Last week, Twitter asked the world ‘how would you describe 2020 in just one word’? Adobe answered ‘Ctrl + Z’, Grammarly screamed ‘Edit’, and Windows exclaimed ‘DELETE’. However, according to the Oxford English Dictionary, the all-hailing word of the year, was – unsurprisingly – ‘unprecedented’, and while I think each of those descriptions fantastically sum up the year, we can all agree, what a year 2020 was. Thankfully, we can now turn the page and begin a new chapter in 2021.
With Covid-19 throwing the world on its head from nearly the very beginning, we have seen individuals, organizations, institutions, and industries grapple to rapidly evolve in the name of survival. We saw the world embrace collective action with cross-industry evolution as we stood hand-in-hand, united in a fight against a microscopic enemy that wasn’t picky about the victims.
The pandemic enforced a new way of living: businesses had to change in ways we would never have imagined - upending strategies and operating models, workforces forced into long-term remote working - adopting even faster cloud migrations and virtual collaboration solutions - systems and institutions were brought online and humans’ sought out intimate human connections through their screens as our global digital economy grew and transformed. And, with the world’s global embrace of technology and data, we catalyzed a new digital age. So, what lessons have we learnt this year, and how can we better prepare our IT leaders for 2021?
Increased data usage equals increased risk
Pre-Covid, data was already fundamental to ensuring an organization's future success. Now, our dependence on data is only clearer than it was before. This year’s data sprawl due to the remote workforce and decentralization has opened up a larger playing field for cybercriminals to operate in, further exposing organizations to serious threats. Cybercriminals have never been shy, and last year they looked to take full advantage of vulnerable and stretched systems, resources and people.
Since the beginning of February, there has been a five-fold increase in the number of reported cyber incidents, according to a report by Zurich Insurance. And this has not gone unnoticed by IT experts. New research from Druva found 73 percent of IT decision makers have become more concerned about protecting their data from ransomware. And, what’s more? Cybercriminals now have an additional target – the Covid-19 vaccine.
Cyber-threat sees no boundaries or borders
Following the announcement of the Covid-19 vaccine approval in the UK at the end of last year, the nation’s eyes flickered with hope for the future.
With large-scale vaccinations now underway, for the healthcare industry the stakes are now higher than ever. Concerns have emerged around criminals’ motives to expose any holes in our protective shields. This is not just a problem the healthcare sector is facing. As working remotely looks to become a semi-permanent normal for 2021, those that fail to set up a robust data protection solution will find themselves at risk of attack.
Data is competitive advantage
As the move towards a more digitally focused future continues to take off, we can expect to see more organizations making decisions about data a key component of their operations, from decision making to the customer experience. But, with this transformation, businesses must have the correct data security efforts in place to safeguard from attack, as it very well could be the difference between the success of business A and the detriment of business B.
According to the same research from Druva, 79 percent of IT decision makers in the US and UK now see data management and protection as key to competitive advantage. Similarly, 73 percent say they rely more heavily on data for business decisions, whilst 33 percent believe its value has permanently increased since the pandemic began.
Yet, despite the recognition that data makes for competitive advantage, 41 percent of IT leaders don’t think the right data is readily available to make critical decisions. With 2021 on the horizon, the data space is only going to get bigger and stronger; and next year will need to see some radical improvements to lower that figure.
Best practices for organizations in 2021
If 2020 has taught us anything, it is that cybercriminals are bolder and don’t care about the consequences of their actions or behavior. They are stronger and more intelligent than ever, and the data shows us that organizations are continuing to fall victim.
Organizations should therefore be using this time to prepare for potential future disruptions. Now isn’t the time to take your foot off the accelerator. On the contrary, it’s time to buckle up and keep it firmly pressed to the ground.
When getting your strategy in place, keep in mind that an attack can come from any angle: phishing, infected files, trojans, bots on databases, or larger-scale ransomware attacks on organizational data. What’s more, not all threats are malicious either: IT leaders reported a 43 percent rise in data outages and 40 percent uptick in human error when handling information, this year. These incidents were non-criminal activity; however they still packed a punch.
Keep the Cyber Security Framework (CSF) recommendations by National Institute of Standards and Technology (NIST) in mind when configuring best practices to protect yourself against threats in 2021. The five essential functions to consider are as follows:
- Identify business-critical assets data and applications
- Automate data protection for business-critical assets and backups
- Ensure flexible recovery options from clean backups
- Detect attacks early
- Proactively respond to prevent threats from spreading
In following these guidelines, organizations will be able to successfully reduce the impact of any potential attack from advanced cyber-threats in the new year.
Future of data
So, what does the future hold? It’s hard to definitively predict what lies ahead of us over the next few years, particularly next year. The unpredictable nature of 2021 might leave many of us feeling uneasy and unprepared. However, we can prepare for the unknown, and it can be as easy as ensuring the right tools, systems and technologies are in place for teams to know how to react and how to protect their data. Organizations can prepare and protect themselves against anything that might come their way in 2021. Recognizing, adapting, and protecting data could be the difference between business continuity or business detriment.
Andrew Daniels, CIO and CISO, Druva