2020 was not only a turbulent year from the IT security perspective. Security officers will continue to be busy securing existing remote workplaces in 2021. Michael Scheffler from Varonis Systems explains the IT security trends that will shape this year.
While many people working in the home office look forward to an hour more sleep because they no longer have to commute to work, secured devices in insecure home networks tend to cause the security teams sleepless nights – not to mention the unmanaged private devices. The secure implementation of the “New Normal” will not be the only challenge to the IT security trends in 2021.
IT Security Trends: Malware Is Increasingly Being Made To Measure
Netwalker took the Ransomware-as-a-Service model to a new level in 2020, and this business model will certainly continue to gain in importance in the new year. Nevertheless, we expect further development in the malware-as-a-service market with tailor-made exploits in the next year. The security researchers of the Varonis Incident Response team have already been able to identify tailor-made malware in use against companies – with a variant that was only put together for the “customer” one day before the attack.
It works like the classic men’s outfitter: As with a full-size suit, all customer requests are taken into account, and small changes are made to satisfy the client. However, with devastating consequences for the companies affected. Due to the enormous “chances of success”, we expect attacks based on this model to increase in 2021.
The Arms Race For The Best AI Engine And Dark Clouds
Artificial intelligence is no longer a hype topic but is increasingly forming the basis of advanced security solutions. But cybercriminals are also increasingly relying on artificial intelligence to automate attacks and orchestrate responses to the protective mechanisms they encounter in their victims. This arms race between offensive and defensive AI has been observed and will intensify further in 2021.
The cloud is not only being used more and more by companies but also by cybercriminals. Security officers have to face these new attack vectors and the associated challenges and take immediate action. It’s time to move away from isolated approaches, build collaboration between security and compliance teams, and put data at the heart of your security strategy. Only if they can control data access, recognize precisely who is accessing which data, and when can they protect them effectively and sustainably, regardless of the way the attackers use their target – the valuable company data – want to achieve.
IT Security Trends: There Are More And More Gateways
And these paths are becoming more numerous. In addition to the cloud and the “classic” attack vectors such as phishing emails, malicious websites and apps or the exploitation of vulnerabilities, attackers are increasingly using IoT devices to gain access to company networks. With the increasing 5G network expansion, the attack surface is also increasing enormously. But even if we are dealing with new approaches and technologies, the targets of the attackers are still the same: Cybercriminals usually target data.
In this respect, it is also true that the data must be protected, especially since the perimeter is disappearing more and more and the control of the endpoints and network access points is becoming more and more difficult or even impossible due to the sheer volume.