12.01.2021 How did cyber security change in 2020?

by Andrew Milne

Looking back at the year’s challenges and ahead at a new approach to the top cyber threats of 2021

Wondering what’s in store for cyber security this year? Follow our January blog series for up-to-date information on emerging threats, insights, and predictions from the experts here at Field Effect.

The top cyber threats in 2021 might not be wildly different from those in 2020 — but how you defend against them should be.

2020 was a year of big change. Early in the year, predictions were made about the growth of machine learning and artificial intelligence in cyber security. The field was changing and growing…

…and then the global pandemic hit.

Companies in every sector were forced to adjust to sudden changes. Office spaces cleared out due to health and safety concerns as staff brought the technology they needed to work into their home.

But the rush to get staff up and running remotely raised risks to corporate data and IT networks. As a result, approaches to cyber security have had to change.

Remote work expands the threat surface

If you asked an IT manager about the biggest security challenge in 2020, chances are their answer would be, “remote work.”

Securing remote workers is hard, and the rush to enable remote work turned what would have been a normal year on its head, expanding threat surfaces everywhere as work moved to home offices.

“The rush to enable remote work expanded threat surfaces everywhere as staff moved to home offices.”

Some teams were forced to ramp up infrastructure development in an effort to keep staff and company assets safe. This urgency only exacerbated new cyber security challenges, which attackers promptly took advantage of.

In the first quarter of 2020, data breaches increased by 274% compared to the same period in 2019, costing affected companies billions. Teams everywhere felt the pressure, with Chief Information Security Officers (CISOs) and their staff taking the brunt as they spearheaded this remote-ready transformation.

The job of a CISO is already stressful enough, dealing with a barrage of issues on any given day — now imagine transforming all procedures and policies in a short span of time to transform the way a company’s workers can operate and interact, not to mention dealing with the human factor of cyber security.

Complex tech stacks and toolsets lead to alert fatigue

The headaches around complex tech stacks came to a head in 2020.

Research shows businesses use anywhere from 25 to 49 separate security tools to protect their operations, buying from as many as 10 different vendors — which may add more complexity than benefit.

In fact, a recent report found that more tools don’t necessarily equal a better security response; companies with a large security stack responded that they had a harder time detecting and responding to an attack.

“Companies with large security stacks had a harder time detecting and responding to an attack.”

The sheer alert volume creates significant noise, and over time, it becomes easier and easier for IT teams to tune out, leading to alert fatigue.

Imagine dealing with hundreds of alerts from multiple security tools at any given time and sifting through reams of data to try and figure out what’s a genuine threat and what’s a false positive.

A brief history of cyber security tools

To give you a sense of how much cyber security approaches have changed over the years, let’s take a quick look at some of the solutions that IT has turned to and the approximate year they were introduced.

  • 1990 — Antivirus (AV): Traditional antivirus software is designed to prevent attackers from compromising endpoints and servers, looking for attributes of known malicious files. In the mid 2010s, “next-generation antivirus” became a popular term used to market additional AV functionality. Used in isolation or as the core tool in a set, these programs can lack the comprehensive functionality needed to address all the threats facing a business.
  • 2005 — Security Information and Event Management (SIEM) software: SIEM software aggregates data and logs from tools like firewalls, antivirus software, and other detection sources. SIEM software can be costly, not to mention complex to set up and manage, as it requires careful configuration and testing to establish rules for detection. False positives are common in these cases.
  • 2013 — Endpoint Detection and Response (EDR): EDR deploys an agent on an endpoint to collect data types beyond logs, enabling continuous monitoring on the endpoint — but data still needs to be analyzed by a mature security team or dedicated managed security service provider (MSSP), and the sheer volume of it can easily lead to alert fatigue when automation or support is not available.
  • 2016 — Security Orchestration, Automation, and Response (SOAR) solutions: SOAR solutions aggregate information from other programs that are often not designed to work together in the first place. SOAR aims to simplify security tool management and solve the problem of tech stack complexity but can lack the cohesion and ease of use of a holistic solution.
  • 2016 to present — Managed Detection and Response (MDR): Managed Detection and Response takes the benefits of EDR’s continuous monitoring a step further, delivering its benefits as a managed service. This allows companies of any size to get security expertise on their side.

Simplifying the cyber security toolset

Adding new technology to manage security has quickly become an outdated approach. Each new tool is another budget line item, and growing toolsets demand even more time to manage. Integrating these tools is another time-consuming task; finding interoperable tools that scale to your security needs is tough.

The shift to remote work has only made this more apparent, with additional challenges from the use of shadow IT solutions — tools and software that an IT team doesn’t have total control or knowledge of — that staff may put in place to support their new work setup.

Rethinking cyber security for 2021: ongoing education and evolving solutions

What does all this mean for 2021?

Security and IT teams everywhere are feeling the burn from the year that was 2020. There are new threats, too many tools and alerts — far too much for IT to manage. Cyber threats are constantly evolving as attackers uncover new exploits which means that you need an effective solution that can always stay a step ahead.

Not all companies can afford a CISO, let alone an in-house team of cyber security professionals, which only compounds these issues; you need trained staff to manage security systems, after all.

In 2020, the nature of work changed dramatically. Cyber attackers levelled up their tactics to match this changing landscape, which means that a new approach to security is needed.

This new approach starts with a holistic solution that empowers your company with a continuous view into your network, endpoints, and the cloud, allowing you to identify, prioritize, triage, and respond to cyber threats. Coupled with ongoing training and education for staff, your company will build strong security habits to better defend against potential attacks.

To stay informed about new cyber risks and how threat monitoring and detection can protect your business from cyber threats, sign up for our newsletter below.

Cyber Security News and Updates

The Field Effect Newsletter



 

Request Demo

Fill out the form and we will send you details about our demo.

 
  • Get Covalence Cloud Now

    Protect your company today

    REQUIRED *
  • Let us know what Cloud Services you have
  • By clicking the button below, you agree to the Field Effect terms and conditions

  • This field is for validation purposes and should be left unchanged.
 
  • Sign up

    Get your free 30-min assessment with a cyber security pro to help you understand your security needs

  • This field is for validation purposes and should be left unchanged.
 
  • Sign up

    Get your free 30-min assessment with a cyber security pro to help you understand your security needs

  • This field is for validation purposes and should be left unchanged.
 

Send Us A Message

Fill out the form and we will get back to you!

 

Think you are ready?

We are always on the look-out for amazing people. Think you are one of them? Complete the form here!

  • Accepted file types: pdf, jpg, png, doc, docx.

Solutions

Field Effect’s experience has taught us that every organization is different – different workflows, different personnel and different threats.

Products

We believe in modularity, simplicity and effectiveness. Our expert developers have lived the challenges you want solved. Build and operate more secure and resilient networks with Field Effect Software.

Company

We are proven leaders in the development of network application solutions, low level systems development, and cyber security analytics.

Partners

Partner with Field Effect and gain the cyber security solutions, services, and support to secure your customer’s operations, drive client success, and realize profits.

Careers

We’re always looking for highly-skilled security and engineering professionals to join our team…

Contact

Field Effect Software helps strengthen the IT security operations of organizations large and small. We understand that different organizations face different challenges, and we’re incomparably qualified to match the perfect solution to your unique challenges. Drop us a line, we’d love to help.

COVID-19 – A message from our Chief Operating Officer