Industry executives and experts share their predictions for 2021. Read them in this 13th annual VMblog.com series exclusive.
What Organizations Can Expect to Occur in 2021
By Mike Riemer, global chief technology officer of Ivanti
In 2020, we saw several
attacks that surprised most of the industry, including a former U.S. president
being hacked. As businesses added capacity to support remote office
accessibility, companies had to cope with amplified security threats stemming
from increased use of personal computing, home office and public networks, and
cloud applications.
Unfortunately, we will
likely see more security incidents next year including an uptick in bad actors
capitalizing on the growth of 5G to execute coordinated attacks and a lack of
segregation between company IoT/IIoT devices and the rest of the network. Below
I dive deeper into what I expect may occur in 2021.
We will see an uptick in bad actors
capitalizing on the growth of 5G to execute coordinated attacks
2020 has reminded us how nimble
cybercriminals can be. The rise in 5G devices and networks will undoubtedly
catch the attention of consumers in the coming year, as cellphone carriers such
as AT&T
look to scale standalone deployment in 2021, and new products such as the
iPhone 12
advertise 5G capabilities. The technology is predicted to completely
transform the way we work and live by linking numerous aspects of our lives to
faster and lower latency networks. The spotlight on this technological
revolution will also draw the attention of state-sponsored and other
cybercriminals, who will seek to develop sophisticated and aggressive plans of
attack that can leverage the increase in network connectivity to carry out
ransomware attacks.
Financial institutions will be the most
at-risk industry for cloud-jacking
As companies across industries continue
to move towards hybrid IT environments, the threat of cloud security breaches
is at an all-time high. Financial
institutions, which have traditionally been slower to adopt cloud technologies
due to heavy regulations and security concerns,
accelerated their digital transformations in 2020 as COVID-19 brought about new
challenges. These businesses are now faced with a customer base seeking
digital-first services, and they are leveraging cloud-based infrastructure to
maintain customer satisfaction. As a result of this rapid transition to a
hybrid cloud environment, we could see the cloud-jacking of a major financial
institution that results in bad actors gaining control of highly sensitive
customer information.
The Twitter employee hack is a sign of
more sophisticated phishing scams to come
In July 2020, bad actors leveraged social
engineering techniques, which involves manipulating people into giving up
sensitive information, in order to pose as internal IT staff and convince
Twitter employees
working from home to enter their login information. The phishing attack resulted in numerous
high-profile Twitter accounts, like Barack Obama and Elon Musk, being hacked.
Twitter was ultimately found to have insufficient internal controls and a lack
of cybersecurity regulation, which contributed to the incident.
The brazen nature of the Twitter attack
shows bad actors are using social engineering to raise the stakes, and we can
expect to see more of these high-profile orchestrated events in 2021 as remote
work continues and cyber criminals look for new, creative ways to infiltrate
organizations. The incident represents a new focus on remote users and remote
connectivity, whether through VPN tunnels or other remote connectivity forms.
In response, companies must prepare now with the appropriate end-user education
and adopt an adaptive risk and trust threat assessment mentality. This can be
accomplished by adopting a Zero Trust approach founded on the principles of
continuous verification and authorizations that allow organizations to have
better visibility and insight into what is, and is not, typical behavior for an
employee.
A lack of segregation between company
IoT/IIoT devices and the rest of the network will result in an increase in
breaches
Most organizations have network-level,
port-based security on IoT devices, but it's really the internet-connected operational
technology (OT) assets that these devices are communicating with and this is
where the security focus needs to be, especially since a lot of those OT
systems are going to the cloud. We will see more hackers looking to infiltrate
a host OT system on the web to gain access to various tenants. From there,
these bad actors can go in and hit an IoT device on somebody's network and drop
some sort of bot or ransomware on it that then goes after the internal systems.
In the Industrial Internet of Things
(IIoT) market, which has been around a lot longer than the IoT market, devices
also present a growing risk to organizations. These machines, which are used in
manufacturing sectors and applications, have traditionally had a legacy
connectivity to OT systems that has taken place outside of the internet.
However, similar to the IoT market, we have seen the manufacturing move those
OT systems to a cloud environment, opening up the entire organization to
intruders.
Maintaining the security for OT systems
is going to be critical, which is why companies must implement processes and
technologies that ensure the IoT devices or IIoT devices talking to the OT
systems are what they say they are and haven't been hijacked. It is important
to ensure that any type of interaction happening between IIoT/IoT devices and
OT systems occurs away from corporate content. This means setting up strict
parameters to keep networks as secure as possible.
Automation will be the key to a
successful cybersecurity program
Amid the growing cybersecurity skills
gap, the broader theme in 2021 will
be the increased adoption of technology that capitalizes on artificial
intelligence and machine learning to automate key security functions.
COVID-19 resulted in a massive, global
shift to a remote workforce. However, next year we will enter a completely new
normal when we start to see more workers return to the office while others, who
are not yet able or willing to make the transition, remain home. This will
result in a split that forces IT departments to handle the demands of both
full-scale on-premise and full-scale remote access. The only way to be
efficient in the new world of work will be to utilize solutions with automation
capabilities instead of relying solely on in-house security teams. Companies
will turn to newer technologies such as Zero Trust Network Access and Artificial
Intelligence Markup Language (AIML) techniques to work smarter in leveraging
their workforce.
Hybrid cloud environments will be a prime
target for hackers
The growing adoption of cloud services
combined with the
increased use of mobile devices and laptops amid COVID-19 will make unsecured cloud
users a prime target. Many companies use identity access management to combat
potential security breaches, but the data part often goes unencrypted. We
should expect to see hackers put a lot more emphasis on attacking web
applications sitting on the cloud and applications that are distributed in
nature. These actions will put a lot of pressure on information security
groups, making it even more critical for companies to ensure there are no gaps
or silos in their security strategy.
Enterprises will have to go beyond
traditional Zero Trust to adopt a hyper-converged model
As employees continue to work from home,
enterprises must come to terms with the reality that it may not be just the
employee accessing a company device. Other people, such as a child or spouse,
may use a laptop, phone, or tablet and inadvertently download ransomware or
other types of software malware.
Then, when the employee starts using the
device to access a corporate network or specific corporate cloud application,
it becomes a rogue device. Without having eyes on employees, how do businesses
ensure the user and device are trusted? And what about the application, data
and infrastructure? All of these components must be verified on a continual
basis every few minutes to maintain a superior secure access posture. That is
why organizations must adopt a Zero Trust Access solution capable of handling
the hyper-converged technology and infrastructure within today's digital
workplace by providing a unified, cloud-based service that enables greater
accessibility, efficiency, and risk reduction.
Adopting a zero trust model will be
especially important for the healthcare and education industries. As they work
to solidify their security posture after a tough year, the biggest aspect they
must improve on is having the technology in place to grant total visibility
into their remote and in-person workforce. Zero Trust will allow them to gain
real-time insight into areas of concern and react in real-time when a breach does
happen, lessening the effects of bad actors and making them more resilient in
the long run.
##
About the Author
Mike
Riemer is the Global Chief Technology Officer at Ivanti, an intelligent
experience platform that makes every IT connection smarter and more secure
across remote infrastructure, devices, and people through automation. He has over 20 years of
researching, assessing requirements for, designing, and supporting implementing
integrated security systems across firewall, VPN, UTM, WAF, AAA, intrusion
protection, and security monitoring and event management. Prior to Pulse Secure
and Juniper Networks, Mike held over 12 years practitioner experience with
Harley Davison and GE Capital.