2020 was not only a turbulent year from the IT security perspective. Security officers will continue to be busy securing existing remote workplaces in 2021. Michael Scheffler from Varonis Systems explains the IT security trends that will shape this year.
While many people working in the home office look forward to an hour more sleep because they no longer have to commute to work, secured devices in insecure home networks tend to cause the security teams sleepless nights – not to mention the unmanaged private devices. The secure implementation of the “New Normal” will not be the only challenge to the IT security trends in 2021.
Netwalker took the Ransomware-as-a-Service model to a new level in 2020, and this business model will certainly continue to gain in importance in the new year. Nevertheless, we expect further development in the malware-as-a-service market with tailor-made exploits in the next year. The security researchers of the Varonis Incident Response team have already been able to identify tailor-made malware in use against companies – with a variant that was only put together for the “customer” one day before the attack.
It works like the classic men’s outfitter: As with a full-size suit, all customer requests are taken into account, and small changes are made to satisfy the client. However, with devastating consequences for the companies affected. Due to the enormous “chances of success”, we expect attacks based on this model to increase in 2021.
Artificial intelligence is no longer a hype topic but is increasingly forming the basis of advanced security solutions. But cybercriminals are also increasingly relying on artificial intelligence to automate attacks and orchestrate responses to the protective mechanisms they encounter in their victims. This arms race between offensive and defensive AI has been observed and will intensify further in 2021.
The cloud is not only being used more and more by companies but also by cybercriminals. Security officers have to face these new attack vectors and the associated challenges and take immediate action. It’s time to move away from isolated approaches, build collaboration between security and compliance teams, and put data at the heart of your security strategy. Only if they can control data access, recognize precisely who is accessing which data, and when can they protect them effectively and sustainably, regardless of the way the attackers use their target – the valuable company data – want to achieve.
And these paths are becoming more numerous. In addition to the cloud and the “classic” attack vectors such as phishing emails, malicious websites and apps or the exploitation of vulnerabilities, attackers are increasingly using IoT devices to gain access to company networks. With the increasing 5G network expansion, the attack surface is also increasing enormously. But even if we are dealing with new approaches and technologies, the targets of the attackers are still the same: Cybercriminals usually target data.
In this respect, it is also true that the data must be protected, especially since the perimeter is disappearing more and more and the control of the endpoints and network access points is becoming more and more difficult or even impossible due to the sheer volume.
When your two year mobile phone contract comes to an end, you might find yourself… Read More
In an era where business dynamics shift with dizzying speed, the difference between success and… Read More
Introduction Generative AI and Machine Learning models have exploded in recent times, and organizations and… Read More
Quick advances in information science are opening up additional opportunities for organizations. They can extend… Read More
When thinking about the future, financial stability is an important factor that provides us with… Read More
It may have been a long time since you had to pull a handle on… Read More