If 2020 taught us anything, it’s to be prepared because nothing is off the table. This year we’ve endured a global pandemic, toilet paper shortages, murder hornets ... 2020 brought the old adage, “Expect the unexpected” to a ridiculous new level.
We’d need a crystal ball to accurately predict the events of 2021, but when it comes to data protection, here are the top four areas IT professionals should keep an eye on over the next year.
1. Remote Workforce Security and Data Protection
Gartner lists “securing your remote workforce” as the No. 1 security project for 2020-2021. When millions of workers suddenly started working from home in the spring, IT teams everywhere had to scramble to balance remote access to company files and applications with network and data security.
Protecting cloud-based and distributed data is critical, but it proved to be difficult with the hastily put-together security infrastructure many companies had to rely on.
Cybercriminals took advantage of this disruption in workforce norms and distracted employees to up the volume of phishing and ransomware attacks on remote workers. In fact, RDP is currently considered the number one attack vector for ransomware, and VPN appliances aren’t faring much better.
The pandemic shows no sign of abating quite yet, so it may be a while before employees return to a physical office full time. Because of this, more data will be stored in the cloud, and companies will need to develop more robust plans that aggregate and protect distributed data—potentially re-tiering those workloads, systems, and applications in line with new vulnerabilities in 2021.
The good news is that with several months of working from home under our belts, IT security teams are establishing more secure perimeters for remote workers with additional budget allocated to cloud and hosted services and modernizing work processes with better security and governance.
Cybersecurity is definitely something to have on your radar for 2021. Cyberattacks are becoming more frequent and more expensive, with cybercriminals increasingly targeting critical infrastructure and industrial control systems to make their attacks more damaging (for example, disrupting vital operations like oil and gas). Cybersecurity Ventures predicts that cybercrime will cost the world $6 trillion annually by 2021.
If that statistic didn’t grab your attention, maybe this one will: Cybersecurity Ventures also predicts a shortage of 3.5 million cybersecurity professionals by the end of 2021. That’s up from 1 million unfilled positions in 2014 and a projected 350 percent increase in open cybersecurity positions between 2013 and 2021.
Without warm bodies to fill cybersecurity seats, it’s easy to understand why cybercrime costs and impacts are expected to explode in the very near future.
One way organizations are combating the cybersecurity profession deficit is by harnessing the power of artificial intelligence and automation to fill the skills gap. AI is invaluable for combing through massive amounts of data and analyzing reports because it can look for threats and vulnerabilities at a speed and volume that isn’t humanly possible.
Looking ahead to 2021, we know one thing for sure: Cyberattacks aren’t slowing down, and targeting critical infrastructure will be a major threat. These companies must expand their data protection and security protocols and technology NOW to account for changes to their risk landscape.
3. Regulations and Compliance
Data privacy and protection has been a hot topic for years, but these days the penalties for not playing by the rules are staggering. Currently, about 60 percent of countries have passed national data protection laws, like GDPR, and the annual cost of noncompliance to businesses runs an average of $14.8 million.
As we move into 2021, you can expect increased enforcement of regulations and data privacy laws, due in part to the end of the Brexit transition period, which will initiate new data protection legislation.
4. Customer-Driven Data Protection Initiatives
It’s not just the government insisting on data protection initiatives. Your users and customers demand data privacy protection, and you ignore them at your peril. Research shows that almost 60 percent of consumers will stop doing business with an organization that has experienced a cyberattack in the past year. The data also indicates that one in four consumers will jump ship to a competitor’s product or service after a single ransomware-related service disruption.
That’s a steep price to pay for letting your customers down, so many organizations are taking steps to ensure they provide the highest level of data protection for their users.
One approach to securing data privacy is to prioritize user data protection in both new and existing initiatives. Organizations are essentially baking in data security from ideation to implementation. This means they safeguard data during R&D, implement access management protocols so only the right people can see your data, and put technology in place to detect and resolve both internal and external threats to data security.
Data protection has become so crucial that many businesses are creating new roles to ensure user data stays private. In fact, by year-end 2022, more than 1 million organizations will have appointed a data protection officer to keep up with customer demand for security.
Few people will be sad to see the end of 2020, but with a new year comes new challenges and new unknowns. Although a lot of us are anxiously waiting to find out what 2021 has in store for us, at least we know what to expect for data protection trends in the new year.
To learn more about how our unquenchable thirst for data impacts security initiatives, download The 2020 Data Attack Surface Report. You will learn how data growth contributes to both innovation and cybercrime and why you need to make data and ransomware protection your new year’s resolution.