The rise in cyberattacks has led all businesses to enforce identity verification systems in the customer onboarding process. Damien Martin, an Executive at AI-powered identity verification service provider Shufti Pro, claims that the trend will increase in 2021 as well. He adds that apart from the trend of identity verification during the customer onboarding process, there’s an on-premises service that will gain more popularity in the coming year or so.
Martin further emphasizes his point by saying that data breaches have increased over time and none of the organizations are safe. The trend for on-premises service will increase in 2021 for sure. An on-premises service allows businesses to maintain the confidentiality of their customers’ information and only selected people can access it. This contributes to an extra layer of security to protect the company from data breach, ransomware, or malware attack.
This forecast by Mr. Martin got us thinking more about the future of the industry, which is why we’ve asked help from some of our friends about what lies ahead in the wide world of cybersecurity. Here are their answers:
Secure Remote Access for Employees Will Be a Top Priority
The highest priority is to secure remote access for employees. We’ve seen numerous organizations fall victim to ransomware via an exploited Windows Remote Desktop Protocol (RDP) session, which allows threat actors to not only access an internal network, but also move within it and implement their own tools/settings/privileges.
One of the most important, and also the most cost-effective ways to improve security posture would be to update all tools and software, and ideally, setting up automatic updates. Being sure to pay attention to firewalls, exchange services, or anything that can be accessed from the outside world (the public internet) to the internal network can help thwart a threat actor.
For a more technical safeguard, we recommend securing access to a remote workforce via a Virtual Private Network (VPN) and protecting each user account with Multi-Factor Authentication (MFA). If access to an organization’s network is only protected with a set of username/password credentials, we’ve seen repeatedly that this is not enough.
Threat actors have the means to attempt brute force attacks or buy credentials on the dark web, so MFA becomes a required second barrier to protect all accounts that access a network. These safeguards are meant for CIOs or IT leaders; they are what can keep technological infrastructure protected, while security awareness training can keep employees protected and aware of the latest threats.
– Nathan Little, Senior Vice President of Digital Forensics and Incident Response, Tetra Defense
Work-From-Home Will Be More Vigilant and Conscious About Online Threats
With almost every company transitioning to remote work, it’s not difficult to guess that attackers will look into remote companies as their new prey. Besides strengthening their cybersecurity systems, one trend that we’ll see from employees is that they’re now going to be more vigilant with what files to receive and open and that these companies are going to use data to their advantage.
Paying attention to one’s data can help one detect suspicious behavior and prevent it from taking a step further. This discipline along with the development in tech will be companies’ way of protecting themselves against attacks.
– Simon Elkjær, Chief Marketing Officer, avXperten
More and More People Will Put a Premium on Overall Internet Safety
Remote Access Security
While the ongoing global pandemic has forced us to start remote working, cybersecurity is still playing catch up game. Cyber criminals have identified multiple fresh attack vectors to target remote working products.
Looking at the major vulnerabilities found in almost all major vendors involved with VPN, remote infrastructure connectivity products, risks are evident and bound to grow. Secure communications, secure cloud usage and secure mobile device usage are the top headaches for security teams.
Supply Chain Attacks
SolarWinds issue is an eye opener example in the last week or so—showing us no one is immune. As this story is still unfolding in terms of how many organizations have been impacted, supply chain risks are no privy to causing massive damages.
The underlying concept that if a software is in use from a big software company shouldn’t be used as a ‘trusted’ product. This is what caused the entire cyber avalanche we see in front of us. We shall see the rise of this attack vector due to sheer lack of security and privacy strictness.
The Internet of Things landscape is rising for cyber-attacks at large scale. This has been a blind spot for many organizations and combining it with supply chain attack is a recipe for cyber pandemic level risk. It is a strong probability that IoT exploits will make headlines in 2021, due to attackers already using this vector for Denial of Service attacks or compromising companies in order to exfiltrate data.
– Harman Singh, Director, Cyphere