As 2020 is finally and fortunately coming to an end, here at Bitdefender, we’re already exploring what will happen next year and getting our defenses ready. While our crystal ball might not be perfect, here is a shortlist of what we expect in the 2021 cyber-threat landscape:
- Organizations don’t want to be caught off-guard again by a COVID-like crisis
- Most industries believe work-from-home is here to stay and are prearing to invest accordingly in security
- Some industries will invest way over 100 percent in their IT departments
- Advanced targeted threats are designed with a defined purpose to infect and remain undetected in a network over a prolonged period
- Endpoint Protection has fundamental limitations as advanced threats easily circumvent traditional defenses by using varied tactics, techniques and procedures (TTPs)
- Bitdefender Endpoint Detection and Response (EDR) provides superior performance, security analytics and incident management capabilities to enjoy a privileged spot amongst competition
- 23% admitted experiencing a remote attack or disruption since the beginning of the pandemic
- The greatest perceived threats are malware and insider threats
- 29% of security seniors said they have invested in new tools but still feel inadequately protected
- Employees are 85% more likely today to leak files than pre-COVID
- 59% of IT security leaders say insider threat will increase or ‘significantly’ increase in the next two years
- More than half of organizations have no insider risk response plan
- 40% of organizations don’t assess how effectively their technologies mitigate insider threats
The recent breaches making headlines is a stark reminder that no organization is immune to cyberattacks. We firmly stand by FireEye and SolarWinds and commend them for their transparency and rapid response to help minimize impact to those affected. Like us, they fight the good fight.
- Nearly a quarter of organizations worry about security risks introduced by users working from home
- Only 27% reported full or complete visibility into user activity
- Users are mixing personal and corporate use on their work laptops and are more susceptible to phishing attacks at home
The security landscape, as well as the fast-growing market behind it, can be highly unpredictable. From adaptable threats to surges in demand, there are countless ways your company can be caught off guard. And never was this trend more visible than in the past year, when the increase in remote work prompted an avalanche of cyber threats.
- Demand for digital transformation is driving low code development platforms.
- While line-of-business workers creating software alleviates development team burdens, it can increase risk.
- Enterprises must ensure that they are managing all apps in their portfolio.
While economies were slowed down by the recent health crisis, the same cannot be said about cyber crime. Threat actors used this period as a proving ground, a time to test and perfect their tools. As the ‘’digital continuum’’ became a reality, cyber attacks diversified and exploited new ways of compromising systems.
- Attackers spoof the Microsoft.com domain
- Lookalike websites used to steal credentials
- Microsoft doesn’t implement the DMARC protocol
-
With malware increasingly adopting the “as-a-service” business model, Advanced Persistent Threat (APT) groups that have traditionally been state sponsored, may see tremendous value in using the business model as well.
-
Organizations of all sizes and verticals should consider evaluating and updating their threat models to include APTs, or risk falling victim to data breaches and industrial espionage.
