SoftwareOne logo

8.5 min to readDigital WorkplaceCloud ServicesNews and Updates

What to expect for 2021: cyber security predictions

Ravi Bindra
Ravi BindraCISO
A woman's finger is pointing at a colorful screen.

In 2020, organizations were forced to make decisions that fundamentally — and perhaps permanently — changed the way they do business. While the year was filled with great uncertainty, there is still one guarantee in the cyber security realm: threat actors will continue to attack without any regard for the challenges faced by their targets.

These actors continue to be motivated by espionage and monetary gain, though their tactics, techniques, and procedures (aka TTPs) will always evolve. This means organizations will continue to face the threat of breaches, resulting in business disruptions, data compromise, reputational harm, and almost always a financial loss. However, the right plan and tools can help mitigate the risks presented by cyber security criminals.

So, what should you specifically look out for in 2021? Here’s a closer look at five 2021 cyber security predictions business leaders should be aware of and how SoftwareOne can help.

What 2020 brought to the table

In the wake of the global pandemic, businesses were forced to rapidly adopt a wider range of digital solutions than ever before. A dramatic shift to remote work on tight timelines came as new threats, scams, and challenges emerged. Security Magazine found that many organizations wrestled with security risks that came down to human error: phishing, administrative mistakes, and improper data sharing. Now that employees are working from home, they’ve lost the security that comes with working on a protected network close to trained cyber security professionals - and this makes your entire business more vulnerable.

One FBI expert tells MeriTalk that the shift of so many activities to the digital sphere, such as schools adjusting to online classes, is likely to take cyber security from a niche topic to a mainstream one. Security Magazine also found that Chief Information Security Officers (CISOs) have noted both an increase in attacks (63 percent) and identifying new security gaps as a result of moving to a remote work model (60 percent).

2020 saw an escalation in diverse threats, companies scrambling to manage different threat profiles in the remote work environment, and an intentional shift to address some of these emerging challenges.

Breaking down our 2021 predictions

Against the backdrop of 2020, here’s a closer look at what we’re expecting to take shape in 2021 in the larger security arena and what threats, scams, and challenges businesses need to prepare for now.

Remote workers targeted

Every time there is a significant shift in the landscape, enterprising security criminals find ways to exploit them. Forrester estimates that we will see remote work rates in excess of 300 percent higher than pre-coronavirus. With the rapid mass adoption of remote work and the likelihood, that many organizations will continue working remotely in whole or in part over the coming months, remote workers are likely to be the target of increased attacks in 2021.

The rapid adoption of remote work came with trade-offs, with 83 percent of CISOs saying they sacrificed some security standards to enable remote work on the scale this year demanded. We will need to secure what we call the “Next Normal” in 2021. Covid-19 will still be impacting our lives, businesses, and societies.

Following the rush to remote and flexible working, organizations need to better secure their new distributed networks and cloud deployments to keep their applications and data protected. This means enforcing and automating threat prevention at all points of the network – from employees’ mobiles and endpoints, to IoT devices, to clouds – to stop advanced attacks spreading rapidly across organizations, and exploiting weaknesses to breach sensitive data. Companies will need to adopt tighter work-from-home standards and implement a variety of solutions such as a virtual desktop infrastructure, encryption for home network management, and rolling out organizational and endpoint threat detection solutions to help strengthen cyber security protection.

Key verticals are in the cross-hairs

We must keep in mind that there is no cure for COVID–related exploits. There are a number of industry verticals with deep data resources that are coming under increasing attack — and a single breach or larger issue can have devastating financial consequences due to privacy regulations and other laws.

Healthcare organizations, financial services firms, education organizations, and companies that handle sensitive data must all be aware of the specific industry-level risks they may be facing. In particular, the big pharma companies developing vaccines will continue to be targeted by malicious attacks from criminals or nation-states looking to exploit this unique situation.

Plus, let’s not forget threat actors will continue to target remote learning. Schools and universities have pivoted to large-scale use of e-learning platforms, making them more vulnerable than ever. Though there are certainly precautions that can be put in place, there is no doubt attacks will continue to disrupt remote learning activities over the coming year.

Threat actors count on distracted medical teams to make security errors, for example, or overburdened and underfunded schools to leave critical pathways for cyber crime open when trying to implement remote learning. As these threats escalate, organizations will need custom threat assessment and defensive remediation plans to keep their patient, student, or customer data secure.

5G offers a new in

5G is the ultra-high-speed mobile internet that we’ve been waiting for, and Leftronic estimates it will cover 40 percent of the globe in 2021. Individuals and organizations will soon be embracing devices and technologies that can leverage 5G for speed, networking, data transfer, and storage. And with new devices comes the risk of new threats.

So, how can threat actors use 5G and other emerging technologies to complete their evil plans? The totally connected, fast-paced world promised by 5G gives criminals and hackers opportunities to launch attacks and cause disruption by targeting that connectivity. E-health devices will collect data about users’ well-being, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This massive volume of data from always-on, 5G devices will need to be protected against breaches, theft and tampering to ensure privacy and security against attacks, especially as a lot of this data will bypass corporate networks and their security controls.

As 5G networks roll out, the numbers of connected IoT devices will massively expand leading to increasing networks’ vulnerability to large scale, multi-vector cyber attacks. IoT devices and their connections to networks and clouds, are still a weak link in security. It’s hard to get complete visibility of devices, and they have complex security requirements.

As Security Insiders notes, “With high-speed data transfers, hackers will have the ability to infect data packets and conduct corporate espionage unnoticed. That is until companies shift their focus to keep a close eye out for such malicious breach attempts. Much higher levels of security and monitoring will be required once 5G becomes the standard form of cloud-based data transfer and communication.”

Zero trust networks emerge

According to Cybersecurity Insiders, 19 percent of organizations are implementing zero trust networks, and another 78 percent are considering doing so in the future. Zero trust architecture is a bit of a paradigm shift in the cyber security world. While most tools and strategies focus on keeping external threat actors outside the company’s perimeter, zero trust approaches user rules and parameters to verify every device or individual that attempts to connect to its network.

Guided by the phrase “never trust, always verify,” these solutions are designed with ultimate protection in mind and may include solutions such as segmented networks for different uses, preventing lateral moves within systems with re-verification, and more. Every aspect of your organization’s “trust surface” is protected with micro-perimeters that use continuous verification and other methods to ensure only authorized access occurs. It’s a different approach, moving from the idea of trying to verify trust to simply eliminating trust from the equation and requiring ongoing verification for access to networks, applications, data, and appliances.

Dropping budgets require careful technology choices

Forrester predicts that IT spending will drop in 2021, and at a time when IT organizations are under pressure to deliver employee and customer experiences safely, every dollar counts. Our prediction is that this will encourage CIOs, CISOs, and technology leads to make platform-level choices that can help increase the security performance of their entire organization. This may include moving toward the adoption of managed services, as well as implementing technologies and tools that can offer automated security support at the platform, network, and end-user levels. Converged solutions that offer “more bang for the buck” while taking a strong posture on risk mitigation are likely going to be in demand.

How SoftwareOne can help your organization stay secure

With an increasingly diverse threat network and a greater range of attacks coming at organizations daily, businesses need bulletproof strategies to stay secure. Increasingly, companies are choosing to work with experienced managed services security to access the hard-to-find talent needed to develop winning security programs. SoftwareOne’s security team has plenty of experience working with clients in every industry. The solutions we provide include:

  • Fully managed security solutions that provide end-to-end monitoring and responses
  • Security event response and remediation, including data restoration and data recovery if required
  • 24/7 monitoring of your most important systems for rapid threat detection and defeat
  • Setting up the ideal technology and security solution that’s right for your business
  • Consulting with IT on the security implications of strategic projects and design solutions to safely roll out new offerings
  • Minimized downtime and maximum visibility into your environment, with regular reporting
  • Providing advanced cyber security expertise to resolve serious or unanticipated incidents or configuration challenges

Moving forward

Cyber security strategy has never been more important. As organizations head into 2021 seeking opportunities for growth and finding their footing beyond the coronavirus crisis, security solutions matter. Yet for the average organization, understanding their risk profile, defending against an escalating and increasingly diverse threat landscape, and keeping pace with the tools needed to rapidly detect and deflect attacks goes far beyond their specific capabilities. The right partner can help.

SoftwareOne’s Managed Security solution provides you with access to the strategic insights, strategy design, tools, and implementation needed to roll out a world-class cyber security system. Our team has decades of combined experience helping businesses secure their most critical assets. We will help you assess your risk profile, audit your current technological environments, identify security risks, and implement and monitor solutions to help you securely avoid 2021’s most concerning cyber security threats.

A person walking down a hallway with a rainbow colored wall.

Trust your 2021 security needs to the right managed security partner

With escalating threats and new challenges, companies need the right tools and partners to combat security risks. Contact SoftwareOne today to discuss your unique needs and how our security experts can design a customized solution that’s perfect for your environment, goals, and unique threat profile.

Trust your 2021 security needs to the right managed security partner

With escalating threats and new challenges, companies need the right tools and partners to combat security risks. Contact SoftwareOne today to discuss your unique needs and how our security experts can design a customized solution that’s perfect for your environment, goals, and unique threat profile.


Ravi Bindra

Ravi Bindra

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.