What if we told you that the need for a cybersecurity strategy was going to be a major 2021 trend? You might laugh about how dated that sounds. And make make a joke along the lines of, “1995 called, and it wants its trend back.” (Of course, you’d be using a pretty dated phrase yourself.)
But hear us out: Cybersecurity within an enterprise has never gone out of fashion. In fact, next year, having a solid cybersecurity strategy will be cooler than it has ever been. 2020 has shown us it’s never been more urgent. Four key external factors should make you reevaluate your organization’s cybersecurity practices and solutions for the coming year:
Chaos Creates Opportunities
Cybercriminals are smart and savvy. They recognize opportunities to capitalize on turbulent, confusing times. And there’s no better example of a more chaotic time than 2020, which provided a smorgasbord of opportunities for bad actors.
Cybercriminals launched phishing, vishing, ransomware, malware, social engineering and other attacks that wriggled in through any gaps in an organization’s infrastructure. Of the 723 cyberattacks the U.K.’s National Cyber Security Centre has handled this year (up from 658 in 2019), nearly a third were related to coronavirus. ISACA’s State of Cybersecurity 2020 survey found 53% of respondents expect a cyberattack within the next year, and the damages from cybercrime are expected to reach $6 trillion by 2021.
Remote Workers Can Be Risks
The swift shift from office to home was challenging enough for many enterprises, even if they had the appropriate systems and technologies in place to support a remote workforce. But remote workforces need more than Microsoft Teams, Zoom and the cloud. They also need security protocols and technologies, as well as a remote-access method more secure than VPNs. Think of it this way: If Twitter couldn’t keep its employees’ VPN credentials secure, who can?
Studies have shown companies’ failure to address the secure-access component of remote work has led to unexpected costs. Nearly a quarter of organizations had to shell out money this year to address breaches and malware infections.
Many organizations have seen the benefits of keeping some or all employees remote, but this requires a different approach to cybersecurity and remote access, such as zero-trust architectures. Otherwise, your remote workers might be entry points into your business’s IT infrastructure.
The Cloud Needs to be Secured
No one can dispute the cloud’s business value. Not least of which is the ability for employees to access business-critical applications from anywhere that has connectivity. But the cloud also creates data security risks. A recent IDG survey found 98% of businesses surveyed said securing applications, data and infrastructure in the cloud is “very” or “somewhat” challenging. Almost all organizations IDG surveyed (95%) feel their current security infrastructure limits their ability to protect data as it moves to and from the cloud.
Companies must build in system-wide security across all infrastructure — both cloud-based and legacy. One useful tactic for protecting the cloud is two-factor authentication. Employees receive alerts and notifications when a new device signs in to their cloud-based email app or storage drive, and the person signing in must verify their identity to gain access. Bonus: This empowers employees to become critical parts of an overall cybersecurity strategy.
More Devices Equal More Backdoors.
Even before the pandemic, 82% of companies had some form of bring-your-own-device (BYOD) policies. That sounds cool and modern, until you also learn that 72% lacked BYOD malware protection entirely, or relied upon employees using (and updating) endpoint software installations. Not so cool after all.
What’s more, 2021 will redefine how we think of the Internet of Things (IoT). As 5G networks become available, enterprises will use 5G’s speeds to add IoT devices to workflows for greater efficiency. But this explosion of devices and new categories of “things,” of course, will create risks.
Combining IoT, 5G and BYOD will mean lots more remote endpoints that enterprises must control and secure. IT and security leaders will need to adopt endpoint management solutions that take into account every device that could access an organization’s network, not just the ones they can directly access.
Mitigating the Risks
We’re all hoping 2021 will be a less chaotic year than this one. But hope won’t keep the bad guys out. And the next business disruption — even if it’s not on the global scale of a pandemic — is always just around the corner. The criminals will know what to do when it happens. Your business should, too. Design a reactive response plan for the worst-case scenario. But, don’t neglect the proactive measures that can prevent issues from even occurring.
Here’s one way to be proactive: gaining a holistic view of your entire technology ecosystem. Tangoe’s technology should be a critical part of a 2021 cybersecurity strategy. We’ll help you see what devices are out there and what needs to be secured, maximize the cybersecurity technologies you have, and understand where you need to invest more.
Ready to evaluate your cybersecurity ecosystem and get ready for the coming year? Learn more about how Tangoe’s Platform can help with a demo.