Cyber security priorities have shifted over the past 12 months due to the impact of the pandemic. The massive shift to remote working meant organisations had to rapidly implement WFH capabilities for staff and alongside this there were record levels of sophisticated cyber-attacks as criminal networks and nation state threat actors took advantage of uncertainty and fear around the pandemic.
So, in light of the lessons we have learned over the past year, what are some of the key cyber security trends that the channel is likely to experience in the coming 12 months, and what opportunities will they bring?
Security Governance Programmes: The spotlight on cyber has driven an evolution in governance, risk management and compliance (GRC) and there has been a definite change in how organisations implement, manage and monitor security strategies that both align with business objectives and comply with regulations. There has been a growth in demand for independent assessment of a company’s cyber security posture and for external support to understand specific cyber risks to the business and to establish priorities for cyber maturity.
Security Governance programmes are now being given more consideration by smaller and mid-market companies and bringing in expertise to deliver specific GRC components of a risk management strategy is now possible for organisations of all sizes.
Security Architecture: Last year saw a huge change in how we accessed business critical information and systems, with users increasingly accessing data and apps in the cloud. Organisations are having to look at how they manage trust, adapt to the different risks in this new landscape, and re-evaluate their security tools accordingly.
We expect to see greater use of micro-segmentation to isolate and secure workloads and reduce the attack surface; a push into cloud-based network security and Secure Access Service Edge (SASE) to provide secure access no matter where users or devices are located; an increase in Internet Content Adaption Protocols (ICAP) to extend security capabilities when transferring files via email; and the use of Cloud Access Security Broker (CASB) solutions as a minimum standard.
With a shift to the cloud, the use of Shadow IT becoming more prevalent, and home working here to stay organisations are looking closely at access and permissions and adopting principles of Zero Trust to deliver a more dynamic and contextualised approach to security. The technology and toolsets that give organisations the ability to implement a Zero Trust model are becoming more mainstream, which can only be a good thing as users increasingly connect to business applications with unmanaged devices from a multitude of different locations, whilst at the same time threats and attacks become more sophisticated. By reducing the number of users with access to business-critical data the potential for breaches, whether malicious or accidental, can be significantly reduced.
Mobile and IoT: This huge increase in people accessing business systems from personal devices has meant they have increasingly become the target of threat actors with the resources to launch APT attacks. As a result, there has been a rise in demand for Mobile Device Management (MDM) and end-to-end data encryption, both at rest and in transit.
There has been a huge shift in the way people interact with colleagues and clients with greater adoption of mechanisms and tools for collaboration and the use of social media platforms to maintain business relationships, but consequently cyber-attacks in these areas have also grown significantly. Organisations are increasingly looking at how they provide principles of least privilege for the toolsets that are being extended out to users and how they control the corporate social environment, whilst ensuring users are educated about new threats.
The IoT floodgates have opened in sectors such as healthcare, logistics and manufacturing; however, it is IoT in the home environment that has proved to be particularly vulnerable. Although IoT use has proliferated, often insufficient consideration has been given to the security of these devices, with users incorrectly assuming they come with strong default security settings and the growth in the use of IoT means organisations are increasing the attack surface that cyber criminals can easily exploit.
Continuous Risk and Vulnerability Management: One positive change we have seen is that vulnerability management is evolving into an end-to-end process to defend and secure organisations more effectively. Both channel and vendors in the UK are delivering service programmes with greater capabilities in this area that enable organisations to improve their overall cyber maturity and protection.
Proactive and continuous toolsets that provide assurance around security are also becoming more widespread, such as breach and attack simulation and automated pen testing tools, which have gone from being relatively niche to more mainstream. As these new toolsets come to market the process of continually assessing and adapting an organisation’s approach to security is becoming more accessible for many businesses.
Digital Risk and Phishing: Last year, we saw the pandemic force many companies to rapidly implement new platforms and mechanisms to enable staff to work and collaborate from home. As we continue to do business through an increasingly diverse number of digital channels, such as mobile apps and social media, we are potentially exposing ourselves to new risks.
Although the vast majority of breaches still involve the same attack vectors, we have seen a noticeable shift in the way this malicious activity is being directed with significant increases in spear phishing, social media account compromise and identity takeover, insider threats, targeted attacks on C-Level executives, data exfiltration, the growth of leak sites and brand abuse.
Last year was a perfect storm for exploitation in these areas, as cyber criminals looked to take advantage of confusion around the pandemic; however, organisations are adopting proactive strategies to manage digital risk with automated solutions that detect and identify malicious activities across the digital risk landscape from the surface web, apps and social media to the deep web and dark web. These vulnerabilities can then be rapidly removed or remediated, reducing an organisation’s exposure to risk. In addition, organisations are looking at solutions that will also identify Shadow IT and help prevent brand abuse by flagging and blocking spoof websites that are used to steal genuine customers’ credentials and take over their accounts.
As a specialist cyber security consultancy CBG provides a range of bespoke services to Partners to assist them in supporting their clients with these, and other cyber focused issues. Our range of Cyber Services has been carefully developed by our team of experts to align with strategic business goals and enable our Partners’ success, providing skills when needed to fulfil demand or increase service portfolio diversification and reach. For more information and to find out how we can help your organisation please contact firstname.lastname@example.org
Dominic Wordsworth, CBG Solutions Director
Find out more about our services: