[2021 Issue 01] Are You Cybersecurity-Ready for 2021?

zyxel_Lin

Given the threats of the pandemic, 2020 was a year of game changer and it greatly reshaped the way people live and work.  Now that we have reached 2021, here are some key highlights that Zyxel observed and would urge businesses of today to pay attention to.

#1 88% of global businesses adopt “remote work is a new normal of future work”.

Till now, we have not seen signs of the COVID-19 pandemic slowing down.  Conducting remote working from home to sustain business operations has grown across the globe.  According to Gartner, 88% of global business organizations mandated or encouraged all their employees to work from home due to the pandemic. 

Employees remotely working has also introduced cybersecurity threats due to unsecured internet connections. A survey by INTERPOL reported that between February and March 2020, there was 569 percent increase in malicious registrations, including malware and phishing.See how Zyxel can help

#2 60% of enterprises will move from remote-access VPNs to Zero-Trust Network Access (ZTNA) by 2023. 

Virtual Private Networks (VPNs) is often used to facilitate access to the corporate network for the remote workforce. For some occasions such as COVID-19 pushed almost all employees to remote working, VPN solution exposes inadequacy for company with longer term usages, as VPNs might introduce latency, impact productivity, difficult to scale up, and may grant employees excessive access to internal resources.  

ZTNA concept emphasize on controlled and restricted access to resources and reduce the attack surfaces. The isolation afforded by ZTNA improves connectivity, removing the need to directly expose applications to the internet.  Gartner predicted that 60% of enterprises will move from remote-access VPNs to ZTNA by 2023. With a zero-trust implementation, users only have access to the smallest set of permissions necessary to perform their work duties.

#3 Cost of Insider Threats rose 31% in two years

While businesses embrace remote working, insider data breach incidents skyrocketed due to unauthorized remote access, weak passwords, unsecured networks, and the misuse of personal devices to connect to company network. 

According to the study of Ponemon Institute, the average global cost of Insider Threats rose by 31% in two years to $11.45 million in 2020, and the frequency of incidents spiked by 47% in the same time period. 

Whether insider threats are caused accidentally or maliciously, insider threat incidents can only be mitigated with the combination of people, security management processes, and technologies. All of which Multi-factor authentication (MFA) can be a good solution to prevent incidents.

MFA is an authentication method that requires the user to provide two or more credentials to gain access to a resource such as an application, online account, or a VPN. MFA asks for more than a username and password, and often involves biometric identification or a code being sent to the user’s smartphone as part of gaining access. Increasing access requirements makes it more difficult for hackers to breach the system. 

#4 Cloud threats come after rapid cloud services uptake

Businesses moving data to the cloud was not news until now. Today, fueled by the pandemic, remote work and online collaboration, cloud adoption has emerged to assist enterprises for business continuity. IDC even pointed out that global cloud services market spending is projected to reach USD 1 trillion in 2024, at a CAGR of 15.7% during the forecast period 2020-2024. 

From security perspectives, rapid cloud migration might introduce potential threats such as misconfigured cloud storage, reduced visibility and control, incomplete data deletion, and vulnerable cloud-apps. These all could be factors to disrupt business growth that every organization could not overlook.