We’re all on our screens now more than ever, so cybersecurity has been at the forefront of our minds this year. It’s also no surprise that hacks and data breaches are on the rise, as companies and individuals scramble to strengthen their cybersecurity while people are working from home.
Now that things have settled down, let’s look to the year ahead. To help you anticipate the challenges you may face, we called on the experts at ESET to talk us through the 8 cybersecurity trends we’ll see in 2021.
#1 We’ll see more cybersecurity awareness training
Many businesses shifted to remote work with no warning during the pandemic. The healthcare and financial services industries have been hit the hardest, along with local governments. Some attacks are caused by human error and a lack of knowledge — in other words, employees don’t know what they don’t know.
Plus, many employees are using their personal computers for work, or their work computers for everything. The concept of “Bring Your Own Device” (BYOD) minimises costs and boosts employee flexibility, but it’s one of the top cyber threats of 2021.
The problem? Hackers usually only need to break into one remote worker’s system through an unsecured network or firewall to gain access to the entire company’s network.
With employees choosing to work from home into the new year, businesses will start stepping up their training game and strengthening their security measures. Cybersecurity awareness training teaches employees to secure their networks and devices, and how to recognise red flags. It can go a long way in preventing identity theft, hacks and malware that can leave a company vulnerable.
Along with putting sophisticated IT protocols in place, set up a formal training that walks your staff members though the latest trends in network security:
- Give your home internet network a name that isn’t connected to you. Your WiFi network’s name or Service Set Identifier (SSDI) should be obscure and hard for hackers to guess. So, instead of calling it “John’s house,” go for something random.
- Create strong passwords, and change them every 60 days. Use phrases that are impossible to guess instead of singular words, and include a mix of numbers, special characters, and capital letters.
- Update your security settings. To encrypt data, go to your network settings and choose WiFi-Protected Access 2 for your network (also known as WPA2). Then, choose AES for your algorithm.
- Accept all software updates. Require staff members to download software updates as soon as they get a notification. Every update releases patches to fix flaws, so it’s important to stay on top of them.
- Allow your router’s firewall to block unauthorized access to your network. Most routers have a built-in firewall to filter the traffic entering and exiting your network and prevent cybercriminals from hacking your WiFi. If your router doesn’t have this software, it’s worth investing in a separate firewall.
#2 We’ll ramp up data protection and privacy
Data is every crybercriminal’s currency because they can sell it on the Dark Web. Any person or business who has huge amounts of sensitive data saved on their systems is a target.
For example, healthcare companies have tons of personally identifiable information about their patients, such as their full names, emails, addresses, driver’s license numbers and medical histories. If a hacker gets their hands on this data, they can carry out an identity theft or install ransomware.
To prevent a data breach, follow these tips:
- Encrypt all data. Most computers, laptops and mobile devices have operating systems that fully encrypt stored data and protect it from unauthorised access. You can look into third-party, cloud-based systems, too.
- Back up everything, twice! Aim to maintain two encrypted backups: one on an external hard drive or flash drive, and another on the cloud. That way, you’ll be able to recover lost or corrupted data if you fall victim to a cyberattack.
- Connect to a Virtual Private Network (VPN). A VPN will secure your network by encrypting the data you send and receive and hiding your IP address to increase your online privacy. Employers should also offer to set up VPNs for their remote workers.
- Have strict policies for third-party data. A lot of companies rely on third-party data, and either use or sell it. As a consumer, be sure to read the fine print so you know how your data will be used. And as a company, give customers the option to opt out of data sharing, and always, always notify them if there’s been a data breach.
#3 We’ll put anti-phishing measures in place
If we look at 2020 cybersecurity statistics, phishing attacks have been the most pervasive threat this year, and it’s no secret why. Cybercriminals are taking advantage of people being online more than ever, and creating sophisticated email scams.
We’re also noticing that phishing emails are becoming more personalised, localised and geo-targeted. In plain English? Cybercriminals are sending emails that feel like they were made for us.
There are two key ways to combat phishing attempts: education and software.
The best advice is to never open emails from unknown senders. Instead, mark it as spam and report it or send it to your company’s IT department for investigation. And if you do open an email you thought was from a trusted sender, avoid replying or clicking on any links or attachments. They could be malicious. For example, there was a recent email scam that tried to trick healthcare workers into signing up for a delivery of Personal Protective Equipment (PPE) — but it really installed malware on computers.
As for software, choose a subscription software like ESET Secure Business that offers a multi-layered defence against a range of cyberattacks, including phishing emails, and has a remote security management feature,.
#4 Multi-factor authentication will be the norm
Most of us are used to entering a single password to access our email, an app or software programs like Slack and Jira. But with cyberattacks on the rise, that’s not enough.
Multi-factor authentication (MFA) requires you to provide at least two forms of verification to log in. For example, you might need to type in a password, and then enter a code they received via email or text.
This cybersecurity trend may add an extra step to your routine, but it blocks 100% of automated attacks, according to Google!
#5 We’ll migrate to the cloud
The cloud is nothing new, but we’re going to see more individuals and businesses moving their data to these systems with the help of cloud management software. These services provide infrastructure-as-a-service (IaaS) and built-in security protocols, plus they cut down overhead costs.
That being said, most cloud services don’t offer secure encryption, authentication or audit logging, and some can’t separate each user’s data from others sharing the cloud share. To avoid leaving the door open for “cloud jackers,” it’s a good idea to tighten cloud security with a sophisticated software program like ESET Cloud Office Security. It will properly configure cloud security so cybercriminals can’t bypass internal policies and access sensitive information. It also helps with predictive security, which means it pinpoints attacks before they happen.
#6 Businesses will protect their customers’ identity
Thanks to the pandemic, many businesses struggled a lot this year to turn profits and attract customers. Heading into 2021, they’re going to boost customer and brand loyalty by making the shopping process seamless and more secure.
To do this, they’ll invest in customer identity and access management (CIAM). These systems are designed to help businesses verify customers’ identity while protecting their data and making sure they have a positive experience at the same time.
CIAM manages and controls users’ access to sites, services and apps, and allows customers to register and manage their accounts on their own. Some systems also use biometrics to protect personal data, such as facial recognition log-ins.
#7 We’ll stay on top of 5G cybersecurity concerns
As the fifth generation of mobile networks and technologies, 5G is one of the most exciting tech developments in decades. It stands out for its lightning-fast speed, and is set to transmit data and communication three times faster than 4G. It also has the ability to connect more people and devices and impact all global industries.
The catch? Since 5G is a completely new infrastructure, we’ll need new cybersecurity systems to match.
While 5G is slowly being rolled out around the world, cybersecurity experts are buckling down to work out how to protect 5G systems from vulnerabilities. Until we know more cybersecurity news, it’s important to make sure all your IoT devices have full-featured, endpoint protection.
#8 We’ll start using the IoT
The Internet of Things (IoT) describes the network of physical objects — aka “things” — that are kitted out with sensors and software to connect and exchange data with other devices over the internet.
It’s a hot topic right now because 5G will attach tens of billions of hackable devices to the IoT. On one hand, this will make it easier for our devices and systems to communicate with each other, but it also means cybercriminals have more opportunities to launch an attack. If they manage to hack into your system, they could infiltrate multiple devices at once.
In 2021, we’ll see individuals and businesses explore the benefits and drawbacks of IoT to decide how they want to use it — and to what extent.
Get a head start on your 2021 cybersecurity!
By anticipating the trends in cybersecurity, you will only be more prepared for 2021 – and you can start improving the security of your business ahead of everyone else. To help you keep your company safe in 2021, ESET’s Remote Workforce Offer is a very cost-effective package including everything you need to protect your business data from attacks. Switch to an award-winning security partner that won’t let you down in 2021!