2020 has been a disruptive year. The dramatic shift to remote workflows has increased the flow of sensitive information online — creating risk and leaving businesses exposed to cybercrime.
The UK Government Cyber Security Breaches Survey, the fifth in the series, concluded that cyber-attacks have evolved and will become more frequent. Almost half of businesses (46%) have reported cyber-related attacks or breaches in the last year. As in previous years, this is greatest among medium-sized companies (68%), large businesses (75%) and high-income charities (57%).
Businesses need to act now to address evolving trends and develop long-term solutions to current challenges. Here, we outline some of the significant trends to build into your planning as Q4 comes to an end.
Trend 1: Increased endpoint detection and response
Endpoint detection and response is critical to managing the new normal — remote working and WFH (work-from-home), along with BYOD (bring-your-own-device).
Endpoint security focuses on user devices. But it aims to protect the network, not each individual endpoint. It does this by assessing transfers from the device to the network. Relying on such cloud-based security tools will free end-user devices from the bloat associated with managing this capability locally, while improving outcomes. Endpoint defence delivers:
- A centralisation of security control and a reduction of risk.
- A more easily managed system that can be updated faster and provide better outcomes.
- An increased capability to partner with proactive management and response services.
Strategies to consider:
Any good endpoint detection and response system should include:
- Multi-layered protection: A good example is Microsoft Defender for Endpoint, which provides multi-layered protection (built into the endpoint and cloud-powered) from file-based malware, malicious scripts, memory-based attacks, and other advanced threats.
- Built-in, cloud-enabled protection: These capabilities protect against broad-scale and targeted attacks like phishing and malware campaigns.
- Threat analytics: Contextual threat reports providing near real-time visibility on how threats could impact the business.
How this can help
Endpoint security provides a flexible system built to accommodate the realities of remote working and BYOD. It’s at its most effective when actively managed by a threat detection and response team that can monitor activities and take action in real-time. This is something that managed service providers can deliver, and forms an excellent combination for a strategic partnership.
Trend 2: The new frontier of artificial intelligence
Security professionals are under pressure to achieve more with less. So, automation and integration delivered by AI are pretty-much essential for future cyber security excellence. But apart from being a solution, AI is also a potential threat. If the good guys can use AI, so can the bad guys. However, let’s look at the positives:
- Businesses will be able to monitor and respond to security incidents by using more advanced tools.
- Next-generation devices such as firewalls will have in-built machine learning technology to find patterns in network packets and block them automatically.
- Setting up policies, managing backups, and many other tasks will be simpler.
- AI will be used to identify and pinpoint the origins of cyber-attacks.
Strategies to consider:
- Start to identify data sources and create data platforms to make the most of AI and train new machine learning tools.
- Investigate which use cases will accelerate and maximise AI’s benefits.
- Start to collaborate externally to improve your threat intelligence.
How this can help:
As cyber-attacks grow in complexity and volume, artificial intelligence will help under-resourced security operations analysts keep up. Developing threat intelligence from research papers, blogs and news stories, AI can provide insights from thousands of daily alerts to reduce response times drastically.
Ultimately, security-focused AI is important to counter threat-AI. The faster cyber criminals are able to act, the more flexibly you will need to respond. AI is part of both halves of that equation. AI can efficiently analyse user behaviours, recognise patterns, and identify abnormalities or irregularities in the network. With this data, it becomes easier to identify cyber vulnerabilities quickly.
Trend 3: Massive expansion in IoT
Data from sensors are making the Internet of Things (IoT) more worthwhile year-on-year. But cyber-attack volumes for this year have seen a three-fold increase to 2.9 billion events. Issues will only get more numerous over the coming years.
Expect more incidents from:
- Hardcoded passwords
- Non-encrypted personal data
- Rogue updates of software and firmware from unverified sources
- Wireless communication security issues
All of these incidents will be associated with IoT devices in homes, public places, and businesses.
The explosion of devices
The global installed base of IoT devices is expected to reach 31 billion in 2020. By 2025, more than 75 billion IoT devices will be connected. With so many devices deployed and more on the way, expect an increase in the overall threat landscape.
The impact of 5G
The introduction of 5G technology will revolutionise the IoT market with the promise of:
- Faster speeds
- Lower latency
- Increased capacity
- Reduced costs
Security vulnerabilities in mobile networks aren’t new, but early adopters of 5G will likely experience novel security threats. As with 3G and 4G, this will probably be due to early-stage versions of the network containing yet-to-be-discovered vulnerabilities.
Strategies to consider:
- A network-level security and enforcement approach.
- Process changes to include IoT devices in update and patch procedures.
- Segregation of IoT devices onto a separate network.
- Working only with vendors that you trust and take security seriously.
- A contingency plan in case IoT devices are compromised in a DDoS or similar attack.
Trend 4: Increasing importance of MSPs
The lack of internal security expertise within many (newly digital) companies means there will be increasing value in bringing in outside help. Managed service providers supply flexible access to needed expertise, and can help businesses deliver more effective security outcomes in a more uncertain risk landscape.
The cyber security skills shortage
The unemployment rate for IT security professionals is pretty much zero. While demand continues to grow, the number of people with the skills and experience required to fill these positions is not keeping pace.
The scarcity of skills is compounded by IT security teams now being expected to play a more extensive, and more strategic role. It’s more challenging to hire security professionals now than it was even three or four years ago.
Strategies to consider:
Getting support from the right strategic partner will be critical to success in 2021 and beyond — the question is, to what degree? Some businesses will benefit from a fully managed service, while others may simply need help rolling out a new system.
Cyber security is based on the idea of trust but verify. You can trust your managed service provider based on how they respond, but you need to know that they have processes to back up their detection and response activities.
Look for capabilities in:
- Threat management
- Vulnerability management
- Incident response
- Protective monitoring
How this can help:
A quality MSP will deliver on-demand access to the right people at less cost. You can access specialists who you might not need all of the time, and gain expertise that would otherwise be unavailable. The outcome is your ability to execute security best practices, keep up-to-date with new cyber-threats and enable security training and process development. Remember, cyber security partners deliver specific value as managed threat response teams to an endpoint system.
Suggested reading: Four Ways Strategic Partnerships Improve Cyber Security.
Don’t forget about your people
It’s easy to focus on technology when thinking about cyber security. But it’s important to remember the central importance of the people within your organisation. Not only does this mean thinking about your cyber security experts, but also everyone in your organisation.
Remember, human error is a significant factor contributing to data breaches. Building processes around security technology is critical. Training and culture need to be just as high a priority as new firewall protections.
As your business grows in 2021, you will need to reassess how much risk is appropriate. Undertaking an effective cyber security risk assessment is a critical part of that process. A partnership with an MSP can go a long way towards identifying the most critical risks and designing solutions that take both the human and technical elements into consideration. Make sure you can access the skills you need, and plan for a more flexible future in cyber.
Subscribe to the newsletter today
2020 changed how businesses operate — dramatically accelerating remote working,
In October 2020, Hackney Council suffered operational issues following a
As instruction comes to work remotely across England and the