As companies cast a cautiously optimistic eye to the future and some potential light at the end of the tunnel, it’s crucial to not get complacent with data security. We may have said goodbye to 2020, but much of the fallout follows us into 2021. In particular, this is going to be a year to watch in terms of ransomware, data privacy, and the rise of serious consequences for data protection shortcomings.
If the predictions prove correct, accountability will be the theme this year as we keep an eye on new and evolving threats and some major changes to the way data protection and privacy are handled in the enterprise.
Here are a few of the top ransomware and data protection developments and statistics to watch as we venture into 2021.
CEOs Will Be Held Personally Responsible for Some Security Breaches
Cyber physical systems (CPS) and Internet of Things (IoT) devices play an important role in everything from critical infrastructure to government operations, and they are becoming more prevalent in our everyday life. As reliance on CPS and IoT continues to grow, especially in critical infrastructure and healthcare environments, failure to secure these systems can be devastating.
Gartner predicts that by 2023, the financial impact of CPS attacks resulting in fatalities will reach over $50 billion. The huge financial impact of CPS and IoT breaches is expected to put CEOs on the hook for prevention efforts. According to Gartner, as many as 75 percent of CEOs will be held personally liable for CPS incidents by 2024.
Increased Regulatory and Legal Actions for Data Privacy Breaches
Data privacy will continue to be a hot-button issue in 2021, and you can expect to see more regulations and legislation with teeth.
Forrester predicts that in 2021, organizations will ramp up use of consumer and employee data, and as a result, legal and regulatory action related to employee privacy will rise by 100 percent.
Add to the mix the end of the Brexit transition period complicating data privacy in Europe and the U.S. expected to finally enact significant privacy legislation, and it’s going to be a busy year for compliance teams.
More C-Suite Support for Data Privacy
This may or may not be related to the move to hold CEOs accountable for data breaches, but Forrester also has some thoughts about who in the organization is taking an increased interest in data privacy protection efforts. According to Forrester’s forecast, the proportion of data privacy professionals who report directly to the CEO will rise from 23 percent in 2019 to 40 percent in 2021.
We can also expect to see the chief information security officer (CISO) role continue to evolve in 2021, as cybersecurity and business objectives increasingly influence each other.
Ransomware Operators Set Their Sights on Shipping
While the rest of the business world struggles to right itself, the ransomware industry is doing just fine, thanks very much. In fact, 2021 is expected to be a very lucrative year for cybercriminals.
COVID-19 put the healthcare industry in the ransomware hot seat in 2020, but cybersecurity analysts have reason to believe that the shipping and delivery industry will be the big target for ransomware operators in 2021.
Chatter on open forums indicates that some ransomware gangs are becoming more organized and taking more of a business-focused approach to their attack campaigns, which has put many critical infrastructure organizations on high alert.
5G Will Open the Door for New and Unknown Cyberthreats
By 2024, 5G is expected to cover almost 40 percent of the world. With data transfer speeds of up to 10GB/s, this is great news for businesses as a whole, but a definite challenge for the IT teams in charge of securing enterprise data.
Until cybersecurity and data protection technology catches up, hackers will be able to use 5G high-speed data transfers to infect data packets and steal sensitive company, employee, and customer data virtually undetected.
Cloud Security and Third-Party Risk
COVID-19 and the sudden switch to remote work environments accelerated digital transformation initiatives in many companies, whether they were ready or not.
Practically overnight, organizations had to move company data and applications to the cloud so employees could keep working and collaborating. Even the boardroom moved to the cloud with platforms like Zoom becoming the de facto meeting spaces for businesses of all sizes.
Companies are often liable for data loss incurred as a result of a third-party data breach, so each new access point and service provider adds a layer of risk that now has to be protected. With about 60 percent of data breaches linked to third parties, that’s a lot of pressure to put on IT teams that were stretched thin to begin with.
As you begin implementing your 2021 business objectives, be sure ransomware and data protection are part of your plan. Experts are predicting stricter regulations and harsher penalties for data privacy breaches as well as more frequent and more expensive ransomware attacks. Download A Ransomware Crisis Plan is Now a Business Imperative to ensure your organization is well prepared for whatever 2021 throws our way.