Bridewell Consulting, an independent cybersecurity and data privacy consultancy, has issued some cautionary advice for businesses as it sets out its top six predictions that will impact cybersecurity in 2021.
1) Sustained remote working provides new challenges – As a result of the Covid-19 crisis, increased home and remote working, decentralised workforces and outsourcing of skill sets are all contributing to a huge increase in connected devices. This in turn increases the number of risks associated with centralised data and infrastructures, as well as vulnerabilities around multiple access points. In 2021, cybersecurity will be even more difficult to ensure as the attack surface is bigger and the measures to implement and control security and data policies are often lacking in a remote environment.
2) Death by cyber attack – A major concern is that the UK may start to see the first deaths associated with a cyber attack, as hospitals are stretched and attackers are continuing to target healthcare. The sector is particularly at risk due to the massive economic and operational impacts it is currently suffering and sadly we have already seen such a case in Germany. A homicide investigation was launched after a patient died in a Düsseldorf hospital which had its systems knocked by a cyber-attack. If this leads to a prosecution, it would be the first confirmed case in which anyone has died as the direct consequence of a cyber attack.
3) The evolving threat – Another impact of remote working will be more organisations relying on IoT devices for measuring and monitoring processes. With the continued expansion of IoT, along with the rollout of 5G, cyber attackers will be relishing the growing opportunity to compromise systems and networks, as even more devices become connected to the internet. Organisations still need to adequately segregate insecure IoT and 5G-enabled devices from the rest of their network. In healthcare, for example, wearable IoT sensors enable remote patient monitoring, so unsecure devices could facilitate the misuse of sensitive patient data.
4) Detection, not just protection – Despite these new threats there are hopeful signs that the sophistication of defensive security will finally catch-up with its offensive counterparts due to new innovation and capabilities. Technical cyber defence will still be of uppermost importance, along with the need to focus on detection of cyber threats, not purely protection and prevention. Over the next year there is likely to be an acceleration in the use of Cloud SIEM, with human guided threat hunting, supported by machine learning-powered SIEM tools like Azure Sentinel, helping to uncover infiltrators before they access sensitive data. This will be augmented by SOAR (Security Orchestration, Automation and Response) software programs that enable businesses to collect data about security threats, and automatically respond to low-level attacks. We also expect to see more use of UEBA (User and Event Behaviour Analytics) which uses machine learning and deep learning to model the behaviour of users on corporate networks and detect behaviour that could be the sign of a cyber attack.
5) Defending aviation from attack – Cybersecurity has been spotlighted by the World Economic Forum (WEF) as one of the biggest issues facing the aviation industry. The economic and operational impacts it is currently suffering mean this sector will be particularly at risk over the coming months. The most likely threats to aviation are from the same sorts of threats as other businesses, may they be phishing attempts, data breaches or ransomware. Although cybersecurity is being taken seriously in the boardroom, much work is still to be done to bolster aviation businesses cyber defences.
6) Business Email Compromise (BEC) isn’t going away – BEC will continue to be one of the most financially damaging online crimes and one of the most popular methods for criminal groups to make money. BEC scams exploits the fact that so many of us rely on email to conduct business, both personal and professional. We’ve likely all been targeted by this kind of attack in the past – an email message that appears to come from a known source making a legitimate request, such as a supplier a company regularly deals sending an invoice with an updated mailing address. Employees need to be constantly vigilant for this type of attack.
“During this period of high uncertainty across all sectors cyber threats are constantly evolving and with more people working remotely, the pandemic has only accelerated threats. Organisations need to be allocating more investment and resources to cybersecurity, not decreasing it, as the strongest possible level of protection is more important than ever,” says Anthony Young, director at Bridewell Consulting.