The security industry faced a variety of challenges during these last few years. The pandemic put pressure on security and IT operations and shone a spotlight on underlying issues many organizations were facing in terms of their digital transformation and security posture. If that wasn’t enough, the threat landscape also shifted and is now more volatile than ever.
As security leaders prepare to handle what lies ahead post-pandemic, there are three key trends they should pay special attention to:
- Increased adoption of policy-based security models
- New ransomware threats
- Greater utilization of artificial intelligence
Contents
Increased adoption of policy-based security models
The prospect of moving an onsite workforce to a remote setting had a huge impact on many organizations. Many realized they weren’t ready for such a dramatic shift. Moving to remote work due to COVID-19 exacerbated the shortcomings of the traditional enterprise perimeter security model. This led to more organizations choosing policy-based security models via the cloud, such as Zero Trust, to ensure the protection of their employees while remote work continued to be a norm.
Rather than equating trust to a corporate network location, a Zero Trust model analyzes information about the user, data, applications and devices to contextualize security risks and dynamically adapt access rights. Successful adoption will depend on organizations fully integrating various tools within their environment, including:,
- authentication systems
- network security appliances
- endpoint detection and response
Increase in ransomware attacks and data breaches
Attackers are constantly changing their methods, resulting in new and evolving risks. It is important for companies to be prepared and aware of new threats to stay ahead of them and protect their data from any potential compromise.
Looking ahead, companies should expect to see an increase in ransomware, with bad actors increasingly threatening to expose encrypted files if they refuse to pay a ransom. Organizations have begun to do a good job in building, testing and operationalizing their office backup strategies to mitigate the risk of ransomware.
Unfortunately, most of these organizations have failed to mitigate the actual risks. If data has been compromised before – whether directly from the company or through third parties – threat actors will still be able to gain a foothold into the company’s assets. The focus moving forward should fall into ensuring they have robust backup and data recovery strategies that can help address the systemic weaknesses attackers are exploiting.
We’re also going to see a considerable increase in the use of illicit OAuth 2.0 grants to compromise accounts. In general, organizations have created better phishing awareness programs, increased multifactor authentication, and created rules to detect anomalous logons. However, attackers have shifted to trick users into illicit OAuth 2.0 grants. To prepare, companies should limit which applications can request OAuth 2.0 grants from end users or disallow specific OAuth 2.0 scopes from ever being granted.
Learn more about Kudelski Security’s managed endpoint detection and response capabilities
Utilization of artificial intelligence
We will see an increased utilization of AI particularly within the IoT and OT industries, given the technology’s ability to help automate many tasks to reduce costs and improve productivity. However, as security leaders decide to adopt AI, they will need to prioritize the integrity of the data and make sure basic cyber hygiene protocols are in place.
Utilizing AI without basics like asset and patch management and user awareness will only exacerbate the number of breaches we see. Simpler exploits will be able to leverage any weak spots.
Read the blog: Bridging the AI Security Divide
Looking ahead to 2021 and beyond, organizations need to be prepared to secure their resources no matter where they are accessed from. Leaders will need to make sure they add security-based policies to their business continuity plans. They’ll also need to understand all the threats’ shifts and how to adopt new technologies to mitigate potential risks.
This blog was originally featured in VMblog.com