There are times when it seems the year 2020 – and the cavalcade of emergencies, crises and disasters it has brought with it – will never end. But believe it or not, we are already halfway through the year.
As we prepare for the third quarter and beyond, here are five cybersecurity trends you should be prepared to address for your clients:
1 Customers Working from Home
With COVID-19 infection rates climbing back up in many states (and soaring back up in a few), companies are faced with another open-ended period of remote work. Other factors are also complicating the way everyone does business, such as out-of-state and international travel restrictions, budget reductions, and supply chain uncertainty. And no one knows what’s going to happen in September when school starts again. Many schools are considering a hybrid of classroom and online learning, which means employees with young and school-aged children will have to balance their work schedules with homecare duties and support of remote-learning.
Remote work is accompanied by a host of cybersecurity concerns, too. Employees are using personal devices for work (and vice versa), often on home WiFi networks. They’re more likely to be negligent about security protocols, they may not have a private office space, and they might not have a reliable, secure connection to the corporate network.
MSPs will need to help their clients continue to ensure the safety and security of employees and data. Any temporary applications or infrastructure put in place in the spring will need to transition into a more permanent solution.
2 Fileless Malware
While the potential for breaches goes up, cybercriminals are stepping up their game with attacks that are much more difficult to detect. Case in point: fileless malware.
Fileless malware is a software that uses legitimate programs to infect a computer. Because it doesn’t rely on downloadable files and barely leaves any trace, it can be even more challenging to detect and remove. As such, these attacks can be more successful than traditional malware attacks.
Since traditional endpoint security solutions are unlikely to spot these attacks, an organization will need more sophisticated tools that analyze user behavior or system memory to detect them. Patch management and privilege/credential management will also be critical.
Microsoft recently noted an increase in ransomware attacks, particularly against healthcare organizations, during the pandemic. There have also been warnings from the FBI and Interpol about new and more sophisticated ransomware approaches.
As we noted above, employees working remotely in a less-secure environment are more vulnerable to phishing and social engineering-based attacks. MSPs should be prepared with training, as well as robust backup and data recovery solutions, and encourage clients to use multi-factor authentication.
4 Weaponized AI
Artificial intelligence (AI) has emerged as an essential cybersecurity tool. AI-based solutions can scan network and user behavior to more quickly identify sophisticated attacks that would typically slip through standard security approaches.
Hackers have caught on and are now using their own AI tools to increase their odds of success. The only way to successfully fight off an AI-fueled attack is by having better AI. If you or your clients have not yet invested in these types of tools, you can’t afford to wait any longer.