A CEO’s secrets – Snooping cybercriminals to bring down a WFH CEO

A CEO’s secrets – Snooping cybercriminals to bring down a WFH CEO

Enterprise SecurityInsightsTop Stories

As 2020 comes to an end, there’s a lot of talk surrounding what the future will hold and what technology trends 2021 will have in store for us. Chris Harris, Europe, the Middle East and Africa (EMEA) Technical Director at Thales; and Dr Alex Tarter, Chief Cyber Consultant and CTO at Thales UK, discuss the developments we’ve seen this year and what to expect in the near future.

Chris Harris, Europe, the Middle East and Africa (EMEA) Technical Director at Thales:

Homeworking is set to stay in 2021 as companies look to strike a better work-life balance for their employees. As a result, with more people working from home, expect to see an increase in smart devices as everyone aims to make their lives more convenient.

However, this could open a new door, with smart homes set to become the new battlefield for cybercriminals. Unbeknown to senior business leaders, the adoption of connected devices like baby monitors and security cameras could be opening the door for hackers to listen in on their confidential work conversations. Whether it’s discussing sales figures, business strategy or product development, including details of the company’s IP, this information could be valuable if it falls into the wrong hands and is sold to rivals.

Internal cybersecurity skills training to close external skills gap 

The explosion of remote working in 2020 has brought with it more risks than businesses could ever expect. While employees now sit on couches accessing an organisation’s most sensitive data from their living rooms, hackers are waking up each day with new methods of attack, praying on businesses weakened by this year’s challenges and those vulnerable to exposure. However, with a security talent gap out there, businesses won’t be able to hire enough employees with the right skills to protect the company. As such, 2021 will see a shift in mentality with businesses making cybersecurity training an aspect of every role and all job descriptions moving forward. This in turn will help to close the talent gap that’s long plagued the security industry.

Government and companies to deploy trusted digital identities

As the world becomes increasingly more digital-focused, 2021 will see more digital identities initiatives popping up, which will have to come along secure digital identity verification solutions based on official ID document checks. Despite the way things have transformed for people this year, physical documents are still required to verify who people are like for banking purposes for instance, with ID documents like passports and driving licenses having to be taken in, scanned or details inserted. In today’s world, through safety and convenience, people want to be able to verify themselves digitally. To make this happen, a private and public sector cooperation is expected to offer users convenience and security when trying to get authenticated through online platforms. 2021 will be the first year that digital identity becomes mainstream in the UK.

Dr Alex Tarter, Chief Cyber Consultant and CTO at Thales UK:

Resilience is the new efficiency

As the pandemic hit, many companies were forced to react quickly to keep themselves going and meet customer needs. However, this move to digital has opened up a gateway for hackers, who have attempted to take advantage of a great attacker surface. 2021 will start to see the trend towards efficiency over resilience reversed as companies realise the damage that can be done if these key services go down. This could result in the security budget overtaking the R&D budget next year.

Business will take the fight to hackers

The business-hacker relationship has largely always been one-way, with cybercriminals attempting to break in and businesses reacting. However, 2021 will see that relationship change as businesses go on the offensive and attempt to throw hackers off their game. Companies will start using deceptive techniques such as deploying fake high-attraction systems to divert attackers, or leave fake credentials (breadcrumbs) that lead to a fake high-value target.

Cybersecurity recruitment to coincide with vaccine rollout

If 2020 is to be defined by the Coronavirus, then 2021 will, hopefully, be the year of the vaccine. Scientists and medical professionals have been working against the clock to produce a vaccine that will mitigate the virus but within that, unfortunately, are threat actors looking to upset the process and steal data. With medical and logistical information at such a premium, the UK still faces a cybersecurity talent shortage that could leave its health industry exposed. In 2021, expect to see a greater effort from the healthcare industry to access cybersecurity expertise both from a recruitment perspective and a partnership viewpoint in order to protect their systems and protect against misinformation about the vaccine process.

Companies set aside budget to respond to crypto-ransomware

With the world so interconnected, 2021 will see hackers adapt their currently highly successful crypto-ransomware campaigns against a company’s enterprise networks, to also start targeting their vital industrial and process control systems. As businesses progress with their Digital Transformation programmes, they will become increasingly attractive targets for ransomware gangs. These attackers will block access to vital production and automation services rendering companies unable to operate, unless they pay or institute an expensive and time-consuming recovery exercise. As a result, we’re likely to see a dramatic uptick in companies paying crypto-ransoms in 2021 or conducting resiliency exercises, with many setting aside a portion of their budgets to prepare for it during the year.

Click below to share this article