Review of 2020
Last year, around this time, we made predictions for 2020.
As we gazed into our IT-focused crystal ball little could we have known what a hard year 2020 would be for the entire world. However, as humanity has struggled through the year our predictions about cyber security have, in a lot of cases, proved correct and then some.
We predicted that many more businesses would be victims of a cyber attack. Just 51% of businesses had cyber protection in place and 75% of employees were receiving fraudulent emails at the beginning of 2020. What we hadn’t envisaged were the added security risks associated with office staff quickly decamping to home office space with little or no appropriate security provision being put in place. And whilst we know that hackers will prey on insecurities and fears, we weren’t to know how they would be presented with a situation that played right into their hands.
As homeworkers utilised their home devices for work purposes and used work devices without adequate security, hackers had more opportunities to strike.
Fraudulent Covid-19 emails emerged at startling speed, attacking using many angles from the opportunity to buy rare PPE, donate to help those in need, and acquire a vaccine.
Password Policies, Passwords Managers, and Multi Factor Authentication (MFA)
We predicted that Password Policies, Passwords Managers, and Multi Factor Authentication (MFA) would become more commonplace within 2020. In 2019 the Director of Identity Security at Microsoft stated that just 11% of enterprise cloud users had adopted MFA, so it wouldn’t be hard to increase this figure!
At Net Primates we work tirelessly to introduce increased security measures to our users, but we’re not convinced that this is taking place everywhere. Whilst we’ve seen some banks introduce better security measures, it’s fair to say that most businesses have been concentrating on survival this year, rather than introducing new policies and procedures. However, as illustrated in the Cyber Attack segment above, fraudsters don’t wait for quiet times to attack. Chaos is exactly what they thrive on and it’s essential to introduce as many security measures throughout your business as possible.
We predicted that take-up of the Government’s ‘Cyber Essentials’ certification would increase. On 2nd November 2020 the National Cyber Security Centre reported their assessment of the scheme. Whilst it’s not clear whether take-up has improved, it is clear that those who adopt the principles of Cyber Essentials feel they are better able to cope with Cyber Attacks and are more aware of additional measures that they need to put in place.
We’re going to put our finger in the air and assume that take-up hasn’t been significant this year. As mentioned above, most businesses will not have been focused on introducing new initiatives during the Covid-19 pandemic. But more of us are aware of the implications of cyber attack both in the workplace and at home. Once society can return to ‘normal’ we are sure that cyber security will be on the minds of business leaders, many of whom will have faced security breaches within the last year.
Whilst our crystal ball was cloudy (to say the least) by not seeing a global pandemic on the horizon, we have unfortunately seen cyber crime increase at pace, as envisaged. It’s been reported that the UK has seen a 31% increase in cyber attacks since the beginning of the pandemic!
We sincerely hope, and will push wherever possible, for cyber security in all its forms to become a central theme to business processes and procedures. Many of us have witnessed the mayhem caused by cyber attacks both at home and work, and appreciate how vital sound security is. With more office workers adopting increasingly flexible working arrangements, we want to see businesses take stock and resolve to enhance cyber security to aid future business efficiency and success. A pandemic waits for no one to catch up, and neither does cyber security. Now is the time to take a cold hard look at security arrangements.