Data security trends we’re carrying over from 2020

Data security trends we’re carrying over from 2020

2020 was one heck of a bumpy ride, no thanks to a novel coronavirus that jumped from animals to humans a year prior. Toronto and other cities had to impose lockdown restrictions and social distancing measures to control the spread of this virus. These events forced companies to adopt digital technologies faster so that they can offer goods and services online and/or use the internet to fulfill business processes.

Organizations that could let staff work from home did so, which meant that the former had to expedite migrating their apps and data to the cloud and/or setting up remote access for staff. And to maintain the ability to work and deliver projects together, teams subscribed to Software-as-a-Service apps to communicate with one another, collaborate on tasks, and manage projects.

In the urgency to adapt to the economic upheaval brought about by the pandemic, organizations compressed IT project timelines and increased their tolerance for cybersecurity risk. In this mad dash to become digital, Canadian companies became more vulnerable and will have to work hard to shore up their defenses.

The above is just one of many of 2020’s data security trends that are likely to continue in 2021. Below are a few more examples.

Phishers use fake Google Meet, Microsoft Teams, and Zoom links

Thanks to the massive shift to remote working, the use of video conferencing services dramatically increased. Sneaky online scammers are taking advantage of this trend by sending their victims authentic-looking video call invites or notifications saying that the latter have been added to a particular online project team.

When the user clicks on an invite link, they’re led to a spoofed login page where they’re tricked into providing their access credentials. Those who click buttons with calls-to-action like ‘Open Microsoft Teams’ are led to URLs that download malware onto their machines.

Ransomware users do not just lock away data anymore

While the primary objective of ransomware campaigns remains to be bilking money out of organizations by locking away their apps and data, attackers no longer merely stow away the data. Instead, they sell the stolen data on the dark web as well. This ensures that they still profit from their illicit activities, even if they aren’t paid the ransom.

In fact, some hackers will threaten to publish companies’ sensitive data to pressure their victims to pay the ransom sooner. This is an empty threat, for once hackers have gotten hold of company data, victims must assume that the hackers have done what they want with it already.

More companies are getting cyber liability insurance coverage

Given Canadian businesses’ increasing reliance on digital technology, they will always be caught in the tide of the cybersecurity war. That is, if and when cybercriminals gain the upper hand against cybersecurity specialists, Canadian companies become more susceptible to attacks. Because of the ever-present risk that firms’ cybersecurity measures may fall short — and also because of how data regulations are becoming more punishing — the cyber insurance market continued to grow in 2020.

Virtual private networks (VPNs) are beginning to be replaced by zero trust network access (ZTNA)

A VPN protects remote workers from man-in-the-middle attacks, but only to the degree that its level of encryption allows. Free VPNs offer substandard encryption protection; and the better the encryption, the pricier a VPN gets. Beyond security and cost concerns, VPNs also suffer latency issues, making their continued use untenable.

ZTNA, on the other hand, permits remote workers to access company apps via a secure web-based gateway. Used in conjunction with identity and access management (IAM), ZTNA applies the principle of least privilege when granting users access to company data. Furthermore, it supports device security checks and multifactor authentication to keep your data safe from cybercriminals who’ve stolen access credentials from legitimate users.

What makes zero trust a much better option than VPNs is that it lets companies add more users more easily and more affordably. Furthermore, it works well with many popular single sign-on platforms and IAM software, too.

No matter how much the data security landscape changes, you can always rely on XBASE’s Exponentially Better™ cybersecurity services to protect your business against data breaches. Learn more about how we can keep you safe from cyberthreats by downloading our free eBook today.