Virtualization Technology News and Information
Ivanti 2021 Predictions: What Organizations Can Expect to Occur in 2021

vmblog 2021 prediction series 

Industry executives and experts share their predictions for 2021.  Read them in this 13th annual series exclusive.

What Organizations Can Expect to Occur in 2021

By Mike Riemer, global chief technology officer of Ivanti

In 2020, we saw several attacks that surprised most of the industry, including a former U.S. president being hacked. As businesses added capacity to support remote office accessibility, companies had to cope with amplified security threats stemming from increased use of personal computing, home office and public networks, and cloud applications.

Unfortunately, we will likely see more security incidents next year including an uptick in bad actors capitalizing on the growth of 5G to execute coordinated attacks and a lack of segregation between company IoT/IIoT devices and the rest of the network. Below I dive deeper into what I expect may occur in 2021.

We will see an uptick in bad actors capitalizing on the growth of 5G to execute coordinated attacks   

2020 has reminded us how nimble cybercriminals can be. The rise in 5G devices and networks will undoubtedly catch the attention of consumers in the coming year, as cellphone carriers such as AT&T look to scale standalone deployment in 2021, and new products such as the iPhone 12 advertise 5G capabilities. The technology is predicted to completely transform the way we work and live by linking numerous aspects of our lives to faster and lower latency networks. The spotlight on this technological revolution will also draw the attention of state-sponsored and other cybercriminals, who will seek to develop sophisticated and aggressive plans of attack that can leverage the increase in network connectivity to carry out ransomware attacks.

Financial institutions will be the most at-risk industry for cloud-jacking

As companies across industries continue to move towards hybrid IT environments, the threat of cloud security breaches is at an all-time high. Financial institutions, which have traditionally been slower to adopt cloud technologies due to heavy regulations and security concerns, accelerated their digital transformations in 2020 as COVID-19 brought about new challenges. These businesses are now faced with a customer base seeking digital-first services, and they are leveraging cloud-based infrastructure to maintain customer satisfaction. As a result of this rapid transition to a hybrid cloud environment, we could see the cloud-jacking of a major financial institution that results in bad actors gaining control of highly sensitive customer information.

The Twitter employee hack is a sign of more sophisticated phishing scams to come

In July 2020, bad actors leveraged social engineering techniques, which involves manipulating people into giving up sensitive information, in order to pose as internal IT staff and convince Twitter employees working from home to enter their login information.  The phishing attack resulted in numerous high-profile Twitter accounts, like Barack Obama and Elon Musk, being hacked. Twitter was ultimately found to have insufficient internal controls and a lack of cybersecurity regulation, which contributed to the incident.

The brazen nature of the Twitter attack shows bad actors are using social engineering to raise the stakes, and we can expect to see more of these high-profile orchestrated events in 2021 as remote work continues and cyber criminals look for new, creative ways to infiltrate organizations. The incident represents a new focus on remote users and remote connectivity, whether through VPN tunnels or other remote connectivity forms. In response, companies must prepare now with the appropriate end-user education and adopt an adaptive risk and trust threat assessment mentality. This can be accomplished by adopting a Zero Trust approach founded on the principles of continuous verification and authorizations that allow organizations to have better visibility and insight into what is, and is not, typical behavior for an employee.

A lack of segregation between company IoT/IIoT devices and the rest of the network will result in an increase in breaches 

Most organizations have network-level, port-based security on IoT devices, but it's really the internet-connected operational technology (OT) assets that these devices are communicating with and this is where the security focus needs to be, especially since a lot of those OT systems are going to the cloud. We will see more hackers looking to infiltrate a host OT system on the web to gain access to various tenants. From there, these bad actors can go in and hit an IoT device on somebody's network and drop some sort of bot or ransomware on it that then goes after the internal systems.

In the Industrial Internet of Things (IIoT) market, which has been around a lot longer than the IoT market, devices also present a growing risk to organizations. These machines, which are used in manufacturing sectors and applications, have traditionally had a legacy connectivity to OT systems that has taken place outside of the internet. However, similar to the IoT market, we have seen the manufacturing move those OT systems to a cloud environment, opening up the entire organization to intruders.

Maintaining the security for OT systems is going to be critical, which is why companies must implement processes and technologies that ensure the IoT devices or IIoT devices talking to the OT systems are what they say they are and haven't been hijacked. It is important to ensure that any type of interaction happening between IIoT/IoT devices and OT systems occurs away from corporate content. This means setting up strict parameters to keep networks as secure as possible.

Automation will be the key to a successful cybersecurity program  

Amid the growing cybersecurity skills gap, the broader theme in 2021 will be the increased adoption of technology that capitalizes on artificial intelligence and machine learning to automate key security functions.

COVID-19 resulted in a massive, global shift to a remote workforce. However, next year we will enter a completely new normal when we start to see more workers return to the office while others, who are not yet able or willing to make the transition, remain home. This will result in a split that forces IT departments to handle the demands of both full-scale on-premise and full-scale remote access. The only way to be efficient in the new world of work will be to utilize solutions with automation capabilities instead of relying solely on in-house security teams. Companies will turn to newer technologies such as Zero Trust Network Access and Artificial Intelligence Markup Language (AIML) techniques to work smarter in leveraging their workforce.

Hybrid cloud environments will be a prime target for hackers

The growing adoption of cloud services combined with the increased use of mobile devices and laptops amid COVID-19 will make unsecured cloud users a prime target. Many companies use identity access management to combat potential security breaches, but the data part often goes unencrypted. We should expect to see hackers put a lot more emphasis on attacking web applications sitting on the cloud and applications that are distributed in nature. These actions will put a lot of pressure on information security groups, making it even more critical for companies to ensure there are no gaps or silos in their security strategy.

Enterprises will have to go beyond traditional Zero Trust to adopt a hyper-converged model

As employees continue to work from home, enterprises must come to terms with the reality that it may not be just the employee accessing a company device. Other people, such as a child or spouse, may use a laptop, phone, or tablet and inadvertently download ransomware or other types of software malware.

Then, when the employee starts using the device to access a corporate network or specific corporate cloud application, it becomes a rogue device. Without having eyes on employees, how do businesses ensure the user and device are trusted? And what about the application, data and infrastructure? All of these components must be verified on a continual basis every few minutes to maintain a superior secure access posture. That is why organizations must adopt a Zero Trust Access solution capable of handling the hyper-converged technology and infrastructure within today's digital workplace by providing a unified, cloud-based service that enables greater accessibility, efficiency, and risk reduction.

Adopting a zero trust model will be especially important for the healthcare and education industries. As they work to solidify their security posture after a tough year, the biggest aspect they must improve on is having the technology in place to grant total visibility into their remote and in-person workforce. Zero Trust will allow them to gain real-time insight into areas of concern and react in real-time when a breach does happen, lessening the effects of bad actors and making them more resilient in the long run. 


About the Author

Mike Riemer 

Mike Riemer is the Global Chief Technology Officer at Ivanti, an intelligent experience platform that makes every IT connection smarter and more secure across remote infrastructure, devices, and people through automation. He has over 20 years of researching, assessing requirements for, designing, and supporting implementing integrated security systems across firewall, VPN, UTM, WAF, AAA, intrusion protection, and security monitoring and event management. Prior to Pulse Secure and Juniper Networks, Mike held over 12 years practitioner experience with Harley Davison and GE Capital.

Published Wednesday, December 30, 2020 7:45 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2020>