The “Russian Hack.” You’ve no doubt heard about this massive cyber attack. It hit U.S. government networks and private companies worldwide, including both the Treasury and Commerce Departments.
Reported in December 2020, apparently the hackers attached their malware to an update from a private software company. The same company used by the government and private sector.
This got us wondering about cybersecurity issues in 2021. Last year COVID-19 forced business to make drastic changes. Remote work stations, IT dispersed away from the office, and employee oversight from a distance. All of this forced a transformation in cybersecurity in 2020.
So what should our business customers be alert to this year? How can they organize themselves to stay as cyber-safe as possible.
Here’s what you should look out for in 2021.
1. Secure the Remote Workforce
According to the National Cyber Awareness System, one of the persistent lures for cybercriminals is the COVID-19 pandemic. They use info on the pandemic to set up COVID related scams and phishing emails. And they have been targeting individuals, small and medium enterprises, and large organizations.
Deceitful use of the pandemic is just one example of the bait criminals will use to get clicks onto malware. There were many more scams to get clicks well before the pandemic. But cybersecurity wasn’t foremost on the minds of small business last year. The critical problem was the scramble just to get themselves back serving customers. So security took a back seat.
The trend this year is to secure this new, automated way of doing business. According to Forbes, in 2021 expect “…growth in enterprise VPN, desktop virtualization, endpoint security, endpoint detection and response, multi-factor authentication (MFA), and cloud-access security brokers solutions.”
2. Fast Breach Detection
The faster a breach is discovered, the easier and cheaper it is to correct. So in 2021, more managed-detection-and-response (MDR) services will be used. These services should offer a business comprehensive monitoring around the clock. With real-time alerts and quick responses.
MDR services will also be the right response to companies utilizing cloud computing. That’s because these services collect data not only from your company affiliated network but also your cloud service.
3. Assume Hostility
In other words, you trust no one. And always verify connections. Employees will be asked not to click on anything unverified. Users will be also be given access only to the systems and apps they need to do their jobs. And they will be authenticated before gaining access to the network.
4. Cyber Security Education, Training, and Philosophy
Believe it or not, according to the 2020 Data Breach Investigations Report from Verizon (see link to Forbes article above), during last year 30% of breaches involved internal actors. That means that one of your biggest threats is from within your company. Granted, much of the threat is from mistakes made by employees. But whether in error or willful sabotage, the danger is real.
Continuous training will be mandatory. That goes from executives to management and everyone in the organization. Learning to recognize phishing attempts and how to recognize attackers is the new normal.
5. Cyber Insurance
In a nutshell, cybercrime is a major issue for businesses going forward into 2021. But we can help. Call us about protecting your business from cyber threats and cyber liability claims. We represent more than one company so we can offer options. We’ll get you the cyber protection you need to keep your business going in the event of an attack.
We hope you’ll see these trends as an opportunity. Good reasons to shore up one of the most important parts of your business…your computer networks.
Until next time,
Your SZW Team
SZW Insurance is your Utica area Trusted Choice™ independent insurance agent. Call us for a quote on insurance for your home, car, business, or life at 315.792.0000. Or request a quote here. In Westchester County call Zak Scalzo at 914.246.0315 or email at firstname.lastname@example.org.