There hasn’t been many world events that have occurred during my 25+ year career that have had such an impact on cybersecurity as the pandemic. As I reflect on the approximate one year mark since we first heard about COVID-19, it’s truly been one for the record books.
This is not relative to numbers such as the amount of data breaches that have been caused by the pandemic, but more so because of the long term ramifications. The pandemic opened up many new cyber scams and threat vectors as well as more vulnerable targets due to rapid and – at times – rushed changes organizations had to undertake in order to respond. A good cyber review of 2020 can be found here.
Now we are at a tipping point with societal and operational changes companies and cybersecurity professionals will need to grapple with for a long time. I addressed how some of these will affect 2021 in my annual Data Breach Industry Forecast. As we forge ahead, there are two key areas I see as major security concerns with long-term impact:
Remote working is here to stay
There is no turning back in how, and more importantly, where we do business. What that means is a larger workforce working from home, which spurs a number of concerns and vulnerabilities from a security standpoint. Businesses now have a much broader threat landscape to protect. Not only that, but families need to tighten their security hygiene as well for their personal devices since criminals know we are spending more time at home using these tools. I predict that operationally there will be new strategies to protect systems and a rethinking of best practices in addition to a flurry of new protection software and other technologies to better protect this at-home frontier. Companies will also need to create new trainings for its employees and find better defenses for social networking attacks like spear phishing.
Healthcare will never be the same
That line is an understatement. Unfortunately, cybercriminals will not take pity and leave the embattled industry alone. Medical information is very lucrative and thieves will continue to take advantage of healthcare organizations’ focus on the pandemic. But they must address security, especially with advancements here to stay such as telehealth. In fact, I envision that operationally we’ll see more third party data breaches as more providers engage outside suppliers for their digital offerings. Also, with increased digital visits there could be more patients visiting smaller clinics or diagnostic testing centers for further evaluations or tests, which opens up more roads where patients’ information is flowing back and forth. Organizations will need to shore up third party security protocols and expectations to try to prevent this type of data breach.
We are only at the beginning of this journey to overcome unexpected challenges and manage new ways of conducting business. For more commentary and updates on the cyber-demic, follow my LinkedIn monthly digest.