5 Cybersecurity Themes for 2021

Posted by Trevagh Stankard on Tue, Mar 2nd, 2021

Cybersecurity threats will not be declining in 2021, take a look at the cybersecurity themes that will be prevalent throughout 2021.   

A couple of months ago, we outlined some of the cybersecurity predictions for 2021 based on insights from experts within the industry.  Today we want to talk about some of the cybersecurity themes.  Any well-conceived multilevel cybersecurity strategy should take these themes into account over the coming year.

Work from Home Will Continue to Spur Attacks

Use whatever cliché you want: “The cat’s out of the bag”, “You can’t close Pandora’s Box once it’s open.”  The work from home (WFH) movement that was dramatically accelerated last year in response to the COVID outbreak is here to stay.  WFH is not a passing phase.  This means that efforts to secure these new hybrid architectures shouldn’t be in passing either.  Security strategies must utilize security solutions that are highly scalable, geographically independent and easy to implement.  As another old cliché goes, “A man alone is easy prey.”  Employees working alone out of a home office are more susceptible to attacks when working from home.  While it’s easy for a knowledgeable cybersecurity person to verify the authenticity of an unknown web link or the legitimacy of an email within an office environment, it is extremely challenging to identify malicious connections and environments from a remote location.  This lack of visibly magnifies the susceptibility of an attack.

Increased Ransomware Attacks

Not only are ransomware attacks increasing, but so are the required ransoms.  Ransomware attacks surged in 2020 and are showing no letup this year either.  Already, a new ransomware strain has been discovered this year called Babuk Locker that deletes shadow copies of the data it encrypts in order to complicate backup restore efforts.  It also leverages the Windows Restart Manager to shut down any and all applications or services that may prevent it from performing its encryption processes. 

Earlier this month, two Brazilian utility companies fell victim to ransomware attacks and were forced to shut down some operations and services temporarily.   If the encryption of one’s files weren’t enough, a type of ransomware called double extorsion is accelerating in which ransomware perpetrators threaten to publish compromised data in addition to the encryption of it.  This new approach may be contributing towards the greater propensity companies are displaying to pay the ransom. 

A recent survey found that of the respondents who identified their organizations as a ransomware victim, nearly half of them paid the ransomware fee.  Unfortunately, only 60% were able to regain access to their data.  In fact, many of the rest were hit with additional ransomware demands.  Due to the increased likelihood of a ransomware attack, many companies are obtaining cyber insurance coverage to protect themselves from the fallout of these malicious attacks.

IoT Devices Will Continue Expanding Attack Surfaces

It's not just work-from-home strategies that have vastly increased the attack surfaces of enterprises.  The increased adaption of IoT devices has greatly contributed as well.  Thanks to the vulnerable nature of IoT devices and the increased use of automated tools by cybercriminals, the number of infected IoT devices doubled in 2020 compared to the year prior.  The same report also showed that 33% of all infected devices are IoT gadgets of some sort.  Not only have the number IoT devices increased within company networks, but the type of devices has expanded as well thanks to WFH implementations.  Now cybersecurity professionals not only have to worry about factory sensors and security cameras but baby monitors and ring doorbells as well.

Severe Shortage of Cybersecurity Talent

According to an article in the New York Times, experts predict that a staggering 3.5 million cybersecurity jobs will go unfilled across the globe in 2021. That’s a 300% increase since 2014. Positions in short supply include IT security specialists, application security engineers and network security engineers.  In other words, at a time when companies need cybersecurity professionals more than ever, they are even more difficult to retain.  This shocking combination will have dire consequences in the years ahead.  In a recent survey, 74% of respondents stated that their firms are being affected by this critical shortage. 

Growing Need for Cloud Security

It has been reported that that global businesses will spend $12.6 billion to secure their digital assets in the cloud by 2023.  Now factor in that they spent $5.6 billion just three years ago.  In the effort to accommodate digital transformation efforts and remote work strategies, companies rushed to migrate their assets to the cloud in order to attain greater agility and scalability.  In their haste to do so, however, many failed to factor in proper security measures.  As a result, companies will be playing a dangerous game of catch up.  We will also undoubtedly see far more attacks targeting cloud services this year as well.

Protect your organization from cybersecurity threats in 2021. TitanHQ is trusted by over 8,200 businesses and 2,200 MSPs. Get in contact today to find out how we can help protect against ransomware and phishing attacks. Get in contact today.