If 2020 was the year of unprecedented disruption on a global scale, 2021 will be when people begin picking up the pieces.
The COVID-19 pandemic caused unexpected and rapid change on all fronts. With virtually no warning, organisations had to shift most of their staff into work-from-home mode. Meanwhile, IT teams had to quickly put in place the infrastructure that would allow access to core applications and data stores.
On the security front, CISOs and their teams wrestled with the best ways to provide secure links for a dispersed workforce while maintaining effective protection against cyber attacks. In many cases, investments that had been slated for the future were brought forward to help tackle the new challenges.
Now it’s time to consider what 2021 might have in store and determine how some of these trends might develop in the year ahead.
1. Artificial intelligence
It’s likely we will see increasing use of AI in cyber security with applications including the deep analysis of network traffic to spot anomalous behaviour. AI can also help to stress-test security measures and ensure they are providing maximum protection.
However it must be remembered that cyber criminals have access to many of the same tools. They will continue to put them to work to crack codes, break encryption, and unlock passwords.
Attackers will have the advantage that they can try a lot of different methods and only one needs to be effective. Defenders, on the other hand, have to get everything right. Take time during 2021 to assess the most effective way of leveraging AI in your security infrastructure.
2. Cyber deception
In early 2020, deception was still one of the most misunderstood of all security strategies. However, awareness and usage are now increasing, and this trend is likely to continue during 2021.
Security teams will also make more use of AI tools as part of their deception strategies. These will be used to spot unusual behaviour and determine where best to place decoys or bait.
Ransomware will continue to be a significant threat throughout 2021. Many organisations may think they have already taken the steps required to avoid such an attack but will still find their systems becoming infected.
Attackers will take more sophisticated and aggressive paths to inject their ransomware code into systems and security teams will have to continue to guard against attacks. So-called ransomware 2.0, where attacks are guided by humans rather than automated code, will also continue to increase.
4. Remote working
Companies will need to continue to adjust to a significant proportion of staff working from home during 2021. From a security perspective, this means there will need to be a focus on endpoint devices as these can provide attractive attack vectors for cyber criminals.
Security professionals also need to be mindful that, when people return to the office during the year, they may come with devices that have already been infected. Reconnecting them to the central network could provide an opportunity for a cyber criminal to gain access.
Internal security controls will need to be adapted to cope with this threat. CISOs and CTOs must also check to ensure that methods used to provide remote access to central resources are scaled back and locked down where appropriate as staff return.
5. Gender pressures
The workplace changes created by COVID-19 during 2020 have had a particular impact on women. When forced into work-from-home mode, many have also had to continue as primary care givers – especially for smaller children.
As a result of this dual role, some find themselves in an unsustainable position and unable to successfully continue in their existing roles. They may be forced to resign or take positions that are less demanding.
Thankfully, many companies are cognisant of this issue and are looking for ways it can be addressed. Expect new initiatives and ideas to be trialled during the coming year.
There is no doubt that 2021 will be both an interesting and challenging year for all in the IT security industry. Coming to terms with the longer-term impacts of COVID-19 and striving to reach a ‘new normal’ state will focus minds and direct strategies for months to come.
Keeping an eye on these trends will help ensure security teams are best placed to deal with the challenges that lie ahead.
Jim Cook is the ANZ regional director at Attivo Networks.