This week, several of Sectigo’s senior leaders, including Edward Giaquinto, Jason Soroko, Alan Grau, and Michael Fowler, met virtually to discuss a few of the cybersecurity trends that have impacted us in 2020, as well as how those trends might evolve next year. Part one of the discussion, below, touches on topics including ransomware, the need for stronger identity management, and the challenges associated with the sudden shift to remote work amid a global pandemic.
MODERATOR: Thank you for joining me, everyone. We should probably start by addressing the impacts of COVID-19. The pandemic has obviously had a major impact on a lot of different industries, but with so many people working remotely now, it seems like digital identity management has taken on renewed importance. Ed, can you talk a bit about what we can expect to see in response to that next year?
EDWARD GIAQUINTO (CIO): Yes, one of the side effects of so many people working remotely is that the traditional borders of security have changed quite a bit, which has driven the need for stronger identity management. We can expect significant demand on resources to establish identity and identity-based connections, and we’ll probably see heavy investment in edge detection using networking layers to determine where those edges really exist.
MODERATOR: Jason, can you speak to the challenge of adapting to this work-from-home reality?
JASON SOROKO (CTO of PKI): When the pandemic hit, IT departments were facing a massive challenge—they suddenly had to provide access to systems and data for nearly all employees, regardless of where they were located. Our own research shows that roughly one-third of enterprises had to delay revenue-generating projects and other security initiatives in order to make this shift. At this point, we can confidently say that the WFH trend will continue into 2021, which means enterprises will have to put increased focus into initiatives like Zero Trust, Software-Defined Perimeter (SDP), and strong digital identity to continue improving their overall security posture.
ALAN GRAU (VP of IoT): And Jason, just to jump in here, we should also note that while remote work is a huge issue during these times, one of the other impacts of the pandemic has been a rise in healthcare attacks. Increased reliance on telemedicine and COVID-19 tracking apps has already presented new opportunities for attackers looking to exploit weak security in smartphone apps and teleconferencing systems. That isn’t something that’s likely to change as we move into next year, and we will probably see an increase in HIPAA violations and scammers attempting to steal insurance credentials for fraudulent use.
MODERATOR: Let’s stay on this topic, but from a slightly different angle, because we know healthcare isn’t the only vulnerable industry right now. In fact, small businesses are experiencing attacks at a concerning rate, and the idea of “cybersecurity insurance” has gained a lot of steam lately. Michael, I wonder if that’s something you can touch on?
MICHAEL FOWLER (President of Partners and Channels): Absolutely, and you’re right. In 2021, we can expect to see an increased emphasis on the value of cybersecurity insurance for small and mid-sized businesses (SMBs). Breaches are costly, and they’re only getting costlier, and insurance will cover victims for a heap of unexpected costs beyond those immediately associated with the breach itself. Adoption of cyber insurance has been difficult for SMBs in the past, but expect that to change in 2021. Thanks to the pandemic, there are more SMBs online than ever, which means more opportunities for cyber threats.
MODERATOR: One of the fastest-growing attack vectors is ransomware, which has seen a big uptick amid the pandemic. Jumping back to Ed, can you talk about why ransomware remains so pervasive?
GIAQUINTO: Look at it this way—ultimately, the user is the weakest link in the cyberattack chain, because people inevitably make mistakes. Attackers will keep trying to compromise individual users and hold their data for ransom as long as it continues to work. And while we see a lot of CEO impersonation attempts to extract money, attackers are always changing their tactics, so things will become more complex in the next year. For example, more hackers will likely attach payloads that are delivered and activated to harvest and encrypt data that’s held for ransom. The true value isn’t necessarily in direct financial payments, but in information that can be harvested and sold on the dark web.
MODERATOR: How do you fight ransomware, then? Does it just come down to educating employees?
GIAQUINTO: Yes and no. Educating users is important, but there are people out there who aren’t technical. If they want to effectively fight ransomware, companies need to have proper tools, such as Identity Access Management and digital email signing in place to provide and assert trusted identity, along with training that builds secure habits. Some risk will always be inevitable, but it all comes down to preparedness.
MODERATOR: There have been rumblings lately about the idea of making it illegal to pay ransomware demands, haven’t there?
GIAQUINTO: Yes, and that has a lot to do with who the money from these ransomware demands is ultimately being funneled to. Is that money ending up in the hands of a country under US sanctions? It’s difficult to say. When it comes to ransomware, 2020 has been a wake-up call for many companies, and I think that next year it will become more common for ransomware victims to be sanctioned for paying cybercriminals’ ransom demands. My advice to IT leaders is that whatever amount you think you would be willing to pay in ransomware, invest that amount into security solutions to mitigate the risk instead.
MODERATOR: Thanks, everyone—this has been enlightening. Next week we will touch on topics including quantum computing, zero trust, and what cybersecurity skill sets we expect to be in demand next year.