To gain insights into how cybersecurity is likely to be shaped across the course of 2021, both in terms of emerging threats and new approaches, Digital Journal reached out to experts at DomainTools, who undertaken domain name and DNS-based predictive threat intelligence, to gain a series of insights.
VPN attacks
According to Joe Slowik, Senior Security Researcher: “We will see an increase of VPN attacks on consumer equipment that will disrupt remote working. Supply chain attacks will come from personal equipment that’s compromised to infiltrate corporate networks.”
In terms of specifics, Slowik adds: “Supply chain attacks will target schools and kids. We’ve started to see some bad domains focusing on mimicking k-12 facilities.”
In the cloud
Mathew Pahl, Security Researcher says that cloud focus will increase. This is “due to a massive breach through a 3rd party vendor that is using cloud services for a client. This will create a glut of fly-by-night companies claiming to be experts in cloud security. People won’t get cloud security on lockdown until frameworks like FEDRAMP are universally adopted.”
Addressing a common risk, Phal notes: “Working remotely will become a standard expectation as part of doing the job; cybersecurity companies that focus heavily on “butts in seats” will be competing for talent at a disadvantage right out of the gate. They will be forced to change or remain uncompetitive.”
There is Automation will take center stage in mundane infosec roles, for example, SOC level 1 will be automated to a degree never seen, with this position being phased out by 2025. Those who have experience in Security AND Automation will be in demand for the foreseeable future.
Healthcare
Sean McNee, Director of Research And development, looks at the vaccines for COVID-19. He warns that this: “Will be the next gold rush for phishing, malware and spam, feeding on the fear of the public to generate massive amounts of fraud.”