Click to learn more about author Jackson Shaw.
With the global COVID-19 pandemic altering the way enterprise organizations do business and their employees work, it’s been a particularly challenging year for IT professionals. In addition to the complexities of migrating entire organizations to working remotely, it’s also their responsibility to ensure the new tools employees need to stay connected and productive don’t put individuals or the enterprise at risk.
While technology has enabled us to stay in touch with loved ones, complete our jobs from anywhere in the world, and a host of other benefits, it also opens us up to a sea of security threats. But with old and new security concerns converging to threaten our virtual existence, which are the most important to keep tabs on? Here are several cybersecurity trends to keep in mind to safeguard your business.
As the work-from-home model proliferates into 2021, end-users need to be aware of and watch for attacks vectored through the cable company equipment that provides remote access to corporate systems. These home-based, all-in-one firewalls and routers are infrequently upgraded or patched, and they are far inferior to business-class products. Zero trust vendors will continue to benefit as both a stopgap cybersecurity software for home workers and a VPN replacement. At a minimum, enterprises will need to beef up security training and education for all employees, particularly those who traditionally have not logged in from home.
Continuing on pandemic-driven trends, proactive removal of access for former employees is also something businesses should stay ahead of. According to BLS data, 10.7 million Americans are still out of work. Initial unemployment claims have reached as high as 1.5 million in just one week. Unfortunately, things will continue to get worse before they get better, and for some individuals out of a job, desperation may set in, and security teams must prepare for the worst. A disgruntled employee in a work-from-home environment, unsupervised by managers and unencumbered by IT staff, may be tempted to sell corporate information, intellectual property, trade secrets, and passwords, or other personally identifiable information (PII). Corporations need to be aware of this potential risk and promptly take action to remove individual access ahead of time.
As you can imagine, keeping unwanted network access at bay is no easy feat, but interestingly, businesses are starting to borrow a few tricks from the consumer world. This year, we’ll see commercial business-to-consumer identity verification will begin to transition into business-to-employee transactions. Employees will be verified with information from their life history, such as previous home addresses, banking relationships, or loyalty program memberships. This will be used when they are considered high-risk for completing a transaction, such as obtaining a privileged
password. This type of verification will make it harder for hackers to create or potentially take over valuable, privileged accounts.
In addition to enhancements to verification protocols, the adoption of machine learning (ML) and artificial intelligence (AI) will accelerate, enabling virtual assistants and robotic process automation (RPA) to further streamline business processes. This will affect enterprises in two key ways. First, AI-enabled algorithms will also allow access to applications and data to be analyzed faster, which will empower governance teams to complete more reviews in less time. Employees requesting access will allow AI bots to complete their profile lookup, compare their profile to their peers, and if everything appears legitimate, then gain access without the need for additional approvals.
COVID-19 has changed the way we work and live, but it has also made us more adaptable to change. It’s important to take these lessons with us and remain ready and agile as we prepare to deal with the new security landscape of 2021. It’s also important to remember that even with big leaps forward — AI-driven automation, smarter B2C verification for businesses, and an emphasis on endpoint security for remote workers — there are always threats waiting in the wings of progress. By staying on top of these security trends, you can ensure your organization has a strong security posture in the new year and beyond.