The coronavirus pandemic and lockdown have impacted individuals and organizations in myriad ways. One side effect has been in the area of cybersecurity. As cybercriminals have exploited the virus with malicious attacks and employees have transitioned to remote work, organizations have had to reorient and redirect their security efforts.
SEE: Security threats on the horizon: What IT pro’s need to know (free PDF) (TechRepublic)
A new report from cyber threat intelligence provider Check Point looks at the security concerns and priorities among organizations for 2021. Based on a survey of more than 600 IT security professionals around the world, the results also shed light on the changes made to security strategies as a result of COVID-19.
With several coronavirus vaccines being fast tracked toward production and distribution, there seems to be light at the end of the tunnel. Though it will take time for the vaccines to reach enough people, their availability is a sign that such a challenge can be surmounted.
However, even as the vaccines are deployed, the effects of COVID-19 will linger, leading to a “new normal.” And that includes the area of cybersecurity. Most organizations don’t expect their current security challenges and goals to change much over the next couple of years. Further, they believe that the quick changes made to their networks and security infrastructures will be permanent.
Challenges and priorities
Organizations are being hit with more cyberattacks now than at the start of the pandemic. Among the respondents, 58% said they’ve experienced an increase in attacks since the beginning of the outbreak. Some 39% said that attack volumes have stayed the same. Just 3% said they’ve dropped.
A full 95% of those surveyed said their security strategies changed in the second half of the year. The biggest change was the need to enable remote working at a large scale, cited by 67%. Other changes include security education for employees, improving network security and threat prevention, expanding endpoint and mobile security, and rapidly adopting cloud technologies.
The greatest cybersecurity challenge going into 2021 is ensuring security for remote employees, cited by 47% of the respondents. Other challenges include protection against phishing and social engineering attacks, maintaining secure remote access, and protecting cloud applications and infrastructure.
Describing their security priorities for the next two years, 61% of those surveyed pointed to securing remote working, 59% cited endpoint and mobile security, and 52% mentioned securing public or multiple clouds. Other issues such as IoT security and email security were much lower on the list.
Further, about half of the respondents said they believe that their security approach won’t return to pre-pandemic norms. Some 29% said they see a return to pre-COVID operations at some point in the future, while 20% think their situation has already returned to status quo.
To help protect your organization during the “new normal,” Check Point offers three recommendations:
- Real-time prevention. Protective vaccination is better than treatment. And in cybersecurity, real-time prevention is the key to protecting networks, employees, and data against attacks and threats.
- Secure your everything. Every part of your network matters. Organizations must revisit and check the security level and relevance of their network’s infrastructure, devices, processes, compliance of connected mobile and PC devices, IoT, and more. The increased use of the cloud demands an increased level of security, especially in technologies that protect workloads, containers, and serverless applications on multi- and hybrid-cloud environments.
- Consolidation and visibility. With so many changes made to your infrastructure, you need to ask these key questions: 1) Are we getting the security we really need? 2) Are we protecting the right things? 3) Did we miss a blind spot? The highest level of network visibility increases security effectiveness. You need a unified management and improved risk visibility to your entire security architecture, and this can only be achieved by reducing the number of product solutions and vendors.