What cybersecurity challenges will the next year bring? For many years, privileged corporate accounts have been one of the most popular, gateways for cybercriminals to access systems and sensitive data. This will not change in the next year either, because when it comes to managing and securing privileged accounts (including administrator, service, machine, or database accounts), many companies still have a lot of catching up to do.
Cybersecurity: Privileged Accounts Are Popular Gateways
As the current State of PAM Maturity Report from Thymotic shows, 55 percent of companies do not understand how many privileged accounts they have or where they are located. More than half of these accounts also have an unlimited term. Once hacked, they give cybercriminals unrestricted access to sensitive resources and grant control over the entire network.
If you want to avoid this in the coming year, you should start regaining control of your privileged accounts. The first step is the automated identification of the accounts and the restriction of far-reaching authorizations with the help of the least privilege strategy.
Cybersecurity: Deep Fakes Take Identity Theft To A New Level
With the increasing use of social media, identity theft and abuse have become a mass phenomenon. If the threat potential was already very high thanks to risky password practices and careless handling of personal data, deep face technology is now taking the threat to a new level. Cybercriminals or hacktivists use artificial intelligence to retouch a person’s face or voice into existing video or sound material in a deceptively real way. While deep lakes have so far been particularly popular in the porn industry, they will increasingly appear in the cybercrime environment in 2021, for example, to optimize phishing campaigns or CEO fraud.
Cybersecurity: Security-As-A-Service On The Rise
Although German companies have been skeptical or critical of cloud solutions for a long time, more and more of them are being convinced of the advantages of SaaS tools – especially in the area of IT security. Fifty-two percent of companies are already using security technologies as a cloud service. Another twelve percent plan to do so in 2021, as a survey carried out at EIC 2020 shows. The main aim is to reduce costs.
SECaaS solutions are usually characterized by a flexible cost structure since resources are only rented in the sense of a pay-to-use service. Since installation, maintenance, upgrade, or depreciation costs are eliminated, up-front investments and long-term costs can be significantly reduced. As the shortage of skilled workers continues to increase, it can also be assumed that companies will increasingly purchase SECaaS solutions from Managed Security Service Providers (MSSPs) in the coming year.
Recognize The Strategic Importance Of Cybersecurity
Also, this year, managing directors and board members have allocated less budget for IT security measures than actually necessary, which is why the security level of many companies usually does not do justice to the current threat landscape. One reason for the reluctance to invest is the lack of visibility of the effectiveness of security measures, which are often seen as purely preventive measures.
However, the management overlooks the fact that investments in cybersecurity are also investments in the profitability and competitiveness of their company. New IT security measures mean better protection against cyber attacks and data loss and, in the best case, cost and time savings and the associated economic efficiency.
Innovative security solutions beyond their security function ensure greater clarity and transparency and automate processes, which ultimately means that employees are relieved of their daily work and can work more efficiently. In 2021, CIOs and CISOs will now be asked to convince their superiors of the business benefits of new security investments instead of just focusing on the “security-related” advantages.