Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts.
After shrinking in 2020, cybersecurity budgets in 2021 climb higher than pre-pandemic limits. Authentication, cloud data protection and application monitoring will top the list of CISO budget and cybersecurity priorities. According to experts, these are just a few of the themes to dominate the year ahead.
Here is round-robin of expert opinions illuminating the year ahead.
Home is Where the Attacks Will Happen in 2021
There is no question IT staffs are still reeling from the massive work-from-home shift that forced them to rethink cybersecurity and placed new dependencies on technologies such as cloud services and digital collaborative tools such as Zoom, Skype and Slack. Those 2020 trends will have a lasting impact.
Nearly 70 organizations surveyed by Skybox said over a third of their workforce would remain remote for at least the next 18 months. That will trigger an uptick on endpoint protection in the year ahead, according to Adaptiva CEO Deepak Kumar. He told Toolbox Security that endpoint protection will impact 55 percent of IT team, as companies look to protect assets purchased and deployed to remote workforces.
Bitdefender researchers agree and say securing remote workers will become a major focus for organizations. In fact, it will be an imperative, since remote workers will continue to present a unique set of opportunities for the bad guys.
“As more and more people adhere to the work-from-home schedule imposed by the coronavirus pandemic, employees will take cybersecurity shortcuts for convenience,” according to researchers at Bitdefender. “Insufficiently secured personal devices and home routers, transfer of sensitive information over unsecured or unsanctioned channels (such as instant messaging apps, personal e-mail addresses and cloud-based document processors) will play a key role in data breaches and leaks.”
Upheaval in staffing needs and continued dependence on a remote workforce will create fertile attack vector for criminals looking to exploit insider threats. Forrester researchers believe the remote-workforce trend will drive uptick in insider threats. They explain, already 25 percent of data breaches are tied to insider threats and in 2021that percentage is expected to jump to 33 percent.
Forcepoint warns in 2021 the growth of an “insider-as-a-service” model. This, they describe as organized recruitment infiltrators, who offer up highly-targeted means for bad actors to become trusted employees in orderto gather sensitive IP.
“These ‘bad actors,’ literally, will become deep undercover agents who fly through the interview process and pass all the hurdles your HR and security teams have in place to stop them,” said Myrna Soto, chief strategy and trust officer for Forcepoint.
Endpoint security issues equal some of the most challenging today and tomorrow. Inboxes are the chink in the armor security front lines, often the perfect vector for ransomware attacks, business email compromise scams and malware infection, according to a Crowdstrike analysis of the challenges.
Moving forward, researchers warn that enterprises should expect a “major increase” in spear phishing attacks in 2021 – due to automation.
“Cyber criminals have already started to create tools that can automate the manual aspects of spear phishing,” said WatchGuard researchers in a recent blog. “This will dramatically increase the volume of spear phishing emails attackers can send at once, which will improve their success rate. On the bright side, these automated, volumetric spear phishing campaigns will likely be less sophisticated and easier to spot than the traditional, manually generated variety.”
Cybersecurity Cloud Burst
Cloud adoption, spurred by pandemic work realities, will only accelerate in the year ahead with software-as-a-service, cloud-hosted processes and storage driving the charge. A study by Rebyc found that 35 percent of companies surveyed said they plan to accelerate workload migration to the cloud in 2021.
Budget allocations to cloud security will grow from single-digit to double as companies look to protect 2020 cloud buildouts in the year ahead.
A Gartner analysis of 2021 cloud priorities names “distributed cloud” as a future focus for businesses which will have significant security implications. Distributed cloud is the migration of business processes to the public and private cloud – or hybrid cloud.
“[Companies] by shifting the responsibility and work of running hardware and software infrastructure to cloud providers, leveraging the economics of cloud elasticity, benefiting from the pace of innovation in sync with public cloud providers, and more,” says David Smith, Distinguished VP Analyst, Gartner.
According to Muralidharan Palanisamy, chief solutions officer at AppViewX, that shift will drive Cloud Security Posture Management (CSPM) in 2021. CSPM includes finding misconfigured network connectivity, assessing data risk, detecting liberal account permissions, cloud monitoring for policy violations, automatic misconfiguration detection and remediation and regulatory compliance with GDPR, HIPAA, and CCPA.
Automation, Artificial Intelligence and Machine Learning
Defensive applications of artificial intelligence will have their moment in 2021, driving a trend of hyper automation, said Palanisamy.
“Hyper automation is a process in which businesses automate as many business and IT processes as possible using tools like AI, machine learning, robotic process automation, and other types of decision process and task automation tools,” he said.
A study by Splunk, it reported 47 percent of IT executives interviewed said cyberattacks were up since the pandemic began. More recently, 36 percent said they experienced an increased volume of security vulnerabilities due to remote work.
“The sheer amount of security alerts, of potential threats, is too much for humans to handle alone. Already, automation and machine learning help human security analysts separate the most urgent alerts from a sea of data, and take instant remedial action against certain threat profiles,” Splunk wrote.
The report acknowledged that meaningful, practical application of AI is still a way out. But Ram Sriharsha, Splunk’s head of machine learning said he “expects AI/ML security tools to grow in their sophistication and capability, both in terms of flagging anomalies and in automating effective countermeasures.”
Mobile threats accelerated in the backdrop of the COVID-19 pandemic – a trend expected to continue. Threats ranged from specialized spyware designed to snoop on encrypted messaging applications to criminals exploiting a slew of Android critical security vulnerabilities.
For those reasons, defenders need to heed last year’s lessons and create mobile-focused security programs, experts say Mobile will contribute to the ongoing “de-perimeterization” and cloudification of the corporate network.
“The next big thing in security is the inversion of the corporate network,” Oliver Tavakoli, CTO at Vectra said. “It used to be that everything truly important was kept on-premise and a small number of holes were poked into the protective fabric to allow outbound communications. 2021 is the year where de-perimeterization of the network (which has been long predicted) finally happens and does so with a vengeance. The leading indicator for this is companies who are ditching AD (on-premise legacy architecture) and moving all their identities to Azure AD (modern cloud-enabled technology).”
As ever, user awareness will need to be a priority, according to Bill Harrod, Federal CTO at Ivanti.
“In the new work-from-home era, we’re constantly working on the go using a range of mobile devices, such as tablets and phones, relying on public Wi-Fi networks, remote collaboration tools and cloud suites for work,” he said. “As we settle into a new year of this reality, mobile workers will be the biggest security risk as they view IT security as a hindrance to productivity and believe that IT security compromises personal privacy.”
Meanwhile, 5G security took a backseat in 2021 even as those networks continued to roll out; but 2021 will see it return to the conversation — because 5G adoption won’t be seamless.
“When it comes to adopting all of the benefits of 5G, it won’t be an easy transition — both for enterprises and for consumers,” said Russ Mohr, 5G security expert at Ivanti. “Between the security vulnerabilities bound to be exploited, the time it takes to patch those vulnerabilities, and the constant protocols being rolled out, using secure 5G networks won’t be a seamless experience in 2021.”
Download our exclusive FREE Threatpost Insider eBook Healthcare Security Woes Balloon in a Covid-Era World , sponsored by ZeroNorth, to learn more about what these security risks mean for hospitals at the day-to-day level and how healthcare security teams can implement best practices to protect providers and patients. Get the whole story and DOWNLOAD the eBook now – on us!