Peering into the cyber-crystal ball, Michael Rezek, VP of cybersecurity strategy at Accedian (a network performance analytics company) considers what 2021 has in store for the cybersecurity professional and for the typical enterprise. This is set to include ransomware, healthcare and nation-stack attacks.
READ MORE: REvil: Looking behind the new ransomware threat
Rezek begins by considering the latest industry survey into cybersecurity: “According to a recent CrowdStrike report, 56 percent of organizations fell victim to a ransomware attack this year, with cybercriminals taking advantage of increased remote work-related vulnerabilities.”
This risks need to be considered in the context of the coronavirus. Rezek says: “With the COVID-19 pandemic surging around the world, ransomware attacks are likely to continue well into 2021, with nation-state organizations increasingly targeting hospitals, state and local governments, and healthcare researchers.”
So, what does this mean for cybersecurity? Rezek states: “As IT teams build out their 2021 cybersecurity strategy, they should look most critically to network detection and response solutions (NDR), and other complementary solutions like endpoint security platforms that can detect advanced persistent threats (APT) and malware.”
This may suit the big players, but also: “For smaller companies, managed security services such as managed defense and response are also good options. However, a comprehensive security strategy must also include educating all employees about these threats and what to watch out for.”
Recommendations include: “Simple cybersecurity practices like varying and updating passwords and not clicking on suspicious links can go a long way in defending against ransomware. Perhaps most importantly, since no security plan is foolproof, companies should have a plan in the event of a ransomware attack.”
Rezek says that: “This is especially important since attackers might perform months of reconnaissance before actually striking. Once they have enough data, they’ll typically move laterally inside the network in search of other prized data. Many cybercrime gangs will then install ransomware and use the stolen data as a back-up plan in case the organization refuses to pay. The more rapidly you can detect a breach and identify what information was exploited, the better your changes of mitigating this type of loss. Having a plan and the forensic data to back it up will ensure your organization and its reputation are protected.”
