In 2020, CIOs, CISOs and their cybersecurity teams faced a digital pandemic of supply chain attacks, breaches, and ingenious techniques of human engineering used to compromise enterprise systems. How they handled it is the stuff of legends!
With millions of employees working remotely, the number of breaches has skyrocketed due to a lack of security protection and insufficient training to detect hacking and phishing attempts. As a result of the global pandemic, malicious actors quickly took advantage of the chaos that ensued, to compromise as many valuable enterprise systems as possible.
According to PwC’s ‘Global Digital Trust Insights 2021’ report, nearly 96% of business and technology executives put cybersecurity investments on priority due to the outbreak of COVID-19 and its impact on their organizations. In 2019, that number was closer to 25%.
Critical Cybersecurity Lessons Learned in 2020
Enterprises had to reinvent themselves to keep pace with the rapidly changing digitalized world as offices were shut down. One of the critical lessons learned in 2020 is that the human element should come first.
According to CISOs, CIOs, and their teams, the following are the top lessons learned during the global pandemic.
Remote Workforces Make Endpoint Protection a Necessity
With the employees working remotely, endpoint protection is now all the more important. Endpoint protection platforms should have the capability to securely configure, patch, and manage operating systems and applications and update the security protocols.
QR Codes are now a Significant Growing Threat Vector
Companies switched to QR codes in 2020 for touchless transactions, and this gave fraudsters a new threat vector to gain access into enterprise systems. This significant change makes unified endpoint management (UEM), passwordless multifactor authentication (Zero Sign-On), and mobile threat defense (MTD) crucial for mobile devices.
Fraudsters were found combining social engineering with easily created QR codes with an objective to gain access to victims’ bank accounts. Moreover, they seek to install malware on devices and penetrate whole corporate networks. Malicious QR codes can be used to open webpages, make a payment, or transfer information without the user’s permission.
Managed Service Providers (MSPs) are top Targets
Managed Service Providers (MSPs) are an attractive tool for cybercriminals. Once threat actors get access to the MSP’s internal systems, all the customers are exposed. In 2020, MSPs were a major target by state-sponsored hacking groups and cybercriminal gangs to gain access to the larger organizations that are their clients.
Vendors providing cloud-based critical management systems that support multi-cloud configurations are in demand right now.
Attackers Compromise on the Software Supply Chain
It’s clear from the SolarWinds breach that state-sponsored actors can infiltrate the software supply chain well and change the executable files while mimicking protocol traffic in order to avoid detection. Enterprise software organizations, particularly the ones involved in cybersecurity, are expected to design preventive privileged access controls within their DevOps process and strengthen them with detection-based controls.
Furthermore, SolarWinds showed that it is essential to have numerous preventive controls as part of a PIM strategy. Key factors include strong and rotating passwords, multi-factor authentication (MFA), adopting federated credentials, and requesting privileged users to log in for better accountability and auditing.
For more such updates follow us on Google News ITsecuritywire News.