CISOs faced a number of challenges in 2020, not the least of which was COVID-19 and the mass migration from onsite to remote work. Maybe for the first time, corporate leadership saw just how vital the security team is to ensuring the company runs, and runs smoothly, thus making 2020 the year when the CISO and cybersecurity teams went from the background to the very forefront of enabling organizational productivity.
In 2021, CISOs and their security teams can expect to continue to show how vital their role is from risk mitigation to ROI – as they tackle the combined challenges of supply chain hacks, ransomware, WFH, the rollout of 5G, and more.
The impact of supply chain hacks
Capping off the end of the year (and what a year!), CISOs enter 2021 trying to make sense of the SolarWinds hack and how it could impact their own organization. As CNET explained, “It’s a big coup for hackers to pull off a supply-chain attack, because it packages their malware inside a trusted piece of software.” Government agencies are the first targets we know about, but it appears dozens of other companies have been impacted. Those affected will spend the next several weeks and months figuring out how someone could go undetected for nearly a year in their system, and sorting out the damage.
Ransomware will continue to cause problems in 2021 and CISOs can expect to see threat actors becoming more creative with their attacks. Ransomware-as-a-Service is a quick and easy way for hackers to make a few bucks—an RaaS builder costs about $40 and there are videos available on social media showing how to develop attacks.
Nation-states are also deploying ransomware attacks, going after critical infrastructure with multi-staged attacks. They begin with a brute force attack to gain the admin password and then create a backdoor to enter the network. Once inside, malware is deployed to find the endpoints, and once that is completed, ransomware is launched. 2020 saw a number of organizations, including some prominent healthcare facilities, fall victim to these attacks, and 2021 will likely trend increasingly in the wrong direction.
The remote workforce
Workers aren’t going to be returning to the office in 2021. Work from home is going to be in place until there is a full vaccine rollout, and maybe even longer. That means whatever cybersecurity systems that are incorporated now are going to have to stay in effect or be modified for workers who are in a hybrid model of home/office work weeks. Cybercriminals know this, so they will target remote workers with phishing and other targeted attacks. CISOs can expect to see phishing campaigns around the COVID-19 vaccines, with likely “offers” on how to get ahead of your neighbor on the vaccine waitlist.
Phishing won’t be the only problem. Remote workers will continue to use BYOD, including new devices received as holiday gifts, that could cause problems for network security. If companies haven’t already developed a plan to monitor BYOD during remote work, CISOs might want to add this to their plans for 2021.
Threats coming from inside the house
When talking about threats coming from inside the house, these aren’t threats from employees or vendors, but threats from inside the actual home of a company’s workforce. Employees aren’t the only ones using the house’s WiFi, and CISOs need to take into account the behavior of everyone within a household when thinking about corporate cybersecurity.
After the holidays, families were busy setting up their new doorbell cameras and cloud-based voice services like Alexa, and all of these IoT devices add extra risks. Or maybe the kids got the newest gaming systems from Microsoft or SONY, or subscriptions to their favorite online game. In December, it was discovered that the Steam gaming client, which hosts some of the most popular games like Dota, had serious vulnerabilities that would allow a hacker to take over any computer connected to the game client.
Remote access and stolen credentials
The need for remote access could lead to a rise in stolen credentials. If an adversary is able to get your employee’s credentials (potentially through the first three threat trends mentioned above), then the adversary has access to everything the employee does. CISOs can’t depend on VPNs to keep network access safe, either.
Take last summer’s Twitter hack as an example. The teenage hacker was able to steal VPN credentials from a Twitter employee and used that information to access the credentials of the Twitter accounts belonging to some of the world’s most famous people to scam their followers into a “get rich quick” proposition. The hacker got more than $100,000 from the scam, and Twitter showed how easy it is to access its network with one person’s credentials.
Security surrounding “work anywhere” productivity
Organizations making the transition from on-premise networks to cloud networks made remote work possible and allowed workers keep up productivity. Keeping the cloud secure, however, will be the challenge for CISOs. Security teams will need to take a closer look at identity and access management systems to prevent credential theft, improve monitoring within the cloud environment, and protecting proprietary and sensitive data in the cloud.
The 5G rollout
Will 2021 be the year that 5G really makes an impact? Possibly, but CISOs and their security teams need to prepare for 5G security challenges regardless. We don’t know yet how companies or threat actors will leverage 5G, but we do know, with the benefits of faster connections and lower latency, there are going to be more devices able to use 5G’s capabilities at one time. Organizations will need to be ready to protect the increasing number of these new endpoints, especially if they are continuing to manage the security of a remote workforce.
Much of 2021’s security will have to revolve around an anticipated largely remote workforce, but many of these security concerns, like ransomware, stolen credentials, and cloud threats, will remain long-term issues. The more CISOs and their teams can mitigate the risks surrounding these threat points, the more business operations can run without disruption, helping once again prove the ROI value of the security team to leadership.