Generalization of teleworking, confinement faced with the pandemic, organizations have had to quickly adapt to remote work, multiplying the flaws in their security system. In 2020, 91% of companies from Europe were the victims of a cyberattack at least once. What cyber threats do we have in store for 2021?
1. Identity: The new Challenge in terms of Security
Between the trend of public cloud membership, the explosion of telecommuting, and the leak of corporate data, the need to focus on identities is critical. Enterprises will continue to adopt the Zero Trust strategy to secure their journey in the hybrid cloud. In this context, identity is essential and will receive the most attention. In 2021, more and more organizations will place identities at the heart of their security strategy.
2. Increased Attacks on Hybrid and Public Clouds
Every day the cloud risks increase – it started slowly, but Alsid is witnessing the shift of the hybrid / public cloud to become a strategy of anarchy for more and more organizations. On average, 200 SaaS applications are used in companies with more than 1,000 employees. New attack paths emerge for lateral movement. In 2021, Alsid predicts an alarming number of organizations that the cloud will attack.
3. Malware will extend its use of UEFI / BIOS ROM.
In late 2020, the Trickbot botnet paved the way for a new generation of malware using UEFI / BIOS ROM to store malicious code and evade local security defenses. In 2021, the second step will be to use UEFI / BIOS to perform direct command and control from ROM. CISOs, who have based their security posture on AV or EDR, may need to reconsider their approach in the coming months.