The rapid transition to remote office has shifted focus away from cybersecurity, enabling threat actors to take advantage of loosened security policies.
CITES, a vendor that makes data security easy, reveals the top five cybersecurity trends for organizations to keep an eye on in the second half of 2020 and beyond. Although the massive transition to remote work in response to the global pandemic has led to an increase in cyber-attacks, CITES experts don’t envision dramatic shifts in the cybersecurity threat landscape. Instead, they identify the following trends that have accelerated and will have the biggest impact on organizations:
The insider threat will become even more pressing:
With many organizations already planning to keep more of their staff working from home, IT teams will have to adapt to a larger remote workforce — which means a lack of control over a greater number of endpoints and network devices. Therefore, organizations need to develop new security strategies based on the zero trust model, including ways to prevent sensitive data from spreading across employee endpoints and cloud collaboration tools.
Security by design and by default will become the norm:
Use of online services — from retailers to social media to productivity tools — has exploded during the pandemic. Unfortunately, many users have little knowledge of cybersecurity threats, which makes them easy targets for online scams. To mitigate risk, organizations should clearly communicate security best practices, but they will also need to build in as many safeguards as possible. Indeed, every organization offering online services will be under increased scrutiny to enable strong security and privacy settings by default, and some will use advanced security options as a market differentiator.
Deepfakes will take spoofing to the next level:
Emails impersonating C-level management and voice spoofing will continue, but the extensive use of video conferencing for regular communication will lead to a rise in a newer variant of this attack vector: video spoofing. We don’t expect deepfakes to become widespread soon, but AI and neural networks will make them more probable. To withstand this threat, organizations will have to reshape their approval processes, especially for budget and data access. In addition, IT teams will need to increase the accountability of all employees and prevent illegitimate elevation of privileges.
Attacks will go undetected in a flood of false alarms:
The abrupt change to remote working has caused much security monitoring solutions to generate far more false positives since they require time to adapt to the new normal. A similar spike in false alarms will occur when employees return to the office. Hackers will continue to use these turbulent time to launch attacks, knowing that organizations will be blind to their malicious behaviour. IT needs to remain vigilant and find ways to spot and investigate the true threats in all the noise.
Organizations will move beyond passwords:
As people flock to online services, re-use of passwords between services will increase, since users cannot remember dozens of unique passwords and are reluctant to adopt password management tools. To reduce the risk of breaches from compromised credentials, organizations will adopt non-password authentication methods, such as biometric data like fingerprints or eye scans. As the amount of personal data transmitted and stored online increases, organizations will need to implement adaptive risk management programs and have security in mind every time they implement new services and technologies.
According to Dr. Sulaiman Kawooya, VP of Product Management at CITES, every crisis forces organizations to scrutinize where they are focusing their resources and efforts. While many IT projects can be suspended, a strong cybersecurity strategy remains vital.
He adds that automating cybersecurity tasks enables IT, professionals, to do more with less while reducing human errors and inconsistencies, which helps the organization improve productivity, reduce operational expenditures and refocus the talent of their workers on more critical areas.
www.citesuganda.com if you think and believe that you need to protect your data assets, then look no further, we have great solutions and services for you, your enteprize.