70% of organizations expect at least a third of their workers to remain remote as per recent December 2020 “Cybersecurity in the New Normal” report referenced on CSO Online. There are four key trends emerging for 2021 accelerated by Work From Home (WFH) trends
1. Ransomware: Bigger, meaner, smarter
2. The expanding role of the CISO
3. Organizations reassess security strategies and tech stacks
4. Security talent acquisition: Demand goes up
SKYBOX Security has come out with a mid-year update to the 2020 Vulnerability and Threat Trends Report. This report has been created to give CISOs and security leaders the perspective needed to see what’s shaping the threat in the information & network security landscape and, in turn, their defense strategies as they navigate the COVID-19 crisis.
Key findings of the report include:
- 2020 vulnerability reports will likely hit 20,000 – a new record
- New ransomware and trojan samples have soared during the pandemic
- OT security advisories have increased, underscoring the need for greater protection at a time of increased nation-state and criminal threats
- Mobile and browser-based vulnerabilities have grown in volume, adding new complexities for security teams as they deal with overlapping personal and corporate networks
Not only enterprise or business information technology systems but security threats are on the rise in Industrial IT also. That is, cybersecurity challenges are also increasing within traditional plants and infrastructure systems. Many plants still lack the resources to sustain defenses or proper strategies to enable external support. Deployment of IIoT strategies is proceeding without real solutions for critical issues like secure-by-design-devices and secure supply/support chains. Growing use of cloud-based solutions are undermining the ability of in-house teams to govern security practices. Segregating cybersecurity efforts by technology is no longer a sustainable approach. Organizations need to develop new integrated strategies that combine IT, OT, and IoT security efforts and maximize use of all corporate cybersecurity resources.