To say that 2020 has been a challenging year across many fronts may well be an understatement. And those who run SMBs or who work in IT teams have had the added disruption of increasing cybersecurity attacks and managing remote work environments. The Covid-19 pandemic has certainly been a wake-up call, but what about next year? Will 2021 be as bad? Is there hope on the IT management and cybersecurity front?
One way to make sure that whatever 2021 brings to challenge a business, the way to cope is by being prepared. Knowing what you are up against is a positive and proactive way to manage disruption. Here Wendego offers a view of what to watch out for in 2021, along with a few ideas of how to minimize any impact.
5 cybersecurity and IT management trends in 2021
After a year that will go down in history for the rise of the online meeting platform and loungewear for work, what does 2021 have in store for businesses, security, and keeping up with technology changes? Here are our five trends to take note of in 2021:
Remote working to continue
The Covid-19 pandemic is far from over, although hope, in the form of a vaccine, is now being rolled out across the U.S. However, remote working looks like it may be here to stay for many businesses, at least part-time. A poll of 1000 companies found that many organizations plan to cut commercial office space by 40-60% and move to a ‘hub and spoke’ model of working. The plan is to allow employees to work on a part-time basis from home, going forward. The impact of this change in working conditions was felt acutely by the IT department in 2020. This included server migration challenges from local to cloud hosting, hardening of cloud apps, including the much-targeted Microsoft 365, and the use of VPNs and other remote work security measures.
Cybercriminals will continue to target remote workers believing that remote equates to less secure. In 2021, security measures will be needed more than ever, even if employees only part-time remotely.
Ransomware – will it ever end?
Ransomware is always a thorn in the side of organizations the world over. In Q3 2020, alone, there was a 40% increase in ransomware attacks, which is about 200 million infections across the world. The Global State of Ransomware Report, that Wendego reported on earlier this year, found that remote work has increased ransomware attacks and is targeting Managed Service Providers (MSPs) as well as their clients, with 95% of MSPs agreeing their business has been at increased risk of ransomware.
Ransomware is very successful, so it will likely continue to trend in 2021. Research from Sophos has identified evolving ransomware as a serious threat in 2021, with older strains such as Ryuk changing tactics to evade detection. Also, ransom costs may well increase, with researchers finding large increases in payouts, from an average of $84,116 in 2019 to as much as $233,817.30 in 2020. Ransomware mitigation continues to require a mix of measures, including Business Continuity and Disaster Recovery (BCDR) and phishing prevention.
Identity and Zero Trust
Many security and privacy issues begin and end with digital identity. Ensuring that the right person has access to the right resources has been a challenge for security during remote working as well as for general IT management. The principle of least privilege is encapsulated in the concept of ‘Zero Trust’ or ‘never trust, always verify’. The idea behind Zero Trust is to set up an ecosystem of measures that enforce access controls that work to ensure least privilege is upheld. This includes using robust authentication measures such as multi-factor authentication and recognizing that devices, as well as people, need protection. Measures such as network monitoring and endpoint detection and response tools can help to create a Zero Trust environment. As 2021 pans out, having a Zero Trust approach to security may save many from data breaches and manage general employee access to corporate data.
Phishing, the cybercriminals’ favorite
Phishing seems to be the proverbial go-to tool for cybercriminals, being used in 90% of data breaches. It is successful too, as 1 in 3 employees click on a malicious link in a phishing email. Research from Google, PayPal, Samsung, and Arizona State University into phishing, concluded that the use of proactive mitigation and an extended anti-phishing ecosystem is needed to help prevent the sophisticated and complex phishing campaigns organizations have dealt with in 2020.
The takeaway from this research and others is that dealing with the omnipresence of phishing takes a multi-layered approach, with the use of security awareness training as well as best-of-breed tools. The SMB can use the services of an MSP to provide the latest in phishing prevention to ensure they have access to everything needed to prevent this insidious threat.
Cloud computing has become vital in a world where working from home has become the new normal. Analyst firm, IDG’s 2020 Cloud Computing Survey shows that 92% of companies are now ‘“somewhat” in the cloud. The Covid-19 pandemic has been a strong driver for this, making firms choose cloud apps to maintain business during the shift from office to home working. The adoption of ‘Desktop-as-a-Service’ was predicted to double in 2020 according to Gartner. Inc. DaaS allows remote employees to access their apps from home offices. As 2021 develops, the use of cloud apps and DaaS will continue to explode. Data from Flexera backs this up, finding that spending on cloud services is expected to increase, with Covid-19 continuing to drive use in 2021. However, Flexera caution this finding, showing that many organizations are over budget for cloud spend by an average of 23%. Cloud service providers and MSPs can help alleviate the pain of overspend by providing cloud apps at affordable pricing levels.
Managed services in 2021
Increasing costs during these challenging times will no doubt continue into 2021. This is where Managed Service Providers (MSPs) can step up to this challenge. An MSP is designed to provide best fit solutions for complex needs such as cloud migration and the mitigation of sophisticated ransomware threats, cost-effectively. 2021 may well be another difficult year with health challenges and business upheaval, but by using the right tools for the job, the trends and threats that this new year brings can be kept under control.