In 2020, the cybersecurity landscape was defined by the COVID-19 pandemic and its effects on business operations. As organizations look forward to the end of the pandemic in 2021, new trends have emerged as companies grapple with the aftereffects of the pandemic and reevaluate their plans and priorities for digital transformation.
A common joke is that COVID-19 is the main driver behind many companies’ digital transformation efforts. However, while COVID-19 did indeed have a significant impact on how daily business is conducted, it mainly served to accelerate existing trends. In 2021, the rapid evolution of the corporate IT infrastructure has a significant impact on cybersecurity as security teams address increased telework, cloud adoption, and the rise of the hybrid data center.
The COVID-19 pandemic drove the move to remote work in 2020. However, in 2021 as a return to the office becomes a possibility, many organizations are choosing not to return to a fully on-prem workforce.
Supporting remote or hybrid work models provides several advantages to an organization. The flexibility that remote work offers is an attractive incentive to many employees. Support for telework provides access to a global talent pool. Remote or hybrid workers require less dedicated office space, decreasing infrastructure costs.
As remote work becomes commonplace, organizations are searching for ways to support and secure their remote workforce. Many of the solutions put into place in 2020 were unsustainable or insecure, making secure remote work solutions a priority for many organizations.
The COVID-19 pandemic in 2020 accelerated the trend of cloud adoption. The need to support a remote workforce drove organizations to deploy and use cloud-based solutions. The pandemic also demonstrated the need for resiliency, which is one of the main selling points of cloud computing.
While organizations have moved quickly to adopt cloud computing, cloud security has lagged behind. Traditional security solutions and methodologies do not always translate well to cloud environments, and a variety of vendor-specific platforms and security solutions makes it difficult to achieve consistent security across an organization’s entire environment. As enthusiasm for the cloud meets corporate security policies and regulatory requirements, organizations are increasingly in need of solutions that enable them to effectively and scalably manage the security of their cloud deployments.
The cloud provides a number of potential advantages to an organization, including flexibility, scalability, resiliency, and cost savings. However, some enterprise applications and data must be hosted on-prem to comply with corporate security policy or regulatory requirements.
Since full cloud adoption is not an option, many organizations are turning to hybrid data centers to allow them to take advantage of the cloud to the greatest extent possible. Hybrid data centers link cloud-based infrastructure with on-prem data centers, enabling data and applications to flow seamlessly between the two environments to meet business needs.
However, while a hybrid data center provides many advantages, it also creates significant security challenges. Cloud deployments and on-prem data centers are very different environments, making it difficult to consistently enforce security policies for applications and data across both environments. Doing so requires security solutions that can operate in all deployment environments and provide consolidated security monitoring and management for an organization’s entire IT architecture.
In 2020, many cybersecurity trends – such as an increase in ransomware attacks, exploitation of remote workers, and increased attacks on endpoints and mobile devices – were largely attributed to the pandemic. However, in 2021, as the pandemic begins to abate, many of these trends in cyberattacks have only accelerated.
In 2020, ransomware activity surged as cybercriminals took advantage of the COVID-19 pandemic, which drove the deployment of insecure remote access solutions and left organizations more vulnerable to phishing attacks and exploitation of unpatched vulnerabilities. However, the ransomware pandemic has not yet abated. In fact, ransomware attacks are continuing to surge, growing by 93%.
One of the biggest drivers of the growth in ransomware attacks is the emergence of the Ransomware as a Service (RaaS) attack model. Under the RaaS model, ransomware developers distribute their malware to “affiliates” for use in their attacks. By placing sophisticated malware in the hands of more cybercriminals, RaaS increases the number and success rate of ransomware attacks. This has led to a number of major ransomware incidents, including the Colonial Pipeline, Microsoft Exchange, and Kaseya hacks.
While ransomware attacks have grown more common, they have grown more dangerous as well. In 2019, ransomware gangs debuted the “double extortion” attack, where ransomware malware stole data from a computer before encrypting it. In 2020, the “triple extortion” attack emerged, where the ransomware operators would also demand a ransom from a victim’s customers, partners, or other parties whose sensitive data was stolen as part of the attack. In February 2021, the REvil group added an additional component, using Distributed Denial of Service (DDoS) attacks and phone calls to the media and business partners to put additional pressure on the victim to pay the ransom. These variations on the ransomware attack cause additional damage to an organization and its reputation.
The rise of ransomware in 2020 and into 2021 was enabled by the widespread adoption of remote work. As organizations began allowing telework, they needed to deploy remote access solutions for their employees.
The increased usage of virtual private networks (VPNs) and the Remote Desktop Protocol (RDP) created opportunities for cybercriminals. Credential stuffing attacks and exploitation of VPN vulnerabilities became the most common methods by which ransomware operators gained access to organizations’ networks and delivered their malware.
The growth of remote work had a dramatic effect on corporate digital attack surfaces. Instead of sitting behind the corporate network perimeter with its array of security defenses, employees now work from devices connected directly to the public Internet.
As a result, the endpoint has become the new network perimeter and is more vulnerable than ever before. Employees working from home are more likely to be incautious and violate corporate policies, and remote devices are often slower to receive updates and security patches. Remote employees and devices are more likely to fall prey to a cyberattack.
However, the need to sustain operations means that organizations need to allow these potentially compromised devices to have access to corporate applications and other resources.
The use of mobile devices for business purposes has become commonplace in recent years as companies have supplied corporate smartphones or permitted the use of personal devices through Bring Your Own Device (BYOD) policies. However, the COVID-19 pandemic caused a dramatic increase in mobile device usage as employees worked from whatever devices were available. As a result, mobile devices have become a mission-critical component of many organizations’ IT infrastructures.
With the increased use of mobile devices came a greater focus on them by cybercriminals. In 2021, mobile devices face a wider range of security threats than they did in the past. Read more about the new mobile threat landscape in Check Point’s 2021 Mobile Security Report.
COVID-19 and digital transformation initiatives have left security teams with a complex environment to protect against sophisticated and evolving threats. In response, many organizations are pursuing initiatives intended to redesign their security to meet the needs of the modern, distributed enterprise. Two of the most significant trends are a move towards security consolidation and the replacement of legacy security technologies with modern alternatives.
Historically, many organizations have addressed security challenges by deploying specialized, standalone security solutions. However, as corporate IT environments have become larger and more complicated and the cyber threat landscape has evolved, this has resulted in a complex array of isolated security products.
These disaggregated security architectures are difficult for an organization’s security team to monitor and manage. Often, security teams are overwhelmed by large volumes of security alerts, and the need to switch between multiple dashboards and systems slows threat detection and response. As a result, incident response is delayed, and cybersecurity incidents incur more damage and cost to the organization.
Since IT environments will only grow more complex and cyber threats continue to mature, organizations are focusing their efforts on streamlining and consolidating their cyber security architectures. By bringing security monitoring and management under the umbrella of a single solution with a single dashboard, security teams can more easily enforce consistent security across their environments and more quickly and effectively detect, investigate, and respond to cyber threats.
Corporate IT environments are changing rapidly, and organizations are looking to secure their new cloud infrastructure and remote workforce. As a result, there has been increased interest in several next-generation security technologies, including:
Security is growing increasingly complex in 2021. Enterprise IT environments are evolving rapidly, and new cyber threats are emerging. As a result, organizations are looking to consolidate their security architectures and deploy advanced solutions designed to meet the security needs of the modern, distributed enterprise.
Check Point Harmony Suite provides unified protection across an organization’s entire IT environment, including endpoints, mobile, cloud, and email. With AI-driven threat prevention and detection and curated threat intelligence, Harmony Suite can secure the enterprise against both known and novel attacks.
To learn more about the 2021 cyber threat landscape, check out Check Point’s 2021 Cyber Security and Mobile Security reports. You’re also welcome to request a demo to learn about Harmony Suite’s capabilities and to see how it can protect your organization against these evolving threats.