by Trend Micro Research
As 2021 nears, enterprises have to orient themselves to the main focus areas and considerations. In response to the Covid-19 pandemic, organizations have had to rethink their operational and security processes — from business functions and cloud migrations to teleworking support. These, along with constant security risks, have not only challenged organizations in 2020 but also raised concerns regarding their readiness for disruption.
Now that working from home has become commonplace, houses have since been flipped into offices for the foreseeable future. More employees are using devices (some even personal) to access confidential data on home and corporate networks, which poses a considerable risk to any organization. Without secured access and robust security tools that protect the distributed attack surface, threat actors can easily hack into networks and jump from one machine to another until they find a suitable target.
Here are some of the other predictions that we believe security professionals and decision-makers should watch out for in the coming year.
by Gurmail Singh
In the previous part of this three-part series, we explained how organisations are increasingly exposed to financial and reputational risk through unpatched vulnerabilities. The bad news is that these flaws are being found and exploited on an ever-growing scale, thanks to the work of legitimate researchers on the one hand and cybercrime groups and nation state actors on the other. Fail to manage this risk effectively and your organisation may suffer a major data breach and/or ransomware-related outage.
by Bharat Mistry
If nothing else, the past year has shown us that the traditional network perimeter as we knew it is now gone. Today’s organisations run a complex blend of remote working endpoints, cloud applications and servers alongside their traditional on-premises assets. This inevitably creates new security and compliance challenges, because all the operating systems and software that run on these endpoints need continual patching against new malware exploits. Fail in this, and CISOs run the risk of a potentially serious security incident that could lead to widespread disruption and financial and reputational damage.
The problem is that patching is not as easy as it sounds. This is where virtual patching can help.
by Toby Hart
Over the past few days, one story in the US has threatened to overshadow even the race for the White House. A set of apparently coordinated ransomware attacks reportedly hit hundreds of hospitals, medical facilities and clinics. Although no warnings have thus far been issued by the National Cyber Security Centre (NCSC) or NHS Digital, UK hospitals should be alert to the malicious campaign potentially spreading their way, and of other attackers targeting medical facilities already stretched to the limit with the fight against COVID-19.
The good news is that by detecting the early warning signs including the presence of TrickBot and/or Emotet Trojans, healthcare organisations (HCOs) can mitigate the threat before it has a chance to make a major impact.