Netwrix expert makes 7 cybersecurity predictions for 2021

Netwrix, a cybersecurity vendor that makes data security easy, today released predictions about key trends that will impact organizations in 2021 and beyond. Most of them arise from the digital transformation and new workflows required by the rapid transition to remote work in 2020. Ilia Sotnikov, cybersecurity expert and Netwrix Vice President of Product Management, recommend that IT and security professionals refine their risk management and business continuity strategies with these seven predictions in mind.

1. Ransomware will do more damage in order to motivate payments.
   Next-gen ransomware will be designed to do damage that is more difficult to recover from in order to force organizations into paying the ransom. One example is “bricking” devices by modifying the BIOS or other firmware. Cybercriminals will also be expanding to new targets, such as operational technology and IoT devices, which may have a much more visible impact on the physical world.
2. Cloud misconfigurations will be one of the top causes of data breaches.
   A lack of clear understanding of the shared responsibility model due to the rapid transition to the cloud will backfire in 2021. The speed of transition coupled with prioritizing productivity over security has made misconfigurations inevitable, resulting in overexposed data.
3. Hackers will increasingly target service providers.
   The shortage of cybersecurity experts will lead more organizations to turn to managed service providers (MSPs). In response, hackers will conduct targeted attacks on MSPs in order to get access to not just one organization but all of the MSP’s customers.
4. The rapid digital transformation in 2020 will have a delayed impact on cybersecurity in 2021.
   In 2020, organizations were forced to quickly adapt to new ways of working and implement new technologies; and through their own admission via the upcoming Netwrix survey with little experience and nearly no time for planning and testing. In 2021, the security gaps caused by the inevitable mistakes during this rapid transition will be exploited, and we will see new data breach patterns like the recent Twitter hacks.
5. Proof of value will drive business conversations.
   Executives will be looking for specific metrics in order to assess the value delivered by the products and security measures the company is using. The practice of justifying the value of current investments and the necessity of new investments will become more generally accepted.
6. Companies will balance cybersecurity and business needs by focusing on risk.
   The challenges of the pandemic will force organizations to reassess their priorities. In particular, IT teams will have to find the right balance between ensuing strong security and serving business needs like scalability and accessibility. Expectations will shift from the unrealistic notion of ensuring 100% security to determining and meeting acceptable levels of risk and resilience.
7. Insurance and legislation will drive mass adoption of core security best practices.
   To minimize the risk of incurring steep fines for compliance failures, businesses will turn to cyber insurance. However, those policies will come with their own security standards and requirements, such as regular risk assessment and effective detection and response capabilities. As a result, organizations will focus as much on meeting those criteria as much as they do on complying with the regulatory standards themselves.

This year introduced significant challenges for everyone. In 2021, organizations will have to deal with repercussions of the decisions they made when quickly transitioning to remote work, as well as respond to increased cybersecurity risks. I suggest organizations return to cybersecurity fundamentals and focus on ensuring that sensitive data resides only in secure locations, data is not overexposed and excessive access rights are revoked.
Ilia Sotnikov, VP of Product Management at Netwrix