EY’s Richard Watson shares five cybersecurity trends for 2021
Richard Watson, the Asia-Pacific Cybersecurity Risk Consulting Leader of EY, shares his top five cybersecurity predictions for 2021 and what it could mean for businesses and industries.
Without doubt, the Covid-91 crisis was responsible for the biggest technology challenge organisations faced last year. With employees required to work from home, distributed workplaces, and a rise in unsecured devices, cybersecurity quickly became a top priority for many organisations. As companies continue to juggle accelerated IT strategies and hybrid work structures, here are five predictions that security leaders and businesses must consider in 2021:
1) The rise in complex security attacks is set to continue
Expect another exponential increase in ransomware, phishing, privileged access credential abuse and endpoint security attacks. 64% of clients surveyed by EY teams expect to somewhat or significantly increase their investment in cybersecurity in the light of these threats.
2) Fear of disruption overtakes fear of breach
The rise of disruption caused by nation-state attacks and social hacktivism will continue – meaning business continuity will overtake concerns around privacy and data theft in 2021, with 59% of EY clients surveyed in the Global Information Security Survey experiencing an increase in disruptive attacks over the past year.
3) Cyber simplification and improved incident response
The 2021 cyber strategies of organisations will focus on simplification and automation of key cyber activities, improving the mean time to detect and respond to a cyber incident and assuring the security of trusted third parties, as concerns about the cybersecurity risks in the digital ecosystem become as high a priority as protecting organisations’ own systems and data.
4) A regulatory push for minimum cyber standards
Regulators that have not already done so will begin to mandate minimum cyber standards, starting with critical national infrastructure and then extending beyond, with regulatory compliance continuing to be the single biggest main driver for cyber spend by organisations.
5) Cybersecurity controls will need to be retrofitted
Organisations will need to continue to focus on retrofitting cybersecurity controls following the digital response to the pandemic, with 45% of clients surveyed by EY post-Covid-19 saying they have adopted new technology because of remote working, and 60% saying they have abbreviated or skipped the security review in doing so.
As the complexity and frequency of cyber-attacks increases, and remote work becomes a more permanent fixture, we need to insist on cybersecurity being a built-in feature of day to day business, and not a bolt-on afterthought.