As we all know, remote working turned out to be a lot more than a short-term emergency measure. We’re going to see more of the same this year, with large numbers of employees continuing to be home-based throughout much of 2021.
In light of this, we expect that many businesses will be building on their existing remote working capabilities; for instance, through virtual events and new productivity platforms.
As the year progresses, the gradual return to the office could introduce new risks surrounding privacy and data. This is especially the case if businesses are going to require staff to provide proof of their Covid status for customer-facing roles. This will potentially mean employers having access to some pretty sensitive health information about their employees.
What it means
- Did you miss anything? The initial shift to remote working happened so fast, so it was actually very easy to leave security gaps in favor of getting home-based workers up and running quickly. For an overview of the essentials, take a look at our remote working cyber security guide.
- Lots of businesses will be moving toward a ‘hybrid’ workforce set-up this year: where some employees remain entirely workplace-based, some are exclusively home-based, and others go back and forth between the two. If you make this shift, it demands a review of your cyber security stance to ensure it is still fit for purpose.
- With such a wide and fluid perimeter to police, consider adopting a ‘zero trust’ approach to security. This basically means you should not automatically trust anything inside or outside your perimeters. Instead you need to verify anything and everything trying to connect with your systems. Key features include ‘need to know’ access controls and multi-factor authentication.
Ransomware is accelerating and becoming more dangerous.
Medical facilities became a favorite target last year. More generally, threat actors are moving towards greater use of malware-as-a-service. They are focusing their efforts on organizations’ most sensitive data and architecture and asking for higher amounts. We can expect more of the same in 2021.
What it means
- Our analysis mirrors findings elsewhere. For instance, Bitdefender’s mid-year threat landscape report 2020 indicated a 715% year-on-year increase in ransomware attacks. You need to regard a ransomware attack as a probability rather than a possibility.
- User training is essential - i.e. training users to spot and avoid dangerous attachments and links - as well as issuing regular reminders. StationX offers specialist security awareness training to help orginisations mitigate this risk.
- Key elements of your perimeter shield should include malicious URL blocking, email server filters and anti-virus signatures. Likewise, systems monitoring can give you an instant alert of ransomware behavior, such as attempts by the ransomware to connect to its command and control.
- A backup and recovery plan is vital.
The pandemic did not stop the usual suspects (Russia, China, Iran and North Korea) from engaging in cyber-based disruption, espionage and commercial theft last year. There was also an uptick in activity from Vietnam and South Asia.
We give special attention to China as a threat this year. Basically, even if tensions between China and the US/Europe are eased through diplomatic efforts, it’s unlikely that this will cause China to pull back its cyber threat activities, especially when it comes to IP theft.
What it means
- Does your organization handle sensitive IP? Where possible, you might want to consider housing it exclusively on air-gapped computers: i.e. on systems that do not have access to the Internet. More generally, consider restricting ultra-sensitive work to specific devices that are not used for any other purposes.
- Spear phishing is one of the most popular attack vectors for state-sponsored attacks. This is where the attacker hones in on an individual who they think is especially likely to have access to an organization’s most interesting assets in order to steal their credentials. So when it comes to systems monitoring and user education, make sure there are no blind spots (this includes schooling your CEO on best practice where necessary!).
95% of companies now have at least some kind of cloud presence. But, lots of organizations don’t really think of themselves as being “in the cloud”, even though they have a whole load of sensitive information contained in the likes of Office 365.
In response to the pandemic, a lot of businesses shifted over to cloud-based apps and systems for the first time. To avoid a flurry of violations due to “rookie mistakes” in 2021, these new cloud users will need to look carefully at their security stance.
What it means
- Don’t assume that your new cloud service provider is in charge of securing your cloud environment. Remember; you are still responsible for your own networks and user access controls.
- The majority of cloud breaches occur as a result of human error, including misconfiguration of the solution. Typically, your cloud provider will offer various access and identity control tools. Make sure these are enabled.
- Likewise, the solution provider is likely to offer at least some level of logging and monitoring tools. Make sure you use these to keep track of any unauthorized or unusual access attempts.
For many businesses, 2021 will be a year for taking stock, for taking a look at how their attack surface has changed as a result of the pandemic, and shoring up their defenses accordingly.
Where are we vulnerable? What do we need in place to reduce our risks? To build up the type of knowledge required to answer these questions with conviction, explore our latest batch of courses.