The year 2020 has been a time of unprecedented change. This year’s events continue to alter the course of cybersecurity, making it even more important to ensure that we better prepare ourselves for what’s to come.
In this blog post, we review the key data security trends of 2020 and share several predictions about how they will affect enterprises and cybersecurity leaders in 2021.
Data security trends in 2020
The global pandemic reinforced the exceptional value of cloud computing to the world economy. Cloud tools and services enabled organizations to send millions of workers and students home in just a few weeks, thus maintaining supply chains and educational processes. In fact, in 2020, enterprise adoption of cloud services spiked by 50% (McAfee).
But this technological shift had its downside: The hasty shift to work from home necessitated prioritizing productivity over security. As a result, it amplified security gaps that had existed before and introduced new security issues — and adversaries are working hard to exploit them. The FBI reports a 300–400% increase in reports of cyberattacks since the start of the pandemic, and McAfee found that external attacks on cloud accounts spiked by 630%.
Attackers targeted all types of businesses, but large corporations, governments and critical medical organizations were especially hard hit (MonsterCloud). Ransomware attacks were particularly common, skyrocketing by 800% during the pandemic (MonsterCloud). Almost half of these attacks targeted remote desktop protocol (RDP), taking advantage of the new work-from-home reality (Kroll).
According to Verizon, at least two thirds of breaches were caused by hacking, errors or social engineering (e.g., phishing and business email compromise). Therefore, most organizations should make these three things the focus of their security efforts in 2021.
What to expect in 2021
The challenges of 2020 will define 2021: With the pandemic still a reality, organizations and businesses of all sizes will need to cultivate flexibility and resiliency to adapt to the rapidly evolving threat landscape.
Working from home has become the new norm, and will likely continue to be for the foreseeable future. In 2021, at least 21% of US information workers will work primarily from home, compared with 7% in 2019 (Forrester Predictions 2021).
The pace of cloud transition will gather speed. Organizations that made the move to the cloud will expand their use of cloud-based collaboration and productivity tools, and companies that have lagged behind will come on board. Forrester anticipates that 30% of firms will continue to accelerate their spend on cloud in 2021, and the global public cloud infrastructure market will grow 35% to $120 billion.
Both external intruders and malicious insiders will seek to exploit the misconfigurations and other security gaps caused by the rapid transition to remote work, leading to more security incidents and downtime in 2021. The number of threats detected will also increase as organizations get better at spotting suspicious insider activity (Forrester).
Increased cloud adoption will make cybersecurity a key focus for businesses in 2021. Indeed, a Gartner survey of thousands of CIOs found that that it was at the top of the priority list for IT spending in 2021, followed by business intelligence/data analytics (58%) and cloud services/solutions (53%). As one of the CIOs noted, “The more you put into the cloud or other external sources, the more you have to invest in cyber security,”