COVID-19 has impacted every aspect of our personal and professional lives. When it comes to trends in enterprise security, the pandemic has completely changed the game. Millions of employees are now accessing corporate networks or cloud-based resources over residential Wi-Fi which results in increased levels of vulnerability. IT employees are often forced to troubleshoot critical […]Contact Us
COVID-19 has impacted every aspect of our personal and professional lives. When it comes to trends in enterprise security, the pandemic has completely changed the game.
Millions of employees are now accessing corporate networks or cloud-based resources over residential Wi-Fi which results in increased levels of vulnerability. IT employees are often forced to troubleshoot critical infrastructure via remote access, bad actors are wasting no time exploiting vulnerabilities and supply chains are cracking under the pressure.
Here are some of the hot and cold cybersecurity trends for 2022; the scope and sophistication of attacks is only expected to get worse from here on out, so it is important to be prepared.
Ransomware, a type of malware that holds data for ransom, has been around for years. Recently there has been a resurgence of the type of attacks on businesses globally. These attacks have grown exponentially due to the pandemic due to the massive amount of online growth, and more fully digital remote environments.
The shift to working from home left organizations scrambling to strengthen their cybersecurity. Companies have to deal with employees multitasking both professionally and personally from multiple devices. All in an environment that may or may not be secure. To combat this, organizations need to make sure they educate their employees about the importance of cybersecurity and have protocols in place for all workers to follow.
Cryptojacking occurs when attackers use ransomware-style phishing attacks to breach an organization. The hacker then uses the organization’s computing power to mine cryptocurrency. Attackers can remain undetected for a long time; no ransom was sought and no personally identifiable information was stolen which can make the attack hard to trace.
This makes it difficult to quantify the cost of the intrusion. Damages can include lost computer systems capabilities, slower performance and higher electric bills. As cryptocurrencies continue to appreciate in value, there’s more incentive for attackers to commit cryptojacking.
Secure remote access is a necessity for remote employees and has exposed the flaws of the traditional VPN. It’s not that secure, complex to manage, doesn’t provide a good user experience and is part of the outdated perimeter model of security.
While VPNs provide security between the remote user and enterprise resources, VPN technology can’t tell if the connecting device is already infected or if someone is using stolen credentials. it doesn’t provide application layer security, and it can’t provide role-based access control once a user connects to the network. The zero trust model, never trust and always verify the user, addresses all these issues. Many enterprises are expected to move to a zero trust model in the near future.
It’s been long known within the industry that passwords are a weak form of security, but there has been a slow move to adopt alternatives. However, amongst big companies and enterprises momentum is growing for passwordless authentication based on biometrics (fingerprints or facial recognition).
It is being recommended that passwords be eliminated wherever possible. Fully passwordless solutions are preferable to two-factor authentication that relies on passwords as one of the factors.
For more information on cybersecurity and the threats that are affecting your business, contact RTC Managed Services today.