The new year won’t mark an end to the bombardment of phishing attacks, targeted attacks and ransomware the world has experienced in recent months – if anything, 2021 could look like the ‘wild west’ in the world of cybersecurity.
With cybercriminals becoming increasingly brazen and aggressive, and a remote workforce making organisations more vulnerable than before, organisations and CISOs in particular, can expect a challenging year ahead.
CISOs will find themselves having to take on a great deal more responsibility, taking ownership of both cybersecurity and entrenching a solid cybersecurity culture within the business, where people will remain the weakest link.
The FireEye Mandiant 2020 M-Trends report notes that the global median dwell time, defined as the duration between the start of a cyber intrusion and it being identified, has dropped dramatically to 56 days this year, a possible indication that attackers are getting more reckless or more aggressive – and going after the money faster.
While security industry predictions at the end of 2019 envisaged more AI being deployed in both cyber defenders’ and attackers’ arsenals during 2020, the year ultimately saw social engineering becoming the biggest focus area. Malwareless compromises of the insider through social engineering surged in the months during the lockdown, and we can expect this trend to continue next year. All indications are that phishing attacks will increase as organisations keep some – or all – or their workforces remote for the foreseeable future. Remote workforces are more likely to fall victim to phishing, so organisations will have to focus on entrenching a culture of security, as well as tightening access controls and ensuring that stricter policies and approvals processes are in place before enabling transactions and payments.
Many organisations are now leaning towards accepting less responsibility for the security of the devices employees use, and instead exerting more control over what they access. Achieving visibility, and managed detection and response will become increasingly important.
In South Africa, the end of the one-year grace period for compliance with the Protection of Personal Information Act (POPIA) in July 2021 will add additional pressure, as organisations grapple with understanding where all their data is stored, how it is moved, managed and shared, and who has access to it. This is likely to contribute to spending more on services to control, monitor and report in the year ahead.
With 2021 expected to deliver more of the same risks and challenges, but on a much larger scale and with attackers now focusing almost completely on financial gain, cyber defence teams will have to step up their game in the year ahead.