2020 proved that few organisations can foresee all the potential risks facing business, but that caution and best practice across people, processes and technology can go a long way towards helping organisations weather dramatic change and disruption.
In the cyber security space, the upheaval caused by the COVID-19 pandemic and lockdowns paved the way for a surge in cyber attacks while many organisations were prioritising business continuity and supporting a remote workforce at scale.
The FBI has reported a 400% increase in cyber attack complaints since the start of the pandemic, and Interpol has described the increase in cyber attacks on major corporations, governments and critical infrastructure as alarming.
With no clarity on when – or even if – there will be a return to the ‘old normal’ with remote workforces going back to the office en masse, we can expect further attacks on this dispersed environment into 2021.
Key cyber security trends likely to continue through the end of 2020 and into the year ahead include an increase in ransomware and targeted attacks, and a growing focus on smaller businesses – often as a route to their larger business partners.
Data has never been more valuable to companies than it is today, and this value will only increase. Criminal syndicates are well aware of this, often spending months in preparation for a single, well-coordinated attack using phishing and data harvesting malware such as remote access Trojans and spyware.
These attacks are no longer directed only at the big players in the market: everyone is a target or potential target.
Data has never been more valuable to companies than it is today, and this value will only increase.
South Africa has seen a rise in targeted attacks on some of the larger corporates in various industries in recent months, and some international companies with offices in South Africa were severely hit. However, a tactic being used nowadays is to target smaller companies that deal with large corporates’ information as a gateway into the large enterprise.
Advanced technologies such as machine learning and artificial intelligence (AI) will play an increasingly important role in the cyber security sector – not just in protecting organisations from attack, but also in helping cyber criminals engineer increasingly sophisticated attacks.
Into the year ahead, the remote workforce will continue to put the perimeter as far out as it can get, making securing the environment an ongoing challenge.
The move to cloud and hybrid cloud environments – for many organisations a sudden shift due to the pandemic – has also added complexity to securing the environment. Levels of understanding about cloud security are reported to remain low, and security is often an afterthought when it comes to cloud deployments.
For organisations focusing their attention on cloud migration, there is also the risk that security around ageing infrastructure and little-used legacy systems can be overlooked.
In addition, there is a massive skills gap in cyber security globally, and South Africa is not excluded. Gaps in skills means gaps in security defences, and unfortunately, this challenge is growing.
Preparing for the unexpected
One thing to remember is that cyber criminals focus all of their attention on creating the perfect scenario to get to your data: this is all they do.
In contrast, many organisations are primarily focused on running the business in uncertain times, only giving security a second thought now and again. Going forward, no organisation can afford to let security remain an afterthought.
Coping with the changing cyber attack patterns will demand flexibility, continual reinforcement of cyber security policies, procedures and technologies, and ongoing training and awareness.
A key step in mitigating risk is to identify and address vulnerabilities in people, processes and technologies, by running regular penetration tests and audits of the environment.
Training is crucial and security awareness must be entrenched across the remote workforce.
Because the threat landscape changes almost daily, it is vital to do those things regularly.
Organisations also need to increase their cyber security skills resources – either through in-house skills development or through partnerships with expert service providers; and they must leverage advanced technologies such as automation and AI, which allow a system to simulate and learn faster than any human mind could.