The top 5 cyber risks for businesses in 2021
Everything changed in 2020, including the risk of a cyber incident to businesses. In addition to everything else businesses had to worry about, phishing attacks went up and the increase in the number of remote employees presented its own challenges. Most of these risks will remain in 2021, along with new ones to keep your eye on.
Related: What’s your cyber security IQ?
5 Cyber risks to watch out for in 2021
Here are the top five cyber risks we will be watching for in 2021 and how you can protect your business.
1. Continued Covid-19 threat. Cyber criminals will continue to exploit the public’s fear of Covid-19 as they shift the focus of phishing campaigns to vaccine information and sign-ups. Businesses in industries like healthcare, local government, and vaccine distribution sites will be especially vulnerable.
If you have employees who are working from home, make sure they’re taking cyber security as seriously as they do when they’re in the office. Every employee should know how to recognize a phishing email, even if it purports to come from a government agency.
2. Changes in regulations. As third-party and class action lawsuits increase, along with GDPR and regulatory fines, businesses will be at an increased risk of doxing (the threat of publishing of sensitive information) and supply chain attacks. We expect to see government intervention around ransomware which will likely include requirements for businesses to take steps to prevent ransomware attacks.
Stay on top of changing regulations. Make sure you know what your obligations are if you’re hacked.
3. Technologies and schemes that are not yet known. Anticipating the moves of a cyber criminal requires creative thinking. Areas we are watching include point of sale malware attacks, geomagnetic storms and other electromagnetic weapons, attacks on time protocols, and weaponized exploit kits from nation states.
You don’t know what you don’t know, but if something doesn’t look right, it probably isn’t. If your computer isn’t ‘acting’ as it should, or your POS system seems a little ‘off,’ take it seriously. You could have malware that’s ready to deploy.
4. Enhanced ransomware tactics. We expect that ransomware demands will become increasingly sophisticated, perhaps in conjunction with distributed denial of service (DDoS) and doxing. Remote access vulnerabilities will continue to put businesses at risk as employees continue to work remotely.
Education is the key. Being vigilant about recognizing phishing attempts is the first step, but everyone in the company also needs to know what to do in the event of a ransom demand. Having a robust backup plan can reduce or eliminate the need to pay a ransom but may put your company at risk of doxing.
5. Fallout from the SolarWinds attack. The impact of this malware campaign is still unknown, and we expect copycat attacks which will also leverage the software supply chain. We’re paying close attention to vulnerabilities in Microsoft and other digital services products.
Don’t be afraid to question your vendors and partners about their cyber security measures and to require that they adhere to the same standards you do. Supply chain vulnerability is real, and it’s up to you to protect your business.
One of the most effective tools for fighting cyber crime is a well-educated workforce. Until July 31, 2021, every Hiscox policyholder can get free access to Hiscox Cyber Clear Academy, an online suite of training modules designed to reduce the risk of cyber incidents. If you are a Hiscox policyholder, click here to access Hiscox Cyber Clear Academy.