Cybersecurity is a rapidly evolving sector as both hackers and security providers struggle to stay ahead of each other. New threats and innovative ways to combat them are emerging all the time. In this review, we explore the latest trends in cybersecurity.
1. Cyber security risks of working remotely
The Covid-19 pandemic has forced most organizations to shift their workforces to work remotely, often quite rapidly. Many surveys show that a large part of the workforce will continue to work remotely after the pandemic.
Working from home creates new cybersecurity risks and is one of the most talked about new trends in cybersecurity. Home offices are less protected than centralized offices, which have more secure firewalls, routers and access controls managed by IT security teams. In the rush to keep things running, traditional security checks may not be as rigorous as they used to be – cybercriminals have been adapting their tactics to gain an advantage.
Many employees use their personal devices for two-factor authentication, and they may have mobile app versions of instant messaging clients like Microsoft Teams and Zoom. These blurred lines between personal and professional life increase the risk of sensitive data falling into the wrong hands.
Therefore, a critical cybersecurity trend is for organizations to focus on the security challenges of a distributed workforce. This means identifying and mitigating new security vulnerabilities, improving systems, implementing security controls, and ensuring appropriate monitoring and documentation. Read our detailed guide to working safely from home for more information and advice.
2. The Internet of Things (IoT) is evolving
The expanding Internet of Things (IoT) creates more opportunities for cybercrime. The Internet of Things refers to physical devices other than computers, phones, and servers that connect to the Internet and share data. Examples of IoT devices include wearable smart refrigerators, smartwatches, and voice assistants such as Amazon Echo and Google Home. By 2026, it is estimated that 64 billion IoT devices will be installed worldwide. The telecommuting trend is contributing to this growth.
So many additional devices change the dynamics and size of what is sometimes called the cyber attack surface, that is, the number of potential entry points for malicious actors. Compared to laptops and smartphones, most IoT devices have less processing and storage capabilities. This can make it difficult to use firewalls, antivirus and other security tools to protect them. As a result, IoT attacks are among the most discussed cyber attack trends.
3. Ransomware increment
Ransomware is not a new threat – it's been around for nearly two decades – but it's growing. There are currently estimated to be more than 120 separate ransomware families, and hackers have become very adept at hiding malicious code. Ransomware is a relatively easy way for hackers to obtain financial rewards. Another factor was the Covid-19 pandemic. The accelerated digitization of many organizations, coupled with remote working, has created new targets for ransomware. As a result, both the volume of attacks and the volume of demands increased.
Ransomware attacks involve criminals stealing a company's data and then encrypting it so it cannot be accessed. Cybercriminals then blackmail the organization, threatening to release their personal data if a ransom is not paid. Given the sensitive data involved, as well as the economic impact of paying the ransom, the burden of this cyber threat is significant.
Ransomware made history in 2020 by contributing to the first reported death related to a cyber attack. In this case, a hospital in Germany was left out of its system, unable to treat patients. The woman, who needed emergency care, was rushed to a nearby hospital 20 miles away, but did not survive.
Ransomware attackers are becoming more sophisticated in their phishing exploits through machine learning and more coordinated sharing on the dark web. Hackers usually demand payment in hard-to-trace cryptocurrencies. We can expect to see more ransomware attacks on organizations that lack cyber security in the near future.
4. The rise of cloud services and cloud security threats
Cloud vulnerability continues to be one of the biggest trends in the cybersecurity industry. Again, the rapid and widespread adoption of remote working after the pandemic has dramatically increased the need for cloud-based services and infrastructure.
Cloud services offer a number of advantages - scalability, efficiency and cost savings. But they are also prime targets for attackers. Misconfigured cloud settings are a significant cause of data breaches and unauthorized access, insecure interfaces, and account theft. The average cost of a data breach is $3.86 million, so organizations must take steps to minimize cloud threats.
In addition to data breaches, network security trends and cloud security challenges facing organizations include:
Ensuring regulatory consistency across jurisdictions
Failure to provide sufficient IT expertise to meet the demands of cloud computing
Cloud migration challenges
More potential entry points for attackers
Insider threats - some accidental, some intentional - unauthorized remote access, weak caused by misuse of passwords, secure networks and personal devices.
Note: Followed in the second part...