Why IT Security Will Be a Major Business Concern Over the Next Decade

Opinions expressed by Contractor the contributors are theirs.

Over the past few months, a massive change in work dynamics has fueled an increase in a type of infection that isn’t constantly in the news – the type that affects computers. Malware attacks, phishing attempts and other types of cybercrime are reaching record highs in 2020. Unfortunately, these latest developments are just the tip of the iceberg, as the rapid expansion of digitalization has already significantly increased exposure to virtual threats in recent years. years.

KTSDESIGN | SCIENTIFIC PHOTO LIBRARY | Getty Images

As a result, more than 70% of internal cybersecurity leaders plan to request a significant budget increase over the next year. Therefore, it is time to examine the driving forces behind the need for IT security solutions in the current decade.

Coronavirus-related attacks on the rise

Although working from home has helped stem the spread of the coronavirus, computer virus infections are now on the rise as hackers and opportunistic cybercriminals seek to take advantage of the situation to line their pockets. As a result, the number of malware and ransomware attacks increased by 25% between Q4 2019 and Q1 2020, as a wave of attacks hit a range of victims.

Related: Cyber ​​threats on the rise amid outbreak

Criminals are increasingly incorporating coronavirus themes into their attacks, using vaccine information decoys, masks and out-of-stock items to help trick victims. According to KPMG, many of these attacks are financial scams that promise government aid or payment – ​​but actually intend to scam the victim out of their personal information and/or money.

It’s not just ransomware attacks that are on the rise. There has been a sharp increase in the number of phishing attacks in recent months, with criminals now posing as trusted sources of information, such as the World Health Organization (WHO), to trick victims into handing over money – usually by offering virus test kits, critical information or coronavirus-related investment programs in return.

Based on data released by UK tax authority HM Revenue and Customs (HMRC) and reported by ITProPortal, the number of coronavirus-related phishing attacks peaked in May, more than double the previous month. Phishing attacks also saw one of the world’s most popular social networks, Twitter, suffer a major breach in July, as more than 130 influential accounts were hacked after Twitter’s internal systems were compromised.

Related: The top five sectors prone to cyber threats under the COVID-19 lockdown

In the wake of the Twitter breach and the general uptick in malware attacks, businesses large and small are now beginning to step up their IT security efforts to protect their employees and customers from attack. Based on the latest forecast from Gartner, the cloud security market is expected to grow by 33% in 2020, while the data security market will grow by 7.2% over the same period to become an industry of 2 $800 billion. Much of this is due to institutional security spending.

Data leaks are a growing concern

When the GDPR came into force in 2018, it was supposed to be the dawn of a new era of privacy – at least in the European Union and the European Economic Area. Recently enacted legislation significantly limits the data organizations can collect on EU citizens while giving users greater control over their data.

Despite this, the number of data leaks has skyrocketed in 2020, and several massive data breaches have already occurred this year. In March, the Marriott hotel chain announced that the private information of more than five million users of its loyalty program had been leaked. This is the second time in two years that the hotel chain has suffered a devastating breach.

Additionally, popular video conferencing app Zoom also suffered a breach that saw the login credentials and private information of half a million users exfiltrated and put up for sale on the dark web.

Related: 4 Strategies Small Businesses Can Use to Avoid a Data Breach

Oleksandr Senyuk, who launched a smart but cloudless password manager with his company KeyReel, believes that recent trends in corporate culture, such as the use of private rather than corporate phones and the use home offices, have dramatically increased security vulnerabilities in the business world. . “Remote access to internal systems from laptops and workstations located in unsecured environments poses a serious threat to businesses of all sizes,” he says. “The solution is to focus on the security of individuals rather than that of companies.”

Senyuk urges companies to invest in cybersecurity software solutions and, most importantly, in employee training and annual training. Surprisingly, even employees of the big tech powers seem to lack basic IT security skills. Senyuk recounts an embarrassing 2016 incident in which a DropBox employee used the same password for a corporate network account and his personal LinkedIn account, resulting in over 60 million user IDs being stolen.

Related: How Social Media Compromises Data Security

Overall, according to data from Security Boulevard, 2020 is already on track to set a new record for data breaches, with around 16 billion records already leaked this year. Likewise, according to the Verizon Data Breach Investigations Report (DBIR) 2020, there were at least 3,950 data breaches in 2020 alone, nearly half of which were the result of a hack, while 86% were motivated by financial reasons.

Governments are cracking down on encryption

Cybercriminals aren’t the only ones targeting people’s data. With the EARN IT (Eliminating Abusive and Rampant Neglect of Interactive Technologies) Act making its way through Congress, it may not be long before anyone using encryption-based communication services can be eavesdropped by the US government, as the companies would be forced to weaken their encryption and essentially provide the government with a backdoor to user data.

Related: 4 Ways Businesses and Consumers Can Recover Their Data in 2019

“Many governments are working to ban or weaken end-to-end encryption, such as the US EARN IT Act,” Senyuk said. “This would allow governments to force any cloud provider to break the system and quietly acquire and monitor data. LavaBit and EncroChat are two examples of direct government involvement in cloud service provider services. many users and businesses don’t have significant concerns about government intervention, security experts warn that weakening encryption would harm everyone’s safety.”

Naturally, the EARN IT law has been strongly pushed back by the cyber community, which has led to an increase in the use of encrypted messaging apps such as status, cryptocurrencies such as Bitcoin (BTC) and Ethereum (ETH ), and security tools that prevent eavesdropping and theft. .

With similar efforts to undermine encryption currently underway in several countries, and the “Five Eyes” security alliance now looking to implement backdoors into popular apps, privacy is a greater concern than ever.

Comments are closed.