Making predictions after the year that we’ve just had is a dangerous job!
2020 disrupted many plans and reminded us that unknowns are a significant part of risk management. However, we will keep trying! We will set aside our crystal ball, and look in the rear view mirror to analyse the significant events that we have lived through, and highlight the key events we’ve experienced and cyber security trends to monitor in 2021.
In 2020, this type of malware was in the cyber community media spotlight almost as much as the coronavirus. It was referred to as an avalanche, storm and tidal wave. Infections increased enormously and no sector was spared. This type of attack is profitable, and is always popular with attackers. It is not going to go stop anytime soon.
Remember, the easiest method for the successful spread of ransomware is email. Any information about your business, or media release can become a pretext for a phishing campaign and become a way to attack you.
Our advice: increase awareness, practice crisis management, SOC and XDR aligned with your risks, threat intelligence analysis.
This is not new, attacks are aimed at all accessible areas. There are often more of these than you realise. Internally hosted assets, cloud services, management IT systems and industrial IT systems (in a wider sense of warehouse IoT connected to hospital biomedical systems): everything is a potential target! All sizes of business may be affected, from SMEs to Multinationals.
Our advice: mapping perimeters, integration of industrial environments, research into the best solutions for OT, IoT, Biomed, tailor solutions to the maturity and size of systems
2020 became a time to roll out or accelerate the digital transformation for many organisations. Digital strategy has sometimes been driven by the health crisis or by remote working, but things have progressed! In some cases this digital transformation was important to protect businesses from an economic perspective. Unfortunately, security was not always taken into account, or when it was, it was too late.
Our advice: incorporate security within projects, and develop security by design, DevSecOps, Security agility and support Business projects with a range of services from your company’s cyber security team.
The last quarter saw some of the biggest names in IT and IT services falling victim to cyber attacks. The most recent attack was Solarwinds which had a global impact. These attacks will increase as IT services and software providers are everywhere. These portals form a very useful entry point to their client’s IT systems. Hacked software offers access to all clients - a significant scale of impact! Third party security, specifically digital stakeholders, is always of concern to ISSMs
Our advice: review third party security, adapt Security Assurance Plans and other questionnaires to detected risks, additional audits, multicloud global security plan, use of bastions and PAM for service provider remote access
After a rushed, sometimes difficult rollout, working from home will continue to happen. For some businesses this will become standard practice! Working from home will lead to extended remote working, mobile workforces and everything else that is involved with smart workplaces. Simply put, in the future connection to work will be from home, while on holiday or staying with friends and family - from anywhere! Regardless of the network that they have access to.
Our advice: EDR (endpoint detection and response) and global security for all endpoints, CASB and controls for cloud accessible solutions, redesign of VPN and security systems if the VPN is no longer needed!
Increasingly, cyber security risk analysis forms part of financial decisions at the highest levels of business. It is now considered alongside cyber security insurance and the business’s capacity to handle a major crisis. Cybersecurity is also discussed by commitment committees for credit applications and due diligence for private equity. The key subject of risk is now at the top of the list with strong interest from the Executive Committee!
Our advice: update your risk mapping, make risk analysis a key part of security management and feature it in communications and add value to your cyber security initiatives
For many years now protection using artificial intelligence has been used to strengthen detection methods and improve SOC efficiency. Use of AI is made easy via the various public cloud platforms, infrastructure and powerful processors that are easily accessible. Consequently, cyber attackers are also interested in AI, following the perpetual game of cat and mouse. If you think ransomware is already vicious, wait until you are faced with malware that can change in real-time and to constantly adapt to defensive tools.
Our advice: understand AI to anticipate and test solutions which use AI to simulate attacks such as BAS (Breach & Attack Simulation) solutions
Attribution remains a topic for debate. Some countries are regularly cited as being the origin of large attacks. Proof is always difficult to find. Geopolitical issues will not decrease, and cyber coercion will scare many CEOs. This adds a serious problem when describing attacks. Calling it cyber warfare means it is an act of war! If the next infection of ransomeware is deemed an act of war, and if your insurance excludes acts of war, what then happens to your compensation? And what about your defense systems and risk management when faced with these acts of war?
Our advice: raise awareness with the Executive Committee and management, examine insurance, contracts and everything that formalises your cyber security risk coverage.
We can only hope that 2021 does not bring any catastrophic cyber events, even if attackers can call on the required means. As the year starts, we should be optimistic and remember that all these same means are available to cyber security protection. We just need to co-ordinate methods for prevention, detection and response!
To set out your roadmap, contact Advens !