As to how cybersecurity may develop during 2021, this could see a rise in social engineering attacks that take advantage of a distributed workforce to a level up for deepfakes. What is most certain is that 2021 will be a big year for security, according to Menlo Security CTO Kowsik Guruswamy. The expert provides Digital Journal with some insights.
Trust Thy Neighbor? Attackers Exploit Distributed Workforce Dynamics
According to Guruswamy one of 2020’s main security issues will continue to plague 2021. He notes: “Early in the COVID-19 cycle, we saw an uptick in social engineering and impersonation attacks. This is only going to increase next year, especially in larger organizations where the distributed workforce have yet to meet many of their colleagues in person. Prior to the era of remote work, you could walk to a person’s desk and ask them for clarification before assuming an email is legitimate. Now that convenience is gone, leaving an opening for hackers to take advantage as more companies remain remote.”
Gone Zishing? Deepfakes are Hackers’ New Lures
Deepfakes, says Guruswamy, have so far largely been used in creating fake videos in misinformation campaigns on social media. This is set to change and deepfakes will become more serious: “With increased video conferences and remote work collaboration, attackers applying deepfake technologies on live, real-time collaboration is a very real possibility for impersonation and social engineering. With more distributed team members who may be less familiar with their fellow co-workers, this is a ripe opportunity for threat actors to extrapolate confidential information in what seems like a real video call. We continually see threats evolve in parallel with technology and behavior, and the surge in video conferencing creates increased opportunity for “vishing” (video phishing) in the near future.”
Uncle Sam Will Lead the Way for Security
Guruswamy sees the U.S. as standing at the forefront of cybersecurity. From this point of view, he notes: “With the pandemic came a significant increase in awareness and adoption of zero trust architecture in the public sector. This year will be a cornerstone in how the federal market operates securely. Unlike in the commercial world where there’s a small margin for error, cybersecurity in the public sector is routinely a matter of national security, which makes securing remote workers even more of a challenge. With increased adoption of isolation-based Secure Web Gateways (SWG) in the federal market, such as DISA’s recent Cloud Based Internet Isolation (CBII) award, it’s clear that the U.S. government is paving the way when it comes to security. Telework shows no signs of slowing in 2021, and enterprises will need to take a page from the public sector and explore innovative avenues to enable secure remote work for the foreseeable future.”
One Service to Rule Them All? The Emergence of Convergence
Protecting the cloud is of great concern, says Guruswamy. He predicts: “5G is going to be a huge driver for cloud security as more Internet of Things (IoT) devices go mobile and directly to the cloud. Cloud security has largely seen growth to protect the workforce, but IoT is going to pour rocket fuel on this market. Now cloud security platforms have the vantage point to protect both devices and users. Because of this added element of protection, we will see a greater convergence of security and infrastructure, as we’re already seeing with the acceleration of new and improved architecture such as Secure Access Service Edge (SASE).”