Have you had enough of predictions for 2021? If not, here is another set of cybersecurity forecasts joining the fray …
In 2019, who would have imagined watching our favorite sports teams on TV devoid of spectators, or anticipated the postponement of the Tokyo Summer Olympic games?
With all the uncertainty that 2020 brought us, no one knows with 100% certainty what will happen. However, we can be reasonably certain about our predictions based upon the changes brought upon us by the pandemic to infosecurity, and the way they will likely shape 2021.
First and foremost, in our thoughts are the impacts of vastly-increased remote-working and digital transformation that have both been accelerated by the pandemic. So, with these in mind, our team of cybersecurity experts have gathered five cybersecurity predictions to ring in the new year…
- Socially-engineered attacks will get more complex
According to Verizon’s Data Breach Investigations Report for 2020, social engineering is a top attack vector for hackers, and we expect threat actors to leverage current events to unprecedented levels. Consider the following:
- Fraud risks: We can expect a rise in pandemic-focused stimuli from governments to provide relief for the effects of the pandemic, which will only make this a richer channel for fraudsters. Many countries in Southeast Asia have taken measures to provide an economic safety net but without proper implementation, risks of misuse, fraud and corruption increase if security methods are not able to keep up.
- Contact tracing: Contact tracing is mandatory in countries like Singapore, causing people to become dependent on digital tools such as QR codes. They can be at risk if they do not practice good cyber hygiene, and fall for QR-code phishing scams if malicious links solicit personal data.
- Tax season: Phishing around tax season will drastically increase. Recently, there were cases in Singapore of fake emails from IRAS offering COVID-19 tax relief and tax refunds.
2. Shortcomings in data security will have a slowing effect on telehealth organizations
Telehealth providers are opening themselves up to cyberattacks on an unprecedented scale. Prior to the pandemic, telehealth comprised only a small fraction of medical visits. However, beginning in March 2020, much of medicine suddenly shifted to the telehealth model with an uptick in public and private healthcare providers offering such services. The value of a single health record is high, and this will become a growing target for fraudsters looking to take advantage of this situation. It is a perfect storm. Healthcare providers are rushing to set up systems and keep up with exploding telehealth appointments, while hackers are looking for soft, high-value targets. As news of successful attacks spreads, this will result in eroding patient trust.
3. The ‘New Normal’ will be under attack
We predict that individuals and businesses alike will adjust to the new landscape sometime in 2021. This will result in a resumption of travel, a reduction in unemployment, and a transition for workers to return to the office, leading to threat actors’ attacks on the following:
- Travel: Fraudsters looking to take advantage of the trend will target vacation-starved travelers looking for good deals online or via email. Phishing attacks will be the tool of choice and will be leveraged successfully by fraudsters.
- Back to the office: As workers return to the office, there will be a steady crescendo of applications offered by threat actors with the promise of increased productivity tools to ease the transition to the office. Expect new attack vectors to emerge not only for social engineering, but also attacks targeting common home devices that are used at home for workers splitting time working at home and the office that can be used to compromise an individual and allow for lateral movement into a business. Workers splitting time between the home and the office will only exasperate this transition period, causing confusion and an increase in security risk for business.
- Data breach news: News of data breaches will increase in 2021 as the public learns of exploits on companies that have not done a good job securing their remote workforce.
4. 2021 will bring increased focus on automation and efficiency solutions in security
As organizations work to keep the lights on and scrutinize the bottom line, there will be a resulting push for efficiency in security technologies.
Security teams will be asked to do more with even fewer resources. 2021 will bring an emphasis on technologies that allow organizations to do more with less, and automation will play a significant role in terms of security innovation. According to a 2020 SANS Automation and Integration survey, 12% of respondents had no security automation in 2019. In 2020, that dropped to 5%. We predict the level of automation in 2021 will increase exponentially.
A consolidation of security vendors will take place in 2021 as businesses look to reduce the number of vendors within their environments. Trusted vendors with leading global technology and local resources where their customers live will be valued, as will be their emphasis on automation of security tasks.
As security investments focus on immediate value, Quantum Computing will continue to move forward and allow for tasks to be more efficient. Organizations will prioritize its continued development. Improvements and efficiency are recession-resistant.
5. Two security innovations awaiting us in the next 5-10 years
Holographic teleconferencing to minimize travel: Each generation brings a new technology that ‘shrinks’ the globe: internet, email, video conferencing…
In the next 10 years, expect holographic teleconferencing or sophisticated telepresence devices, which allow participants to view each other in 3D without the need for special glasses. Holographic projectors located on the back of cameras will project the image in front of you, which will give a more lifelike experience to conferencing. This will further reduce the need to travel across the globe to meetings.
Today’s virtual learning kids; tomorrow’s new-era innovators: The data ‘given away’ by the current generation of children attending lessons from home will come back to haunt this generation in the future, inspiring a new generation to carry infosec securely into the future. Some of today’s children being forced into online learning at home will imbibe a passion for technology that will have a tremendous impact on the careers they choose in the future. This virtual learning generation will spawn a new era of technology and security solutions and innovations.
And there you have it. Here at DigiCert, we look to the future so we can offer the best protection in the present. Bring on 2021.