What To Expect From the Changing Threat Landscape in 2021


Undeniably, 2020 turned out to be an unpredictable year for heavily burdened cybersecurity professionals. The COVID-19 crisis brought to fore several security challenges that IT leaders have long grappled with and though recent investments in IAM and remote support solutions have helped organizations counter growing risks, various hurdles still stand in the way. Here, Avesta Hojjati, Head of R&D at DigiCert highlights key trends that will impact companies in 2021. 

2020 was a challenging year and cybercriminals wanted to make it even worse. A survey of cybersecurity professionals by the Information Systems Security Association (ISSA) and ESG found a 63% increase in cyber-attacks during the pandemic. While there’s been plenty of uncertainty and rapid change in 2020, 2021 is sure to bring new threats, including those trying to leverage the pandemic and the hope brought on by vaccines. Here are some of the significant infosecurity developments that will likely impact companies in 2021.

Social Engineering Attacks Get More Sophisticated

In 2021, there will be more sophisticated social engineering attacks – where cybercriminals attempt to pry confidential information from targets by masquerading as a trusted person or organization. COVID-19 dominated headlines and conversations in 2020. In 2021, cybercriminals will attempt new attacks that take advantage of COVID-19 concerns as well as tax season and unemployment programs.

Watch out for social engineering attacks that attempt to take advantage of people’s economic struggles and health concerns because of the pandemic. They’ll try to get people’s credit card information and other sensitive information through a variety of tactics, including malicious apps that falsely promise to check temperatures and offers of “free” COVID-19 tests.  

Learn More: What Is Social Engineering? Definition, Types, Techniques of Attacks, Impact, and Trends

Telehealth Organizations At Risk of Targeted Attacks

Beginning in spring 2020, the popularity of virtual healthcare soared because of the pandemic and the temporary relaxation of healthcare privacy standards in the U.K., the U.S. and other governments. Telehealth has experienced a considerable surge in targeted attacks as providers rely on remote appointments to provide care, according to a report from SecurityScorecard and DarkOwl described in the articleOpens a new window , “Telehealth is the biggest threat to healthcare cybersecurity.” 

Between January and April 2020, DarkOwl researchers discovered there was a “significant upward trend” in dark web and deep web searches for the top 20 telehealth companies, with a 144% increase from the second to third week of March.

“Although healthcare professionals may be protecting physical health by using telehealth services, they also need to ensure they are not putting data health at risk instead,” according to the report.

Learn More: Why Healthcare IT Leaders Shouldn’t Ignore Repeated Warnings About Cyberattacks

Workers Are Targeted Both in the Office & At Home

As we emerge from this global crisis, expect office work and leisure travel to gradually resume. Social engineering schemes will increase in response. Bad actors will push fake travel offers online and via email to people planning vacations. They’ll use phishing and other attacks to try to get personal information from their intended victims.

Even as employees head back to the office, they’ll likely split the work week between time in the office and at home. Attractive attack vectors for cybercriminals will include home devices that are used for both leisure and work, including smart speakers. Such devices often don’t have the enterprise-level security to protect them against attacks, which is especially problematic because they can begin in a home office but move into the business environment.

Strategies for Staying Safer Online

Just 30% of cybersecurity professionals surveyed by ISSA and ESG believe the security challenges of COVID-19 will result in cybersecurity being prioritized more highly. The other 70% aren’t sure or don’t believe it will become a higher priority. That troubles ISSA Board President Candy Alexander. 

“If anything, this [pandemic] should serve as a wakeup call that cybersecurity is what enables businesses to remain open and operational,” Alexander said in the article. “Organizations prioritizing cybersecurity as a result of the pandemic will likely emerge as leaders in the next wave of cybersecurity process innovation and best practices.” 

Companies that lead will adopt strategies to respond to the new threat landscape, such as:

  • Prioritizing identity and consumer accountability of permissions and controls over data to keep employees and data safer
  • Streamlining operations and saving money by narrowing their security vendors to global companies with innovative technology
  • Doing more with less by adopting automation solutions

Learn More: Cybersecurity Budgets are Changing: Top 8 Priorities for CISOs in 2021

Predictions for the Next Decade

Video teleconferencing tools have proven to be invaluable as a way to connect colleagues unable to travel and meet in person. During the next 10 years, the development of holographic teleconference, or sophisticated telepresence, devices will enable remote employees to view each other in 3D and save time spent traveling for meetings. No special glasses will be required. Instead, holographic projectors on the back of cameras will project a lifelike image during conferencing.

To keep holographic teleconferencing safe from cybercriminals, high-speed, secure communication pathways, higher capacity processors, and higher resolution cameras and projectors will be needed. Codecs that can operate in 3D along with encryption controls are critical for software. This technology will expand from business use-only to consumer use, making cross-country or cross-global family visits possible.

On the data privacy front, the pandemic will have lasting impacts on today’s generation of children. Some of those impacts will be positive, such as children discovering a newfound passion for technology after months of online learning. Those children could grow up to become the innovators of tomorrow, recognizing the importance of infosecurity and creating new technology and security solutions. 

Take a Proactive Security Approach to 2021

Cybercriminals are taking advantage of the pandemic’s changes to how people live and work. Remote workers, connected devices and telehealth appointments are all enticing to threat actors. In 2021, it will be necessary for companies to understand today’s cybersecurity threats and not underestimate the power of cybersecurity strategies and solutions to deter these threats. The challenges of this “new normal” won’t magically disappear but companies can get ahead of threats and stride confidently into 2021. Make sure the new year is an incredible one for your company and not for cybercriminals. 

Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!