What events have impacted cybersecurity and IT for 2021
Hard to believe at a calendar’s glance 2021 is close to wrapping up. Indeed, most are left with a sense of just processing 2020, which was for many a disastrous year. 2020 saw the rise in COVID, rapid adoption of remote working policies, ransomware, global/climate events, a nightmarish 2020 US election cycle marred in conspiracy theories and disinformation, accompanied by a distraught, isolated global population.
So where did that leave us in 2021 thus far? Have things – at least from an IT and cybersecurity viewpoint – gotten better? Or worse?
Critical Cyber Events
It’s not for me to individually stipulate how global IT has shifted. But what I can at least point to are some critical cybersecurity events painting a different picture. Since the end of 2020, we’ve observed three serious infrastructure attacks: SolarWinds, Colonial Pipeline, and the JBS shipping attack. Security, food, and energy, three huge parts of daily living.
And while the attacks were not significant enough to disrupt daily activities immediately, it emphasized some serious points: attacks on critical infrastructure are becoming a new normal. Given the low barrier of entry for cyber attackers into the ransomware world, it’s a problem that can swell in the coming years without proper defenses and strategies.
The application of remote working
Even well into a year (and then some) remote working creates a whirlwind of challenges for both worker and enterprise. From maintaining safe infrastructure to simply managing workloads, it’s a whole new ballgame for any company using remote solutions. The pandemic, too, pushed us towards a solution that inevitably will be the norm for modern businesses. Findstack highlights this with some key stats, such as 74% of survey respondents say they’re less likely to leave a business offering remote work options. Or, that 85% of management surveyed sees remote working as a new normal.
While some businesses may desire a return to the traditional “office environment,” given the flexibility and popularity of remote working, it’s not going away any time soon.
A growing skill gap and lack of skilled staff
With the encroaching growth of smart machines, AI learning, and reliance on technology, the need for understanding these technologies from an engineering standpoint will also rise.
Unfortunately, there’s a growing divide between knowing the tech and using the tech. Budget issues also plague companies, ranging from limited to capital to hire experts and lack of financial resources for desired hardware/software solutions.
In some cases, companies also bring on too much complexity, aka software solutions which are not streamlined. This creates more confusion and additional lag in the workplace, versus actual increases in productivity.
The need to protect and manage data
“Big Data” is still very much a thing, and managing its utilization is important for organizations. But with the proliferation of ransomware, phishing scams, and a surge of new threat actors, businesses also must protect that data. Breaches are common, and ransomware threat actors have demonstrated an increasingly vicious approach towards stolen intel. For example, threat actors would originally threaten to disclose hijacked info if their demands were not met. Now, in numerous cases, they also threaten to outright destroy the data.
As 2021 has demonstrated, the trend of ransomware will only continue to spike. Thanks in no small part to COVID-19, hackers possess fertile ground to spearhead their campaigns, with nearly over half of attacks targeting the healthcare industry.
Cybersecurity in the spotlight
Even in this brief rundown of what’s occurred thus far, you can see cybersecurity and its related threats are not in the best state. Threats are surging as are attack surfaces (the total opportunities/targets threat actors have for launching malware campaigns).
If it does have one benefit, however, is that cybersecurity as a concept has been thrust into the mainstream discourse. Familiarity on a common scale is necessary to better understand and combat cyber threats. Once more, federal agencies, businesses, and accessible networks are taking some role to emphasize better security strategies.
Enhanced cybersecurity budget for the US
As discussed in another article, the United States is looking to expand its cybersecurity investments as part of a huge infrastructure bill. This, at the very least, sets up a proper foundation for enhancing cybersecurity efforts and further educating people and businesses about contemporary digital threats.
The infrastructure bill will apply necessary millions to various industries while simultaneously creating competency guidelines for better cybersecurity practices.
The total scope of cybersecurity, as it stands now, is still on shaky ground. Considering the influx of threats with the increased need for remote/technologically driven solutions, there are numerous defense surfaces to properly secure.