The 13 biggest security trends and threats of 2021
Published on 22/02/2021 in Tech, tips & tricks
2020 was the year of COVID-19 and telecommuting. But also of phishing and ransomware, as cybercriminals found major holes in the security of solutions for working from home. The health crisis will also mark the security landscape of 2021.
1. Zero trust: trust nothing and no-one
Zero-trust security turns the logic you know on its head. Everything and everyone is suspect, including your internal traffic and your own employees. Ban everything and only allow what must be. The best thing is to draw up a security plan based on the worst-case scenario. Your greatest challenge is to think carefully about who among your employees should have access on which device, and to which networks, applications and data.
2. 5G: enormous opportunities but extra attention is needed on security
By 2024, up to 40% of all data traffic is likely to be transmitted over 5G at speeds of up to 10 GB/second. Technology makes our lives easier and opens the door to new business applications but also to cyber threats such as infected data packets and corporate espionage. The best way to counter this is to dramatically increase your security and monitoring levels.
3. Increase in threats via the cloud
In 2020, the cloud really became the way to go to ensure the continuity of your business. This rapid migration to the cloud also brings with it new security challenges. What threats do you need to watch out for in 2021? Poorly configured cloud storage, reduced visibility and control over your data and vulnerable cloud applications and infrastructure.
Cybersecurity: why, what and how? In this e-book, discover the five security steps to protect your company against unwanted digital visits.
4. Growing number of insider threats
Weak passwords, unsecured networks, accidental breaches, misuse of unsecured personal devices to obtain company data, unauthorized access, ... These are just some of the internal threats that have increased. It is clear to us that many companies still cannot identify and control them. The number of insider threats will only increase in 2021 and in the years to follow.
5. More and heavier phishing attacks
Phishing remains at the top of the list of cyber-threats. Because of COVID-19, these attacks have been increasing at a rapid pace. Unfortunately, you and your employees remain the weakest link in your security. E-mails and landing pages from hackers are hard to distinguish from the real ones. One click is enough to infect your entire network and leave your company's online door wide open.
Is your company well protected against possible phishing attacks? Engage Proximus Accelerator Davinsi Labs to assess your vulnerability to phishing.
6. Explosion of ransomware attacks
The list of companies held hostage by ransomware will only grow longer in 2021. Hackers have smelled money and will only step up their attacks. Their attacks will be more serious too: first stealing your sensitive business data and deleting backups, then threatening to forfeit your data if you do not pay a ransom. That way, they force you to pay at least that six- or seven-figure amounts.
Even then, there is no guarantee that you will get your data and access to your network back, or that it will not be traded or published on the Internet. Becoming a victim of cybercrime is likely to have a direct impact on your (online) reputation.
7. Passwords have failed
Anyone who only uses passwords in 2021 is leaving the door wide open for cybercriminals. Especially if your employees continue to use weak passwords, or the same password for different accounts. A secure protection is one without passwords, but using a combination of two other factors instead. This is still multi-factor authentication, using pin codes, mobile devices, tokens, fingerprints, eye or face scans. Preferably controlled by an underlying next-generation Identity & Access Management system.
8. Targeted attacks on those working from home
Cyberattacks on businesses were already on the rise at the beginning of last year. COVID-19 and the lockdown have only accelerated that trend. Cybercriminals have quickly found the vulnerabilities in the work that you must do from home and they are exploiting the holes in your IT security. It is – unfortunately – a harbinger of attacks to come to your corporate network via home workers this year.
It is important to understand how secure and resilient your entire business environment is and where the vulnerabilities are. This can be done through a Remote Work Assessment
9. Data protection becomes a top priority
You create, collect and store an enormous amount of data. That amount is increasing every year. The more sensitive data you have, the more attractive you become to hackers. More than ever, protecting your data must be one of your top priorities. Because the more sophisticated the attacks from cybercriminals become, the harder it becomes for you to comply with privacy legislation. Especially when you operate in different countries and on different continents, each with their own laws and regulations.
10. Artificial intelligence (AI) as a weapon
AI also poses a greater threat in 2021. Hackers use this technology to identify vulnerabilities and security patterns in your network and let their attack software learn from them. This allows them to strike quickly and efficiently: they know what to look for and how to avoid it, and how to cover their tracks. Fortunately, the intelligence of AI also allows you to stay on top of these threats. Thanks to AI, you can quickly make the right decision, update your security in real time and respond to the attack.
11. The dangers of IoT
The increase in IoT devices also means more interest from hackers. They take advantage of poorly or unsecured devices – especially consumer devices – and wireless networks to get into your network. Taking over these devices and holding them ransom is a small step and cybercriminals are already taking it. Do you use IoT devices yourself or offer them to your customers? Then first check whether they are efficiently secured.
12. Advanced Persistent Cyber Attacks (APTs)
Cybercriminals will increasingly launch advanced and persistent cyber-attacks (APTs) against corporate networks. They use sophisticated hacking techniques to gain access to your network. Once inside, they often stay for months to retrieve and steal all sensitive and valuable information.
Even smaller companies cannot escape it. Often, the perception is that the data are not valuable enough to make your organization a target. However, this data might be the life blood of your organization. In the event of a successful ransomware attack, you will do everything possible to regain access to this data. So the data is primarily of value to you. For this reason alone, the protection of your data is crucial.
13. Complex and late detection of attacks
With more and more sophisticated attacks, detection is becoming increasingly complex. Cybercriminals know better than ever how to stay under the radar and hide deep within the network. On average, it still takes companies months to realize that there has been a successful attack on their network. Meanwhile, cybercriminals spend all those months stealing your valuable data and/or use the compromised infrastructure as a springboard for further attacks. With in-depth knowledge of how hackers work and advanced data analysis, you can detect an attack faster.
Talk to one of our cybersecurity experts about your company's cyber security.