cyber trends
Organisations should have an incident response service-level agreement ( SLA ) in place . They should also establish secured backups that teams can revert to when necessary . Organisations are going to be targeted and they are going to be compromised , so it is crucial to have prevention and recovery strategies in place .
Espionage as an ongoing driver of nation-state activity
Major nation-state threat actors continuing efforts in 2021 will include Russia , China , Iran and North Korea . These countries are significant sponsors of threat activity , both regionally and globally . Beyond that , there has been an uptick in activity from Vietnam and South Asia .
Persistence and growth of ransomware usage
The use of ransomware accelerated and became more dangerous than ever in 2020 . Targeted attacks against medical facilities during the pandemic crossed a line that had never before been approached . Ransomware will continue its rapid growth in 2021 and its varieties will increase along with the frequency of attacks . Post-intrusion reconnaissance revealed that threat actors encrypt the most relied on and sensitive data and architecture , leading to higher ransom demands .
In 2021 , organisations need to be prepared for a ransomware attack . This means ensuring that networks are segmented , that an actual plan is in place and that tabletop exercises have been conducted with senior leaders and other key staff . This will ensure that everyone is ready to take optimal action in the event of an attack .
Spear phishing is one of the most popular infection vectors when it comes to nation-state threat activity and it will continue to dominate in 2021 . In addition , an increasing number of nation-state actors are focusing on intrusion techniques that don ’ t require any victim interaction , such as exploiting web-facing applications and password spraying . These tactics are being used by a number of Iranian , Russian and Chinese groups in 2020 and are expected to continue in 2021 . Countries that are just getting into the business of cyberespionage will continue to turn to third-party intrusion vendors for tools and capability enhancement .
Cloud security taking the limelight
This year , companies will need to spend time building up awareness of their cloud presence .
Many companies deferred multi-factor authentication to legacy systems as they were accelerating their migration to cloud platforms in recent years . The urgency of business requirements often drives organisations to move technology adoption efforts forward faster without having the right security controls in place . As a result , many organisations will be playing catch up on the security front as we move into 2021 . Organisations need to secure www . intelligentciso . com
19