Throughout 2020 we witnessed drastic changes to seemingly every aspect of our daily lives, with COVID-19 leading to various levels of restrictions and even nation-wide lockdowns. For businesses in particular, this led to huge shifts in technology trends that are undoubtedly going to create a ripple affect on business priorities over the next few years.
In this article we will be summarising some of the key things 2020 has taught us about the direct cyber security will be taking in the near future - and possibly even beyond that.
Phishers will take advantage of any situation
Phishing attackers have always been quick to take advantage of significant global or local events, with a key example from the past being the 2018 World Cup which saw attackers targeting fans across the world with fake ticket giveaways. This behaviour has taken a much darker turn in 2020 though, with many criminals leveraging COVID-19 messaging in their attacks - using the public’s healthcare fears for their own gain.
In fact, COVID related phishing campaigns saw a shocking increase of 667% in just the first quarter of 2020. These emails varied slightly in their approach, with the most common examples being scam emails mentioning fake vaccines, fundraisers, or PPE offerings, or brand impersonation emails disguising themselves as trusted sources like the World Health Organisation.
Secure remote access is necessary for business continuity
The national lockdowns throughout the last year have made working from home the only option for many companies in order to continue business operations, but many experts believe that, even once these restrictions are lifted for good, a large portion of organisations will continue the practice, at least to some degree.
Many users have already seen a variety of benefits to their personal lives – like spending more time with family, saving money on transportation, etc – but this could also have a great positive impact on overall productivity moving forwards, lessening the limitations that employees would usually be faced with when unable to leave their homes, whether that be for injury recovery, watching over children who are off school sick, or many other reasons.
Despite all of this, the rise of remote working certainly introduces many risks to a company; users may be working on unauthorised devices, secure VPN connections to the company network may not be in place, and studies show that employees display poorer security habits when working independently.
Secure Access for Remote & Mobile Workers
Cloud-based storage and communication is here to stay
Going hand-in-hand with the growing trend of remote working, 2020 saw huge spikes in cloud application adoption to allow home workers to easily access company data and communicate with their co-workers. A prime example of this is Microsoft Teams, which allows businesses to store and share data, collaborate on documents in real-time, and chat or video conference with both internal and external users. Teams saw a growth of 894% in the first half of 2020, with a total of 115 million users towards the end of the year.
Key security concerns surrounding these fast-tracked implementations include the potential for attackers to compromise accounts in order to access confidential data, or users failing to follow application updates which could leave them vulnerable to hackers.
Protecting Customer Data in the Cloud
Guidance for Cyber Security in 2021
With these highlighted trends in mind, here are our top suggestions for how to improve your cyber security practices moving into the new year:
- Combat Phishing Attacks with Behavioural Analysis
Traditional secure email gateway solutions can no longer effectively combat modern phishing attacks, with evolving tactics allowing attackers to bypass these defences with ease.
With artificial intelligence led security solutions like Barracuda Sentinel, you can benefit from advanced behavioural analysis, allowing you to defend against even the latest trends in phishing and social engineering.
- Secure Access for Home Workers with a VPN
VPNs, or Virtual Private Networks, allow you to create a secure connection from your home to your organisations' main network, allowing home workers to make use of resources on the network as if their devices were physically plugged in at the office. VPNs act like a virtual tunnel that passes through the public internet, protecting any data that passes through it with encryption.
Barracuda Cloud Generation Firewall includes endpoint-to-endpoint VPN connectivity, with iOS and android support for flexibility, and two-factor authentication for added security.
- Improve User Knowledge Around Cloud Applications
Two of the biggest concerns around increased adoption of cloud applications include account takeover - which often occurs as the result of a targeted email attacks - and unpatched applications becoming vulnerable to attackers.
For both of these risks, the best pre-emptive protection is to ensure users are given regular training on security awareness and online best practices.
Barracuda Phishline not only provides this training as an on-going service, but also offers phishing simulations to teach users how to identify suspicious emails with realistic and customisable examples.