In 2020, we saw digital transformation accelerate along with rising ransomware, threats caused by human error and misconfigurations, and challenges in IT staff retention. While there is no crystal ball, cybersecurity experts share how organizations can optimize finite resources and prioritize security measures.
In a world of uncertainty, six cybersecurity trends stand out for 2021.
#1 – Endpoint threats on the rise.
With over 70% of threats entering via endpoints, it’s important to be vigilant against evolving threats targeting endpoints and solutions that keep you productive like VPNs and cloud-based SaaS. Reduce the risks associated with a remote workforce by leveraging threat prevention, detection, and response that goes everywhere your people go. According to Guy Cunningham, Netsurion senior vice president of channel sales, “Always-on endpoints like laptops and servers need a more comprehensive approach to cybersecurity. A layered security strategy can augment, or even replace, legacy tools like anti-virus that can’t stop today’s threats. We recommend including SIEM on every endpoint in order to add defense-in-depth capabilities for all of your susceptible devices.”
# 2 - Remote work continues to expose security gaps.
The fast pivot to Work-from-Home (WFH) maintains productivity and business operations but also uncovers new security issues with dispersed devices. Greg Manson, Logically vice president of security audit & compliance, states that secure remote connections remain critical along with multi-factor authentication (MFA). “In today’s threat landscape, physical security cannot be used as a safety measure for mobile devices and remote employees. MSSPs can now help their customers with digital security that is more important than ever to minimize the risk of a breach or attack.”
# 3 - New and continuing threats to watch.
Businesses are looking for more proactive methods to combat multi-stage attacks like ransomware and devious “low and slow” hackers. “Financially-motivated cyber criminals today use advanced threats to continually morph their techniques to avoid detection,” says Brian A. Engle, vice president of cybersecurity services and operations at CyberDefenses. “Obtained credentials are allowing attackers to perform increasingly- targeted reconnaissance to infiltrate and gain access.”
# 4 - Understand risks and threats of cloud use.
Protecting data, applications, and infrastructure associated with cloud computing is just as vital as on-premises IT architectures as organizations move business-critical data to the cloud. “Organizations continue to drive more business processes and supporting systems into the cloud”, states Engle, “with reliance on cloud platform controls and management capabilities.” Furthermore, organizations of all sizes must keep up with emerging threats as well as human error such as cloud misconfigurations that could lead to data leakage and negative publicity. As Manson shares, “A cloud-knowledgeable MSSP can help customers choose the right cloud approach for their goals and industry regulations and have sound security up front that avoids problems down the road.” Engle also added that “enhanced cloud monitoring and visibility add preventative controls to keep data safe, detect suspicious behavior, and trace unexpected events and actions.”
#5 - Cybersecurity expertise augments technology.
A consistent pattern in recent years is an over-reliance on point products and technologies to defend against persistent threat actors; technology alone isn’t the solution. Mid-market businesses continue to evolve their technology needs but often lack dedicated cybersecurity resources. Ransomware attacks targeting mid-size enterprises continue to occur at high rates with devastating business impacts. Security expert Engle says, “I see more trends involving people and processes to keep up with the information technology evolution. Technology advancements can often create more gaps than they narrow.” Cunningham agrees, stating that “the move to a holistic platform with a 24/7 security operations center (SOC) unifies multiple disparate technologies with single-pane-of-glass visibility.”
#6 – Incorporate frameworks and best practices.
As a final thought, NIST’s Cybersecurity Framework (CSF) and MITRE ATT&CK’s real-world tactics, techniques, and procedures (TTPs) offer best practices for government entities and enterprises of all sizes. Frameworks improve collaboration between technical and business stakeholders to understand the current security posture and identify areas for improvement. “When ATT&CK is integrated with a SIEM solution, there’s a huge advantage when it comes to identifying and understanding sophisticated threats sooner and with greater accuracy,” shared Brad Alexander, Immedion vice president and chief technology officer.
A Look Ahead
From endpoint to cloud to remote work challenges, our experts weighed in regarding cybersecurity trends likely to materialize next year. Mid-sized businesses and the IT service providers that serve them will likely be targeted by cyber criminals, if 2020 is any yardstick. Manson also points out that “MSSPs face the same challenges as their end-customers.”
With preparation and vigilance, you can enhance your cybersecurity maturity, mitigate risk, and better prepare for the ever-changing threat landscape. And Engle adds, “The first step in risk management is knowing what organizations must protect, although this will become increasingly more challenging in 2021. Do you know where your most sensitive data resides?”
If you are looking to augment your cybersecurity portfolio or expand beyond traditional security, we can help you fight through the noise of millions of events to get to what matters most. Netsurion’s managed threat protection platform gives you unmatched flexibility and scalability.