Digital transformation (DX) laggards are paying a heavy price; yet the now-mandatory DX can also exert a heavy penalty if not secured thoroughly.
With the onset of the pandemic, the mad rush to keep the business lights on spurred massive shifts to remote-working, e-commerce and all things digital.
With the waning of the global crisis this year (* fingers crossed *), the world will press on with digital transformation, after realizing the benefits and the reality of technology-driven business resilience.
With massive digitalization comes massive cyberthreat. According to Muhammad Umair, a Kaspersky security researcher: “Clearly, the COVID-19 pandemic has reshaped both our physical and digital relationships with each other, whether be it personal or work-related. While more work is required in building up cyber resilience, a quick peek into what to expect for 2021 can help us plan properly and stay ahead of the curve.”
So here are the five areas all cyber-defenders should be vigilant against:
- Enterprise-level security for WFH
We all know that remote-working has put organizations at heavier cyber risk than ever before. Cybersecurity teams should take this phenomenon seriously and race to provide enterprise-level security to every worker who connects remotely to the corporate network, regardless of whether more of them are starting to ‘return to office’ or not.
In the course of digital transformation, businesses are likely to see more vulnerabilities discovered and exploited, as was the case with Zoom last year. Security issues historically only linked to BYOD setups will be a norm this year.
- Health pandemic —> malware pandemic
Due to the fulminant disruptions of the pandemic, healthcare sectors have been investing to bring technologies like telehealth, virtual care, and remote monitoring into everyday use. However, all these technologies, while convenient, provide additional attack vectors and increase the likelihood of cyberattacks and incidents like the HIV Patient Data Leak in Singapore. The sexy appeal of 5G and IoT in medical care is also going to be fraught with cyber risk, so the health sector is expected to see continued (or even ramped-up) attacks during 2021.
- More DX means more hacker earnings
Governments around the world—even the underdeveloped ones—are pushing out funds for businesses to digitalize. The resultant increased use of e-payments/e-invoices/transactions will attract financially motivated attackers in 2021, including an increase in the use of web skimmers.
- Rampant ransomware threats
Ransomware activity as per Kaspersky’s telemetry is expected to be go into high gear this year, with existing and emerging actors attempting to exploit the massively-increasing number of potential targets.
- Cloud security and AI
Migrating to cloud computing and containers is great for scalability and general convenience. But cloud vendors are catching up with cloud and container security, so this is a new attack surface and more vectors and vulnerabilities are expected to be discovered and/or abused during 2021. There has also been an increased adoption of AI in security products. Regardless of how sophisticated these AI models might be, there is a likelihood that attackers will start to find loopholes within these to exploit/evade them. Going through 2021, we may see malware employing fresh new techniques against AI.
Will cyberthreats disappear with COVID-19?
While vaccines may hold the key to protecting some 80% of people, the remainder will still benefit from the resultant herd immunity.
Similarly, if more organizations step up their cyber-defenses and increase vigilance among the unwary through continual education, the world will still have a fighting chance against the ever-growing threat of state-sponsored attackers and cybercriminals.
Such malignant forces will exist long after any pandemic, and they thrive on herd vulnerability and complacency. As ‘old-school’ organizations learned (the hard way), digital is the new normal, and the world will leave laggards behind: the same applies for organizations that now accept digital transformation—do not slack in cyber-securing your DX because a tsunami of malware pandemics are lurking and ready to pounce on us!