It’s been a rocky pandemic for companies trying to keep their technology systems secure. The need to facilitate work-from-home (WFH) employees at the beginning of the pandemic opened up a network security risk. Hackers quickly leveraged the disruption COVID caused and increased their attacks.
For example, ransomware attacks increased 485% in 2020 and phishing attacks increased 600% just in Q2 of 2020 alone.
This year, we’ve already seen major cyberattacks that had sweeping impacts. One was on Colonial Pipeline causing a nationwide increase in the price of a gallon of gasoline, and the other was on global meat producer, JBS. In both cases, the companies were unprepared and ended up paying millions in ransom to a ransomware attacker.
How can you stay out ahead of online threats and prepare your company for the onslaught of new attacks? One way is to keep up to date on cybersecurity predictions from major firms like McKinsey.
McKinsey is a global management consulting firm that advises businesses and governments on things like operational strategy and cybersecurity. Its cybersecurity department put together an insightful report full of cybersecurity predictions for 2021.
These top 5 predictions include details on what companies will be doing to protect themselves from an increasingly dangerous online environment. It also provides a “heads-up” on what types of threats your company needs to be prepared for.
Cybersecurity Predictions to Guide Your Protection Efforts
Multi-Factor Authentication Will Become Mandatory for RDP and More
The cloud is now where most company employees spend their days at work. They log into cloud apps for team communications, file sharing, productivity, customer management, and more.
A recent survey by McKinsey found that despite the effectiveness of multi-factor authentication (MFA), only 11% of cloud users protect their accounts with it. This leaves them at significant risk of cloud jacking and a major data breach.
It’s predicted that companies will realize the importance of MFA for cloud security and will make it mandatory for vulnerable activities like remote desktop protocol. It may also become a requirement for logging into all cloud applications.
According to Microsoft, MFA can block 99.9% of fraudulent sign-in attempts (even if the hacker has the user password).
Remote Employees Will Be Targets for Online Criminals
We are already seeing this prediction play out. Remote employees are being targeted by cybercriminals for several reasons. These include:
- Employee homes tend to have less network security than an office.
- Companies may not have put proper security in place for remote teams.
- WFH employees could be more easily fooled by phishing because they’re not in the same location as co-workers.
- Remote teams are often working from personal devices, which may not be properly updated or secured.
Remote team security should be a major priority for any company. With the proper safeguards in place, such as managed security, employees working outside the office don’t have to inherently represent a data security risk.
Unsecured VPN’s Could Increase Company Network Vulnerability
This is another prediction that has already played out in the Colonial Pipeline attack. The ransomware attacker was able to infiltrate the company’s network through an unused VPN account that wasn’t protected with MFA.
A VPN is a way to encrypt internet connections when employees are connected to an unsecured or public Wi-Fi. So, it’s one of the standard security recommendations for remote and mobile teams.
However, just as you do with any cloud account, VPN accounts need to be properly protected. This means enabling MFA on employee accounts and ensuring you aren’t forgetting to remove any unused accounts.
Company Cybersecurity Professionals Will Be Streamlining Solutions
Different security solutions for different areas of an IT infrastructure can be a recipe for weaknesses as well as confusion. Misconfiguration of security settings has become the main cause of cloud data breaches, and it’s often caused because there is no consistent security policy across all accounts.
A big focus for companies will be choosing overarching IT security systems that can handle multiple apps and platforms and deliver a continuous security experience across all environments.
Ransomware Attacks Will Likely Intensify
We are already seeing the rise of ransomware, with both the number of attacks and the cost of attacks increasing each year. Over the last 12 months, the cost to remediate a ransomware attack has more than doubled from $761,106 to $1.85 million.
Companies, large and small, continue to pay the ransomware when hit with ransomware, which has caused criminal organizations to see this form of attack as a profitable venture.
The biggest mistake companies make is thinking that a backup is enough. The recovery is just as important, and too few companies never test the data restoration mechanism of their backup program.
In today’s threat climate, it’s important to have a ransomware incident response plan that includes drills, users training, and regular data recovery testing.
Are You Properly Prepared to Fend Off Today’s Cyber Threats?
Pro Tech Guy can help your Framingham business with affordable security and backup solutions through our Cloud Care Pro™ plan.
Contact us today to learn more. Call 508-364-8189 or reach us online.