Remember meForgot password?
    Log in with Twitter

article imageHealthcare beware: 2021 will see more cyberattacks Special

By Tim Sandle     Dec 6, 2020 in Technology
Enterprises face a range of new challenges in 2021, including the expectation that cyberattacks will increase and, at the same time from the remediation front, a lack of available skills among the IT workforce.
Many enterprises are eager to look toward 2021 after this tumultuous year of COVID-19 actions, but what does 2021 have in store? Digital Journal polled the thoughts of Cybrary’s co-founder and CEO, Ryan Corey, and Cybrary Master Instructor, Ken Underhill, on what to expect from the industry in 2021.
First, Ryan Corey, co-founder and CEO, Cybrary, provides his analysis.
Class Is Now In Session: Increased Demand in Online Training/ EdTech
COVID-19 accelerated nearly every aspect of cybersecurity, and just like many organizations and users are transitioning to the cloud, they’re also shifting their training budgets to online resources. Long gone are the days of registering for in-person training classes at conferences like Black Hat or other industry events like RSA. Cybersecurity training is now being conducted online more than ever before and it’s highly unlikely to return to the traditional model in 2021. Not only is working from home here to stay, but so is training from home. The tailwinds for online education and training, especially within the cybersecurity industry, is surging and the resources available will only continue to climb as we enter 2021. The growth of online training for cybersecurity professionals has also led to a ton of M&A activity, as we’ve recently witnessed the recent consolidations of Linux Academy and Cloud Guru as well as ITProTV and ACI Learning. This trend will continue to be the norm as we enter the New Year as well.
Workplace Perks: Making the Case for Upskilling
2021 will also likely show an increased emphasis by hiring managers and SOC managers on improving training options within their respective organizations in order to scale current employees’ career tracks. Cybersecurity talent retention has always been a problem for the industry and average employment time for a cyber professional is only 18 months on average. Therefore, these business leaders will be laser-focused on enhancing the camaraderie and company culture among remote teams and fostering a better work-life balance in order to prevent additional turnover. A more engaged workforce improves the efficiency and security of an organization, while also empowering employees to upskill internally and stay connected to their current company.
The New Maturity Model for MSPs: Online Training
The online training trend has been most prevalent among the managed service provider (MSP) community over the latter half of 2020 and will continue in 2021. MSP customers are asking for more services and support, ranging from DevOps to the cloud, and since the era of remote work is here to stay for the foreseeable future, they’ll continue to be some of the biggest adopters of online training. However, larger enterprises are likely to lag behind. Since these companies are still trying to get their other ducks in a row, most notably shifting their entire organization and familiarizing their employees to the cloud, online training is highly unlikely to be at the top of their to-do list.
Second, we turn to Ken Underhill, CEH, CHFI, Cybrary Master Instructor, for an indicator of how 2021 will develop in the security space.
New Attack Vectors in 2021: What to Expect and Protect
Though it may not be entirely unexpected, I think we may see some AI poisoning attacks in the wild next year where attackers are injecting bad data, which causes the algorithm to learn the wrong “lesson” from the data. It will also be interesting to keep an eye on insider threats and if they increase next year, given many people around the world are hurting financially because of the pandemic. I think we’ll also see continued attacks on critical infrastructure, especially as more IT networks are connected remotely to ICS networks.
An interesting trend was the increase in attacks against healthcare organizations, specifically the increase in ransomware attacks. Based on how this year has gone, it won’t be surprising to see more attacks on healthcare next year. As someone who has worked in healthcare security for a number of years, the industry continues to experience many of the same issues around security as I had seen in my previous experience. There are many reasons for this, including legacy software apps in use and training.
The best way to prepare for most threats is to simply focus on doing the fundamentals. When possible, incorporate red teaming (and blue and purple and ) activities to assess your organization’s capabilities.
The Silver Lining of 2020 May Help 2021’s Talent/Skills Shortage
I don’t think we will see any significant reduction in the skills gap, even though we see organizations and the government throwing millions of dollars at the problem. Until “entry level” roles stop asking for 2-3 years of experience, certifications like CISSP, and have real salaries instead of minimum wage, the positions won’t be filled. That being said, I am seeing more training providers moving toward the gamification approach and I’ve seen a lot of people upskilling in 2020 because of the discounts and free training out there right now.
More about Cyberattacks, Cybersecurity, Healthcare
Latest News
Top News