5 Cybersecurity Lessons Learned in 2021
With the shift to remote and hybrid workstyles, organizations are relying on technology more heavily than ever to link users, applications and data. This has given malicious actors new ways to gain unauthorized access to the network.
IT workloads and sensitive data have moved outside the secure perimeter, enlarging the attack surface and increasing the number of cyber threats. Few organizations were fully prepared to protect these resources, leading to spikes in certain types of cyberattacks.
Here are five cybersecurity lessons learned in 2021.
1. Endpoints need stronger security. With many users now working remotely, cybercriminals have stepped up their attacks on endpoint devices. Outside the protection of the corporate network perimeter, endpoint devices can more easily be exploited for security vulnerabilities. A recent survey by the Ponemon Institute found that 68 percent of organizations had been the victim of at least one successful endpoint attack in the preceding 12 months. Traditional endpoint security tools are unable to protect devices outside the network perimeter, and signature-based antivirus software cannot detect polymorphic malware and zero-day attacks.
2. Cloud misconfigurations are a leading cause of security breaches. According to the 2021 IBM Security X-Force Cloud Threat Landscape Report, cloud misconfigurations and inadequate security controls are the cause of almost two-thirds of security breaches. Failure to patch systems, enforce security policies and take full advantage of security controls also increase cloud risks. These problems aren’t new, but addressing them has become business-critical as organizations migrate more workloads to the cloud. Additionally, cloud threats are on the rise, with almost half of the 2,500 known vulnerabilities discovered within the past 18 months.
3. Data protection is increasingly difficult. With critical data scattered across multiple on-premises systems, cloud platforms and endpoint devices, many organizations are struggling to protect it. Legacy backup processes have always been problematic, and remote and hybrid work models have only exacerbated these challenges. A recent study by Vanson Bourne found that 58 percent of backups fail, and 40 percent of IT leaders say that inadequate data protection is hindering their organizations’ digital transformation initiatives. Without effective backup processes, organizations face the risk of data loss from ransomware and other cyberattacks.
With the shift to remote and hybrid workstyles, organizations are relying on technology more heavily than ever. Here are five cybersecurity lessons learned in 2021.
4. Cybersecurity training programs are critical. About one-quarter of security incidents are the result of “human error,” caused by users falling for social engineering attacks or failing to follow corporate security policies. This estimate is likely low — some analysts say that as many as 90 percent of security breaches can be traced to user error. Few employees understand that it’s everyone’s responsibility to help prevent a cyberattack, and risky behaviors have only increased with employees working remotely. Many users admit to taking shortcuts that could expose sensitive data or give cybercriminals unauthorized access to corporate systems. Users need effective security awareness training to reduce these threats.
5. The cybersecurity skills gap is getting worse. Two-thirds of IT leaders say that the cybersecurity skills gap has become critical, creating significant risk for their organizations. Small to midsize organizations in particular have trouble hiring cybersecurity professionals. Retention is also a significant challenge as poaching has become common. In a recent survey by the Information Systems Security Association, more than half of cybersecurity professionals said they are solicited several times a month, and almost one-fourth are asked to consider changing jobs several times a week.
Trusted, Cybersecurity Expertise
GDS offers an array of security solutions to combat these threats, and we are constantly enhancing our portfolio to address the changing business and IT landscape. In our next post, we’ll take a look at next year’s security trends and some of the ways our team can help your organization become more secure in 2022.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.