift to remote working has been critical to the survival many organisations. Rapid change like this almost always presents opportunities to Cybercriminals, who have responded immediately by finding and exploiting new vulnerabilities created by dispersed workforces and their IT systems.
With this in mind, here are some cyber security predictions for the coming year and some tips for businesses to stay ahead of the game and protected against security risks.
Ransomware attacks
The increase in ransomware attacks has been a clear trend through 2020. This kind of attack has been going strong for a few years now and, if anything, has ramped up in recent months, with malicious operators innovating with their threats to publish, sell or auction stolen data if no payment is made.
Remote workers are typically using their own devices and home Wi-Fi connection for work. This practice is often not as secure as a corporate network, leaving them at greater risk of attack. And, as employees continue to use their own networks, we can expect cybercriminals to continue to take advantage of the situation.
Businesses need to adapt and tighten up security protocols and defences for remote employees. In the meantime, remote workers will need to stay alert and watch out for the signs of scams and other phishing attacks.
Social media threats
Social media presents a range of security risks and, these days, virtually every business has multiple accounts on social.
Cyber attackers have been targeting individuals on social media for years and are now increasing their efforts to use social media to reach businesses as well.
It’s vitally important that, especially while working remotely, employees stay vigilant when posting, signing up for online events, or communicating individualy or on behalf of the business.
Targeting senior employees
The latest evidence show an increase in senior employees being targeted and are currently those most likely to need ransomware protection. Senior managers are often in a position to authorise payments, which makes them more vulnerable
Attackers are increasingly focusing on individual PCs or laptops, rather than attacking company-wide IT infrastructure. They aim to acquire personal information, which they can then use to blackmail or threaten senior employees.
What you do to combat the threat?
Keep software updated – Keeping software up to date is a cornerstone of security best practice and crucial to eliminate vulnerabilities in operating systems and applications. Where possible, select the auto-update option.
Install antivirus and endpoint protection – Antivirus is crucial in the battle against malware, phishing and other types of online and offline threats. Consider implementing multi-layered protection on your devices. Your IT department or outsourced IT partner should be able to help you with an effective antivirus strategy.
Reportedly, less than 50% of businesses with remote employees are using endpoint security systems. This will need to improve in 2021.
Awareness training – Staff training will help staff to understand good security practices, and create an IT security culture across the organisation. Training can be delivered collectively or drip fed in small doses.
Carry out regular Security testing – Penetration testing will do more to help you home in on security flaws than anything else. You can design he most secure systems imaginable but you don’t know if it’s truly secure unless someone with the right skills and tools tries to get through it or around it.
If you think your business could be affected by the security issues raised in this article, KRYPSYS may be able to help. Please feel free to contact us at www.krypsys.com/contact-us/