em360tech image

Just when you thought cybersecurity couldn’t become any more critical, 2020 was hit by COVID-19. Amid the pandemic, the cyber threat landscape became more rife than ever, with attacks becoming far more common across business and personal devices alike.

Looking forward, what stage does this year’s cybersecurity threats set for 2021?

In this special Top 5 episode, Dr. Eric Cole shares his predictions of what the most prominent cybersecurity challenges will be next year.

Move to the cloud

In 2021, Eric predicts even bigger migration and movement to the cloud. Indeed, this has been the case for a while, with many businesses turning their attention to AWS or Microsoft Azure, to name a few. However, the pandemic has ramped up cloud migration exponentially, and it looks like cloud is going to stick. 

With so few employers and employees likely to return to the office in a traditional sense, the idea of having devices or appliances in-house and being run by local staff is now a thing of the past. Instead, Eric believes that 2021 will be about letting those companies that focus in this area manage and control our data.

Thin clients on endpoints

Eric reminds us that effectively, we don’t just equip our teams with laptops; instead, we’re giving them portable servers. Pre-pandemic, these laptops were used inside an office with a robust architecture - but even then, that wasn’t ideal in terms of security. 

Thus, for 2021, Eric proposes that we get better control of our data and information by removing the hard drives from all those local offices. In particular, a thin client approach should be used to ensure a new, fresh, and secure install so that laptops are never infected for too long at once.

Reduction of perimeter

If somebody comes into an office and plugs in their computer, organisations will normally have a very robust architecture in place to protect them. The probability of compromise was relatively low with thanks to this robust perimeter, which often put several appliances in place to protect employees and the business.

However, amid pandemic-driven remote working, companies no longer had the safety net of their company’s perimeter and architecture. Thus, in 2021, the focus will shift from the previous robust infrastructure to protecting and securing critical data.

Focus on timely detection

One of the key models of cybersecurity is “prevention is ideal, but detection is a must.” Indeed, the former is preferable, but already, most organisations are doing everything they can in terms of prevention.

“Organisations that are going to thrive and survive in 2021 are going to start putting a lot of energy and effort towards detection,” Eric states. This could be through a variety of methods, such as setting up decoys or threat hunting.

CISOs becoming more strategic

The pandemic necessitates that CISOs become a lot more strategic. Dr Cole reflects on how, in the last couple of years, the CISO role “has been a promotional path for the technical engineer.” 

After 10 or so years in a company, a technical engineer will rise to the CISO level - perhaps by their own demand - which is problematic because a CISO is not a technical position. Instead, a CISO must be an executive that understands and manages the business of security from a strategic standpoint.