Right now, it’s challenging to look forward to what 2021 will bring with any degree of clarity – even from a business context. Covid-19 has already altered nearly every aspect of how organisations operate; from the distribution of workforces, to the movement of just about all customer interactions online, the business world has completely turned on its head. One thing we do know is that these changes have dramatically accelerated digital initiatives across industries. Technologies to assist productivity and business continuity have flourished. Whether it’s bringing on new collaboration tools or moving critical infrastructure and applications to the cloud, it’s become more distributed – and as a result, the range of opportunities for attackers has significantly increased.
So as we glance ahead to 2021, how exactly will the convergence of those unimaginable forces and events impact cybersecurity for subsequent 12 months. Companies’ adoption of longer-term remote work strategies means distributed IT environments will only still expand. With many employees performing from home, they’re regularly accessing corporate systems and resources through insecure home networks and private devices. This makes each user their own island, rendering legacy security controls ineffective. Individual actions are threatening corporate security to a greater degree than ever before.
It’s due to these islands of security that we’ll see the attack cycle move faraway from broad ‘spray and pray’ social-engineering attacks to more hyper-personalised ones. These attacks will target those users with privileged access to sensitive systems, data and infrastructure. Where attackers generally believe lateral movement, seeking any foothold and dealing to elevate access and move across the network to urge to their desired destination, these islands now limit the attacker to whatever high levels of access their specific target has been granted. As a result, we’ll see a move toward vertical movement, with attackers targeting individuals, like business users, supported what they need access to – from administrative consoles and financial records, to competitive data. While this new ‘personalised attack chain’ approach are going to be longer consuming and dear for attackers as they appear to spot and profile the precise person they’re trying to find , it’ll also cause shorter attack-cycles. this might make it harder for organisations to spot and stop attacks before they impact the business.