Site icon IT World Canada

More 2021 cybersecurity predictions: ‘Every service without MFA will suffer a breach’

Howard Solomon
Arrow directing right

Source: amtitus | Getty Images

Dozens of cybersecurity-related vendors showered us with predictions for 2021. We’ve compiled predictions from experts representing more than 40 vendors.

Ivan Orsanic, regional vice-president and country manager, Palo Alto Networks:

We have one big prediction for 2021: COVID-19 will continue to dominate the cybersecurity landscape as fallout from the pandemic causes wide-ranging disruption to our digital lives — at work and at home.

Shelter-in-place orders and travel restrictions imposed in early 2020 forced Canadian organizations to quickly revamp their IT operations to provide remote access to employees, partners and customers. The move allowed them to stay in business, while also introducing new security threats.

Here’s how we expect this to play out over the coming year as Canadians have adapted to remote everything — work, education, healthcare, etc.

Mike Lloyd, chief technology officer, RedSeal

Dave Padmos, EY Americas technology, media and entertainment, and telecommunications (TMT) industry leader

Greg Wolfond, CEO, Toronto-based SecureKey

We anticipate an exponential increase in the use-cases of digital ID across every industry. In-person processes like purchasing a home or checking healthcare information can now be safely completed virtually, and we expect this trend to continue long into the future. COVID-19 initiated a refreshed appreciation for and understanding of the value in doing digital ID right. the launch of the Digital ID Authentiation Council of Canada’s PCTF launch is an excellent example of the holistic approach we need to champion. Although the future remains as uncertain as ever, one thing is clear – digital ID ecosystems like Verified.Me have set the stage for the evolution of our industry on a global scale.

Bob Botezatu, director of threat research, Bitdefender

Firmware attacks become mainstream. As competition in the cybercrime world tightens, malware operators will increasingly focus on burying their creations deeper into compromised systems. Attacks against firmware previously thought of as extremely complex and difficult to achieve, will likely become mainstream in 2021. Abuse of tools like RwEverything might lead to a significant increase in firmware attacks, particularly on systems where the manufacturer hasn’t correctly configured the firmware to block unauthorized rewrites. Ransomware authors may also target device firmware to block devices and render a system unusable until victims pay the ransom. Investigations we have worked on this year have also revealed a significant increase in malware targeting misconfigured or inadvertently exposed micro containers. We expect to see an increase in compromised containers used for anything from crypto-currency miners to pivots in the network.

Rasmus Holst, chief revenue officer of Wire

Adam Caudill, a principal security engineer at 1Password

James Carder, chief security officer for LogRhythm

Security predictions from Wandera

Shai Morag, CEO of cloud identity and access security provider Ermetic.

John Hammond, senior security researcher, Huntress Labs

Ryan Corey, co-founder and CEO, Cybrary

Cybersecurity training is now being conducted online more than ever before and it’s highly unlikely to return to the traditional model in 2021. Not only is working from home here to stay, but so is training from home. 2021 will also likely show an increased emphasis by hiring managers and SOC managers on improving training options within their respective organizations in order to scale current employees’ career tracks.

Ken Underhill, Cybrary Master Instructor adds this: We may see some AI poisoning attacks in the wild where attackers are injecting bad data, which causes the algorithm to learn the wrong “lesson” from the data. It will also be interesting to keep an eye on insider threats and if they increase next year, given many people around the world are hurting financially because of the pandemic.

I also don’t think we will see any significant reduction in the skills gap, even though we see organizations and the government throwing millions of dollars at the problem. Until “entry-level” roles stop asking for 2-3 years of experience, certifications like CISSP and have real salaries instead of a minimum wage, the positions won’t be filled.

Jonathan Reiber, senior director of cybersecurity strategy and policy at AttackIQ

Keith Neilson, Technical Evangelist for CloudSphere

Mike Riemer, chief security architect at Pulse Secure

David Wolpoff, CTO and co-founder at Randori

Tim Sadler, CEO of Tessian

Remote work – in some form – will stay. So instead of just securing networks and endpoints, CISOs must consider how their 2021 strategy will protect their remote workers, while empowering them to work productively and flexibly. All too often, security solutions can stand in the way of people getting their work done, and they’ll quickly find unsafe workarounds. Companies must make security as flexible as their people in 2021.

Renaud Deraison, CTO at Tenable

Generations Z and Alpha are arguably the most tech-savvy of any generation before them. I suspect this virtual crash course in all things technology will bring about a more cyber-conscious generation that will understand and appreciate technology on a deeper level. We should take this as an opportunity to meet the skills gap challenge head-on by bringing cybersecurity into classrooms as early as possible. This means ensuring we’re not only making cybersecurity accessible to all students, but actively encouraging boys and girls, especially students of color, from all walks of life to pursue the field. The security challenges of tomorrow cannot be solved in a vacuum and will require diversity of thought and experience to truly be effective.

Curtis Simpson, CISO at Armis

Botnets pose the single largest security threat in 2021. We will continue to see highly detrimental botnet attacks but likely ever more focused on supply chain weaknesses exposed by the pandemic. In parallel, we will see botnets continue to grow exponentially through the exploitation of consumer devices. With more people working from home it’s more likely than ever that information stolen from consumer networks can be used to break into the larger prize: enterprises and governments.

Brian Fox, CTO at Sonatype

Hybrid software attacks will spike, especially impacting COVID-19 related sector. Year after year, ourreports show developers continue to download hundreds of millions of vulnerable code components from open source repositories, resulting in supply chain attacks across government, financial and business institutions. The recent Octopus Scanner Malware breach alerted us that attackers were mixing techniques from the ‘90s with modern tooling to recycle older virus-like behaviours in new domains. I predict we’ll see an increase in hybrid attacks on the software supply chain, especially across the healthcare, financial, and political sectors – those most affected by the COVID-19 pandemic.

Robert Prigge, CEO of Jumio

Emil Sayegh, CEO of Ntirety

Grady  Summers, EVP Product at SailPoint

The remote workforce appears to be putting organizations at a greater risk of data breaches, IP theft, and illegal access through company and personal devices. In the first six months of the pandemic, 48 per cent of total U.S. knowledge workers said they had experienced targeted phishing emails, calls, or texts in a personal or professional capacity – this number will only continue to grow. If these risks are not addressed, 2021 will be yet another year where we say, “the threat landscape continues to become more complex”—a phrase that I feel we’ve been (justifiably) repeating for the last decade.

Gaurav Banga, CEO of Balbix

Drew Daniels, CIO and CISO at Druva

While all organizations remain at risk in part due to the work from home, I believe healthcare will be the most targeted industry in the next year. In 2021, ransomware will target healthcare even more so than in 2020. As R&D organizations scramble to find a vaccine for the COVID-19 pandemic, ransomware threat actors will similarly be scrambling to make a profit even more so than before. Threat actors will be targeting medical research laboratories, big pharma, biotechnology companies and any third party companies that healthcare works with, as these organizations will likely be storing the patient data being analyzed in order to create a vaccine. Biotechnology, pharma and medical organizations will have to step up their cybersecurity posture in order to keep up with the wave of new attacks. It will no longer be an option, especially given the pressure for coming up with a vaccine that is tested and safe.

Robert Capps, vice-president, marketplace innovation at NuData Security

Michael Rezek, vice-president of cybersecurity strategy at Accedian

As IT teams build out their 2021 cybersecurity strategy, they should look most critically to network detection & response solutions (NDR), and other complementary solutions like endpoint security platforms that can detect advanced persistent threats (APT) and malware. For smaller companies, managed security services such as managed defense and response are also good options. However, a comprehensive security strategy must also include educating all employees about these threats and what to watch out for. Simple cybersecurity practices like varying and updating passwords and not clicking on suspicious links can go a long way in defending against ransomware. Perhaps most importantly, since no security plan is foolproof, companies should have a plan in the event of a ransomware attack. This is especially important since attackers might perform months of reconnaissance before actually striking. Having a plan and the forensic data to back it up will ensure your organization and its reputation are protected.

Jon Toor, CMO for Cloudian

Ransom will be taken out of ransomware in 2021. As remote work and learning continues into 2021, ransomware attacks will become more manageable as enterprises will opt for immutable backup data repositories on top of perimeter security solutions. This ensures they can restore a clean copy of data in the event of an attack, without needing to pay the ransom. Ransomware will no longer be a potential catastrophe, causing downtime rather than an existential threat of date being held hostage for exorbitant sums.

Matt Tyrer, senior manager, solutions marketing at Commvault

Organizations finally realize they need a business continuity plan for ransomware attacks. As recent ransomware attacks on hospitals that halted radiation treatments for some cancer patients demonstrate, despite organizations’ best efforts, it is impossible for security solutions to be 100 per cent effective. As organizations finally come around to realizing that no security system is perfect, they are now asking themselves not what they will do if a ransomware or other cyberattack locks or destroys their data, but when. The answer to this question is to have a business continuity plan in place that accounts for a ransomware or other cyberattack, allowing the organization to recover from the attack quickly, so that any disruption to their operations is minimal. Next year, expect to see organizations finally start working to ensure they have in place the business continuity processes and disaster recovery solutions they need to rapidly recover not just from natural disasters, but malicious cyberattack disasters as well – helping them transform ransomware attacks from three-car pileups into mere bumps in the road.

Joe Partlow, CTO ReliaQuest 

Ransomware payments will go underground: Ransomware payouts have increased significantly over the past 12 months. To compound this, the U.S. Treasury Department recently warned that firms that negotiate with ransomware extortionists could face steep fines from the federal government if the crooks who profit from the attack are already under economic sanctions. In response, we will see ransomware payments go underground in 2021 and beyond. Companies will take whatever measures necessary to regain access to critical systems and data to keep the business running, regardless of government regulations.

 Florindo Gallicchio, managing director at NetSPI

-More security teams will pivot from a compliance-based security approach to a risk-based security approach. Financial institutions will continue leading in risk-based security, but we can expect to see increased adoption in the retail industry. This pivot is being triggered by increased visibility into risks and security programs, better documentation, and more efficient opportunities to present risk to the business leaders.

Fredrik Forslund, vice-president of Cloud and Data Center Erasure at Blancco

-Data privacy fines are not going away, despite current conditions. Companies globally are working in a new and unfamiliar distributed working environment, which brings new data privacy challenges. Now is the time to be cautious. Data privacy regulation, alongside the threat of fines and reputational damage, will continue to drive businesses to act on data privacy in 2021. Organizations must ensure their data management policy is adapted to fit the “new normal”. This means ensuring that all IT assets handling sensitive data are tracked and dealt with securely upon end of life.

Jasen Meece, CEO of Cloudentity

A Zero Trust Framework is No Longer Optional for Enterprises.  There’s no doubt that COVID-19 and the shift to remote work have accelerated Zero Trust adoption in the enterprise. In 2021 and the following years implementing a Zero Trust approach will become essential to protecting every enterprise, regardless of industry. This is due to the increasing volume of cyber threats that organizations and individuals face on a regular basis, and human error remains one of the top causes of security breaches. In fact, roughly one-quarter of all data breaches are caused by human error, with the average cost of US$3.92 million for each breach, according to a report from the Ponemon Institute. As a result of this growing issue, the Zero Trust Model will become the new standard, in which all users, even those inside the organization’s enterprise network, must be authenticated and authorized before being able to access apps and data.

Jason Crabtree, CEO and Co-Founder at QOMPLX

In 2021 attackers will continue to use Kerberos- and SAML-based authentication forgeries, as demonstrated in SolarWinds Orion Sunburst breach, to move laterally and persist surreptitiously inside target networks.  IT leaders will need to further emphasize disabling the fundamentally secure NTLM protocol and focus on stateful validation of Kerberos and SAML to reduce risk of more forged authentication events that give attackers the keys to the kingdom.

Predictions from OneSpan

Digital identity based on self-sovereign identity leveraging blockchain will emerge. The development of a decentralized or self-sovereign identity will bring a complete evolution to the digital identity space. We’ll see the development of digital ID fully under the control of the user securely stored in mobile devices within a digital wallet. The complete ecosystem available for both public and private sector will leverage distributed ledger technology as source of trust. We will also see the development of a standard protocol for issuing, ordering and verifying digital identities. By combining blockchain technology with standardization that can be made by regulators, self-sovereign identities will become the future of what today is a physical identity document.

WatchGuard’s 2021 cybersecurity predictions

Cybercriminals will find new and innovative ways to attack individuals, their homes and devices, in order to find a path to your trusted corporate network. The global pandemic has rapidly accelerated the existing shift toward remote work, where employees operate beyond the protection of the corporate firewall. In turn, hackers will exploit vulnerabilities found in the gaps between people, their devices, and the corporate network:

Exit mobile version