Cybersecurity Q&A: How Has 2020 Changed Cybersecurity?
2020 has had a profound effect on the business cybersecurity landscape.
Data security, an already contentious issue for several years, has become front-and-center for most organizations in the wake of the coronavirus pandemic.
Stay-at-home orders and lockdown restrictions have prompted businesses to adopt remote work practices.
According to Gartner, 88% of the organizations worldwide made it mandatory or encouraged their employees to work from home after COVID-19 was declared a pandemic.
This, combined with increased use of mobile devices and hackers taking advantage of people’s anxieties has led to a dramatic rise in data breaches, with 60% of organizations detecting a moderate to dramatic increase in cyberattacks during Q2 and Q3 2020.
We sat down with Jeff Leder, Impact’s Director of Managed IT Security Services, to ask how 2020 has changed the cybersecurity landscape, where it’s at, and where it’s going.
How important is device security for businesses in 2020, and how important will it be in 2021?
Jeff Leder: Device Security is a very broad discipline, but also a very important one for SMBs. Cyberthreats have reached unprecedented levels this year and will most likely only continue to increase over time.
Generally speaking, every device which can access your network or your data is an attack vector, so monitoring and protecting every device you manage is extremely important. Then, when we factor in devices you can’t directly manage, like IoT devices, it further complicates the issue because there are so many more endpoints to protect. Many estimates assume that IoT device counts will more than double in the next five years, which means more unmanaged—in a traditional sense—devices presenting more attack vectors over time.
Why do you believe so many businesses have been caught off-guard by cyberattacks during 2020?
JL: There are several factors at play here, but the simplest answer is that adverse conditions can lead to dangerous responses within unprepared organizations. Many businesses were blindsided by sudden fundamental shifts to longstanding standards surrounding IT, security, and locality with regards to work.
Since they were caught off-guard and had inadequate resources and disaster plans, they had to scramble in response and in many of these situations the end result is that safe and secure practices were ignored during hastily implemented changes. Cybercriminals know this and are continuing to exploit this fact.
What do you believe are the reasons for hackers increasingly targeting SMBs?
JL: Virtually all digital data has some intrinsic value and cybercriminals seek to profit from it, regardless of what industry it’s in. SMBs typically have plenty of digital data but virtually no adequate monitoring and defenses, in contrast to large enterprises.
Cybercriminals will go after bigger payoffs over smaller ones when it makes sense to do so, but they’ll always try to follow the path of least resistance when it comes to compromising data for profit. Since SMBs have plenty of data but practically no defense, they’re ripe targets for hackers. It’s sort of like the school bully picking on kids for their lunch money.
What do you think generally SMBs are doing right when it comes to cybersecurity?
JL: I think, in general; it’s become clear this year that SMBs are behind where they should be when it comes to cybersecurity. Some are adopting slightly better endpoint protection and many we’ve spoken with recently have some form of security awareness training in place, but that vast majority have glaring security gaps they aren’t even aware of in other areas like network security and device management.
What do you think SMBs are doing wrong?
JL: Most SMBs can’t afford dedicated security staff and solutions and many more fail to investigate whether or not they have security issues in the first place, meaning they don’t know what their weaknesses are.
Every organization should engage cybersecurity experts to help them identify and address cyber risk, if an SMB finds the right partner in an MSSP, they can give themselves a fighting chance to identify and address risks to prepare their organizations.
An important first step towards achieving that goal is recognizing that IT is not the same as cybersecurity and that getting in front of cyber risks now is the only way to avoid very likely and potentially major security issues down the road.
What do you think the future holds for SMB cybersecurity, and what approach would you recommend to decision makers who lack a clear understanding of how to defend themselves?
JL: I hope that the general state of SMB security will improve, and new technology, particularly with regards to machine learning, is able to detect threats more effectively than ever. I do think there will be specific events and circumstances which will force this to occur to some degree, but organizations that recognize the importance of cybersecurity will obviously benefit more than those who do it out of sheer necessity and zero understanding.
The cybersecurity industry has a lot of “solutions” that are practically snake oil, and a massive talent shortage, so SMB decision makers should engage trustworthy MSSPs to help them understand the situation before it’s too late for them. Ask them for references and make sure your partner is a reputable business with quality solutions to offer and a proven history.
Impact Networking’s Managed Security program provides vital cybersecurity protection for clients, keeping their minds at ease in the knowledge that their IT infrastructure is being monitored and maintained by our security experts.
We’ve vetted hundreds of vendors to ensure that our program utilizes best-in-class solutions for our clients. In today’s cybersecurity landscape, a comprehensive cybersecurity program has never been more important.
Learn more about Impact’s offering here.