by Rafi Kretchmer*
Covid-19 introduced a paradigm shift in working culture. The new era of the “hybrid employee” has required a recalibration of how organizations provide secure, productive and digitally enabled environments for their employees.
Security teams are also having to deal with escalating threats to their new cloud deployments, as hackers seek to take advantage of the pandemic’s disruption: 71% of security professionals reported an increase in cyber-threats since lockdowns started.
And this shouldn’t come as a surprise. Working from home under unusual circumstances, users become more distracted, prone to careless behaviour and don’t always comply with corporate security policies. A recent study revealed that 57% of employees insecurely save passwords in browsers on their corporate devices while 21% allow other members of their household to use their corporate devices for activities like schoolwork, gaming and shopping. All in all, it was found that 78% of employees put data at risk inadvertently.
This phenomena simply opens the door for more risk. Threat actors always seek to take advantage of major events or changes for their own gain. Looking to 2021, we should ask ourselves what are the major cyber-security related changes and events that we expect in the cyber landscape over the next 12 months?
Below are my 2021 predictions, and some guiding principles to prevent those potential cyber-attacks:
1. Securing the new normal: the ‘new normal’ is here to stay. A recent Check Point survey found that half of all respondents believed that their organizations will not return to pre-pandemic norms for at least the next two years.
Addressing the new normal means securing “hybrid employees” that work both from home and from office and require secure access from any location and any device, securing hyper-distributed enterprise applications that reside everywhere including traditional data centers and the cloud, and lastly, securing emerging IOT devices and networks.
This will require organizations to recalibrate their cybersecurity approach around three main elements: Securing their networks; cloud environments and applications; and lastly, securing employees – wherever they are. Automation, consolidation and prevention will top CISOs agendas to stop advanced attacks spreading rapidly across organizations, and exploiting weaknesses to breach sensitive data.
2. COVID-19 and Vaccine related phishing campaigns: Pfizer, Moderna, the Russian vaccine – all those announcements carry a huge promise to society. But a COVID-19 vaccine, will not stop hackers from utilizing vaccine developments in phishing campaigns. The pharma companies developing vaccines will also continue to be targeted by malicious attacks from criminals or nation-states looking to exploit the situation.
3. Mobile applications security threats: Many of us are not aware how much of our personal information is being used by apps and devices demanding broad access to our media files, contacts and more. Yes, even your smart speaker knows your music habits by now.
This problem has been magnified with patchy COVID-19 contact-tracing apps that have been rush-released with privacy problems, leaking data about individuals. With remote employees prone to careless behaviour, mobile malware targeting users’ banking credentials and committing click-fraud on adverts is still a significant and growing threat.
Recent research by IDC predicts that “Organizations must also be prepared to mitigate the additional cyber risks associated with workers remotely accessing enterprise resources over unmanaged networks (e.g., home networks, public hot spots) and from unmanaged devices.”
The new hybrid employee and the above predictions require us to recalibrate how we secure our work. To meet this new reality, below are 3 guidelines organizations should consider:
Complete, consolidated protection
Today’s enterprises are hyper distributed with applications residing everywhere and users connecting from anywhere. To deliver complete protection across datacenters, perimeters, cloud, mobile, endpoint and IOT, organizations frequently implement multiple cybersecurity solutions.
As a result, they are frequently left with a costly, patchwork security architecture. Adopting a consolidated security approach will help businesses realize complete, preemptive protection against the most advanced threats while achieving better operational efficiency.
Complete protection also means that your security solutions will have to address all potential attack vectors as cyber criminals become more and more sophisticated.
Real-time prevention
Real-time prevention is the key to protecting our organizations and employees from zero-day cyber-attacks. Organizations will have to deploy pre-emptive user protections to eliminate threats before they reach the users regardless of the user activity.
Employee awareness and education
The human factor may sometimes represent the weakest link even when all the technology stack is there. Organizations will have to invest in employee awareness and education. These measures should include testing employee skills in detecting phishing emails, training on how to avoid social engineering attacks and reiterating corporate data and security policies.
*VP, Product Marketing, Check Point Software Technologies
**first published in: www.weforum.org