With the growing threat of fraud fueled by the digital acceleration that took place in 2020, Experian revealed five emerging fraud threats facing businesses in 2021. The rapid increase in digital use created a perfect storm for fraudsters to quickly find new ways to steal funds, capitalizing on consumers’ lack of familiarity with digital platforms and the resource constraints faced by many businesses. In fact, from January 2020 to early January 2021, the Federal Trade … More
The post Five emerging fraud threats facing businesses in 2021 appeared first on Help Net Security.
Many corporate IT leaders say their organizations are not prepared for the future IT needs of the business and nearly all are moving to advance their transition to cloud infrastructure, according to an IBM survey of leaders at mid-sized and large companies in the United States and United Kingdom. IT modernization program not yet ready for the future Of the 380 CIOs and CTOs who participated in the survey, 60% say their company’s IT modernization … More
The post 60% of companies’ IT modernization programs not ready for the future appeared first on Help Net Security.
Eagle Eye Networks shared the trends that will have the biggest impact on video surveillance, security, and use of analytics to drive business intelligence and improvement in 2021. Customers are asking for cloud The shift to the benefits of cloud in the video surveillance space are powerful and undeniable, including major cost savings, heightened data security, remote access and maintenance, flexible storage and retention, scalability, increased stability, and disaster recovery. Analytics and AI turn security … More
Healix International has identified six key areas of risk – besides the continued impact of COVID-19 – for global organizations in 2021. Natural disasters The increasing frequency of extreme weather events with natural disasters becoming more pronounced both in terms of frequency and severity. Building resilience to natural disasters is a significant exercise. Faceless threats In a context of increased isolationism, and more time spent online, individuals will become increasingly disconnected from normative community activity … More
The global VPN market was valued at $25.41 Billion in 2019 and is projected to reach $75.59 Billion by 2027, growing at a CAGR of 14.7% from 2020 to 2027, Valuates Reports reveals. Major factors driving the growth of VPN market size, increase in data security concerns, rise in advanced & complex cyber threats, and an upsurge in usage of mobile & wireless devices within organizations. This study includes the analytical depiction of the virtual … More
The post Worldwide VPN market to reach $75.59 billion by 2027 appeared first on Help Net Security.
Vendor revenue in the worldwide server market grew 2.2% year over year to $22.6 billion during the third quarter of 2020 (3Q20), according to IDC. Worldwide server shipments declined 0.2% year over year to nearly 3.1 million units in 3Q20. Volume server revenue was up 5.8% to $19.0 billion, while midrange server revenue declined 13.9% to $2.6 billion, and high-end servers declined by 12.6% to $937 million. “Global demand for enterprise servers was a bit … More
The post Server market revenue reached $22.6 billion in 3Q20 appeared first on Help Net Security.
In this article I’ll consider next year’s data security landscape with a focus on the two key issues you need to have on your planning agenda. Of course, how the pandemic plays out will have a huge say on tactical questions ranging from budget to manpower to project priorities – but these long-term strategic trends will impact IT organizations well beyond 2021. The “bring your own” genie will leave the bottle Over the last decade, … More
The post The need for zero trust security a certainty for an uncertain 2021 appeared first on Help Net Security.
Concerns around security, privacy, cloud and technology resilience are being further fueled by shifting business priorities, the pandemic-induced remote work environment and accelerated deployment of new technologies, according to a survey from Protiviti and ISACA. Entering into 2021, IT audit groups – particularly those in more digitally mature organizations – are utilizing more dynamic and real-time approaches to technology risk assessment, which enables them to be more agile and responsive to the rapidly evolving risk … More
The post Organizations further along the digital transformation maturity spectrum have an advantage appeared first on Help Net Security.
As the entire world has learned throughout 2020, effective suppression of the COVID-19 pandemic requires concerted responses and coordinated action. Medical professionals must adopt new protocols; local, state, and national governments must implement track-and-trace programs; everyday citizens must adopt risk-minimizing tactics like wearing masks and physical distancing. Unfortunately, fraudsters have taken advantage of the pandemic to rob and steal. And just as beating the virus, beating COVID-19-related fraud will also require a multiparty approach. Organizations … More
The post Working together to suppress complex and organized fraud appeared first on Help Net Security.
Network operator spend on multi-access edge computing (MEC) will grow from $2.7 billion in 2020, to $8.3 billion in 2025, as operators invest heavily in upgrading network capacities and infrastructure to support the increasing data generated by 5G networks, according to Juniper Research. The study also revealed that by 2025, the number of deployed multi-access edge computing nodes will reach 2 million globally in 2025, up from 230,000 in 2020. These devices, which take the … More
The post Network operator spend on multi-access edge computing to reach $8.3B by 2025 appeared first on Help Net Security.
Most people in the IT industry are familiar with the phrase “people, process, and technology.” While there are many technology and process standards within organizations, and while they are created by people and supported by people, the innate “people” component of technology development and management is often neglected. The overemphasis on logic, analytics and process has led to leadership challenges such as poor communication, poor relationship management and poor stakeholder engagement. Critical IT projects have … More
The post Steps IT pros can take to prioritize interpersonal needs appeared first on Help Net Security.
Each quarter, Deloitte tracks the thinking and actions of leading CFOs representing North America’s largest and most influential companies. Participating CFOs represent diversified, large companies averaging more than $10 billion in annual revenue. CFOs unveil economic expectations for 2021 This quarter, just 18% of CFOs rate the North American economy as good, but 59% expect better conditions in a year. Europe was flat at 5% and 37%, respectively, and China improved markedly to 47% and … More
The post CFOs optimistic, expect the economy to improve in 2021 appeared first on Help Net Security.
There’s no doubt that 2020 will be remembered for the uncertainty and rapid change it brought. As the global pandemic accelerated trends like remote working and digital transformation, it has also created new cybersecurity challenges. However, although much of 2020 was unpredictable, it’s still possible to step back and look at infosecurity developments that will point the way forward. Sophisticated social engineered attacks on the horizon A recent Verizon report highlighted social engineering as a … More
The post Disruption in 2020 paves the way for threat actors in 2021 and beyond appeared first on Help Net Security.
Nutanix announced the healthcare industry findings of its report, measuring healthcare organizations’ plans for adopting private, hybrid and public clouds. The findings point to a growing trend within the sector: with 70% of respondents reporting that COVID-19 has caused IT to be viewed more strategically within their organizations and the pandemic has accelerated digital transformation that is likely to shape the future of healthcare. Looking for ways to support technology demands of COVID-19 As COVID-19 … More
The post Healthcare organizations to increase hybrid cloud deployments appeared first on Help Net Security.
There was a significant acceleration of cloud and colocation migrations, with 54 percent of IT leaders stating the pandemic has motivated their organization to move applications and workloads off-premise, according to an INAP survey. Additionally, IT leaders shared that their primary challenges for the upcoming year primarily center around adapting infrastructure and networking strategies for remote work or returns to the office. Despite pressure, IT pros reported some positive impacts Despite heightened pressure, IT pros … More
The post Expedited shifts to hybrid infrastructure and remote work challenges appeared first on Help Net Security.
The cloud ITSM market size is expected to grow from $4.7 billion in 2020 to $12.2 billion by 2025, at a CAGR of 21.2% during the forecast period, according to MarketsandMarkets. The flexibility and agility of cloud-based models would support the IT service needs of enterprises. The leading CSPs/hyperscalers—Microsoft, IBM, and AWS—are expected to increase their CapEx primarily for data center expansion to support the increasing workload for their internal and external stakeholders. The increasing … More
The post Cloud ITSM market size to grow to $12.2 billion by 2025 appeared first on Help Net Security.
The pandemic has accelerated digital transformation for 88% of global organizations. However, this increase in cloud adoption may leave business data insecure, Trend Micro reveals.
Accelerated cloud migration
“But the survey findings also highlight the challenges remaining with understanding security in the cloud. Cloud adoption is not a ‘set it and forget it’ process, but takes ongoing management and strategic configuration to make the best security decisions for your business.”
Customers are responsible for securing their own data
The survey confirms a simple misconception that can lead to serious security consequences. While cloud infrastructure is secure, customers are responsible for securing their own data – which is the basis of the Shared Responsibility Model for cloud.
92% of respondents say they are confident they understand their cloud security responsibility, but 97% also believe their cloud service provider (CSP) offers sufficient data protection.
Of those surveyed, only 55% of respondents use third-party tools to secure their cloud environments. This suggests that there may be significant coverage gaps and confirms that the shared responsibility is not understood.
The research has found that misconfigurations are the number one risk to cloud environments, which can happen when companies don’t know their part of the Shared Responsibility Model.
Organizations confident in their cybersecurity posture
The surveyed organizations seem to be confident in their cybersecurity posture in the cloud, as:
- 51% claim the accelerated cloud migration has increased their focus on security best practices
- 87% believe they are fully or mostly in control of securing their remote work environment
- 83% believe they will be fully or mostly in control of securing their future hybrid workplace
Despite this confidence, many respondents also admitted to experiencing security related challenges:
- 45% said that security is a “very significant” or “significant” barrier to cloud adoption
- Setting consistent policies (35%), patching (33%), and securing traffic flows (33%) were cited as the top three day-to-day operational headaches of protecting cloud workloads
- Data privacy (43%), staff training (37%) and compliance (36%) were reported as significant barriers in migrating to cloud-based security tools
“The good news is that by using smart, automated security tools, organizations can migrate to the cloud headache-free, ensuring the privacy and safety of their data and overcoming skills shortages as they do,” Nunnikhoven added.
Security solutions for cloud environments rated most important to responding organizations were network protection (28%), cloud security posture management (26%) and cloud access security broker (19%) tools.
Fudo Security published the results of it survey, enlisting the unique perspectives of a diverse, select group of CISOs, senior cybersecurity executives and industry decision-makers from around the globe including the US, Europe, Asia and MENA. More than 42% said the pandemic has changed their cybersecurity priorities.
Survey respondents reported that more than 77% of their employees have been working remotely this year and they expect this to continue and not ask employees to return to the office at all.
Preferred remote access solutions
An overwhelming majority are relying on multi-factor authentication (84.3%) and SSL VPNs (81.9%) for secure remote access. 57.8% utilize identity and access management (IAM), and 50.6% deploy privileged access management (PAM).
Rounding out the top remote access security solutions in use are virtualization systems with remote access (49.4%) and session monitoring and recording (37.3%).
The four most desired features in a secure remote access solution were: authentication and authorization/MFA, encrypted connection, single sign on, and user access gateway (website) for easy access.
Pandemic cybersecurity priorities: Key findings
- 22.9% experienced a remote attack or disruption since the beginning of theCOVID-19 period in March 2020
- The greatest perceived threats were malware (28.9%), misuse by staff (26.5%) and threats related to vendors and other third parties (21.7%)
- 28.9% said they have invested in new tools but still feel inadequately protected
“Human error, combined with deliberate actions by employees and contractors are the biggest cybersecurity risk for any organization. Multi-factor authentication and SSL VPNs top the list of most-used solutions, but are proving to be insufficient,” said Patryk Brozek, CEO of Fudo Security.
“While there is no perfect tool in the reality we are living in, a lean, PAM-based secure remote access solution enables enhanced cyber resiliency and Zero Trust network access, effectively monitoring user activity that is crucial to securing the future,” Brozek said.
Each year seems to come with more cyber threats, “bad actors,” ransomware and data breaches. The security industry is on fire right now with technology providers continuing to innovate and develop new ways to help organizations defend against all these threats. However, not all of the security budget should be spent on prevention – organizations need to invest in a key IT trend in 2021: cyber resilience.
No matter how much investment is made in traditional security elements like firewalls and DLP, data breaches will continue to occur and organizations must remain operational, even during a crisis. Cyber resilience is the concept that an organization must be prepared if or when a breach occurs – how do they get back up and running with minimal disruption to the business?
How did we get here?
The world has become incredibly dependent on technology and cloud computing, which is triggering a rise in cybercrime and, as a result, positioning cyber security as a hot topic for organizations everywhere.
Cyber resilience has begun to enter the mainstream, as the focal point turns from just securing the borders to making sure business operations can bounce back after an attack, through cyber resilience practices. The goals here are to ensure that network and IT systems data is protected and can be recovered in the event of a data breach.
In 2021, security vendors will be in a race to deliver next-generation tools and processes — an additional layer of defense — to safeguard businesses a step further. Encryption, key management and cyber resilience frameworks will emerge as everyday strategies to address compromised data, for IT security teams globally.
The end goal will be to protect data, reduce or eliminate loss, and meet the growing list of regulatory compliance requirements, like HIPAA, PCI-DSS, GLBA, NERC, FERC, GDPR and new regulations like the CCPA in California.
Other key 2021 security trends
While cyber resilience will be one of the focus areas in next year’s landscape, several other themes will be prominent for IT managers next year. A shortlist of the top five are below:
- Zero trust architectures solidify. The quick shift to more people working remotely has exposed home network environments which are oftentimes less secure and more exposed than corporate networks. This will continue to force organizations to think beyond securing only within the walls of the enterprise. Zero trust architectures will evolve beyond the hype to create real-world security offerings that enhance the “moat and wall” paradigm, rather than replace it.
- Confidential computing will mature as more trusted execution environment (TEE) technologies emerge. All three of the big IaaS vendors (AWS, Azure, Google Cloud) are already building TEE offerings as the final frontier of data protection. In turn, data-in-use protection will become required by emerging roles and technologies within the enterprise.
- Data security hits CxO primetime. Data security will no longer be the purview of just the CISO but move partially into the hands of the chief data officer and the chief privacy officer. Confidential computing will help facilitate this move as new operating budgets will be used to provide greater transparency around what data can be used and by whom. For example, aggregate data may be offered to third party analytics platforms for use in forecasting.
- Adoption of new encryption tech emerges ahead of 2020’s predicted curve. Newer data protection technologies, such as homomorphic encryption, will be adopted sooner than predicted as real-world use cases, like voting protection, demand solutions sooner rather than later.
- The “separation of lock and key” becomes a requirement. In the event an encryption key is lost, data cannot be restored in any way. IT teams everywhere will adopt the separation of encryption locks (the encryption) and keys (digital keys) as a best practice for data security.
The ramifications of last year’s global pandemic will continue to drive unprecedented digital transformation. Better, stronger security solutions that were previously unavailable will hit the street. Not only will new technologies emerge to lockdown corporate data, security as a whole will be positioned as a key initiative for 2021 at the executive level.
Organizations will embrace new edge and remote technologies to further extend worker productivity and implement more security practices like data encryption to further safeguard the distributed workforce of the future.
The number of vulnerability disclosures is back on track to reach or bypass 2019 as we head into 2021, according to Risk Based Security. The team aggregated 17,129 vulnerabilities disclosed during the first three quarters of 2020, marking a 4.6% gap when compared to last year. However, earlier in 2020 that gap was instead a sharp decline of 19.2%. “At the end of Q1 this year, we saw what appeared to be a sharp decline … More
The post 2020 to reach vulnerability disclosure levels similar to those in 2019 appeared first on Help Net Security.
A Unify Square survey unveils key perspectives of enterprise employees on workplace collaboration and communication in the midst of the global pandemic. Findings highlight gaps in stress levels between workers at different job levels and industries and how increased usage of collaboration and UC applications has impacted the success of internal communication at enterprises. Zoom reigns king of collaboration Since COVID-19 forced a large majority of the enterprise workforce into remote work, 72% of companies … More
The post Researchers expose the stress levels of workers at different job positions appeared first on Help Net Security.