As IT managers look toward 2021, the cybersecurity landscape is reflecting 2020’s widespread shift to remote work. Cybercriminals have quickly taken advantage of new vulnerabilities, and enterprise security teams should be aware of where these attacks will be coming from so managers can shift their focus.
Here are four areas to concentrate your company’s cyberattack defense strategy in 2021:
1. Internal system compromise: Up and to the right
System compromises inside the corporate boundary are still being leveraged for horizontal movement and privilege escalation in the corporate network. What’s new is how many vectors attackers now have for getting into the network. Low-security web apps are being cleaned up, so cybercriminals have moved to more sophisticated techniques, including supply chain attacks.
Old-school network security is based on the idea that a corporate network is inherently “safe,” assuming a high level of trust inside the network’s perimeter. In 2020, it became clear there’s nothing particularly special about a corporate network perimeter, especially when most of the organization’s users are working from home (WFH).
How to build an effective incident response plan
Get this free guide on how to respond to mobile security breaches — or thwart them altogether. Download Now
The massive shift to WFH is a great opportunity for IT to shift away from general use of VPNs and move toward zero-trust network access technologies. Using tools such as device posture assessment, IT managers can create granular network access control (NAC) policies that take into account the status of any device when granting access to apps and data stores.
2. Cloud compromises: Accelerating
As more apps move to the cloud, enterprises have new weaknesses — of which cyberattackers haven’t even scratched the surface. Already, many unprotected databases are vulnerable to being exploited and exposed, and this is just the beginning of a trend that will dominate headlines for a decade.
Many organizations are eager to move to the cloud, but not many IT managers really understand how cloud security differs from a local data center’s security. As a result, numerous organizations have security vulnerabilities and configuration errors, which cyberattackers are eager to exploit.
Now’s the time to plan for a thorough security audit of your cloud-based deployments. Software-as-a-service (SaaS) products, such as collaboration suites or mobile device management (MDM) solutions, are fairly easy to secure, using tools such as mandatory two-factor authentication (2FA/MFA). However, infrastructure-as-a-service (IaaS) is more complicated and variable technology, and a more difficult security challenge.
3. Ransomware: Leveling off
Ransomware is expensive, and it grabs headlines. But the overall trend is down, thanks to ransomware-immune mobile devices, WFH users who don’t have gigabit access to unprotected file shares, a shift toward cloud services such as Microsoft 365 (which use Sharepoint instead of shared folders) and better awareness on the part of IT managers and end users. That’s not to say that ransomware has fallen off the top 10 list or that IT managers can drop their guard, but they can take a victory lap for flattening the ransomware curve.
While ransomware protection hasn’t seen any hot new trends, IT managers should be aware that ransomware authors like Bitcoin. This is delivering an incentive for more elaborate attacks — and ones that target more specific types of data, such as financial app databases. As enterprise IT teams build better protections, ransomware cyberattackers will shift their focus toward small-to-midsize businesses (SMBs) that can’t upgrade their security infrastructure quickly enough.
4. WFH: About to skyrocket
Good software takes time to write — as does good malware. With a clear long-term shift to WFH environments, cyberattackers have a long pipeline of new and repurposed malware to use on remote workers.
At the start of the pandemic, IT managers had a fast shift to WFH and accelerated plans for digital transformation. But now that a significant portion of the workforce isn’t coming back to the office, IT managers need to think about BYOD strategies. A solution that might’ve worked with occasional mobile use may not be the right answer for someone working from home all day. It may be time to shift from personal devices to company-owned, or from VPNs to zero-trust. You might even need to assume that company laptops may never come back to the mothership.
There isn’t one right answer to how to prepare for the future of cybersecurity in the enterprise, but it is obvious that what worked in 2019 isn’t the right strategy going forward in 2021. Planning for the change in work style can help you plan for the change in security as well.
Watch this free webinar on managing employee IoT devices using Samsung Knox and Zero Trust. And learn how Samsung’s Knox Suite of mobile security and management solutions can help secure your business against any threat.