Few organisations have been placed under pressure as extreme over the past year as those working in healthcare. In many cases, this has been a catalyst for rapid digital transformation. Yet with healthcare organisations (HCOs) stretched to the limit, security gaps inevitably appear in systems that support life-saving work on the COVID-19 front line.
As 2020 showed, many cyber-criminals have no qualms about disrupting HCOs, and putting lives at risk, in order to extort victims with ransomware and data theft. To find out more on exactly how fast the pandemic is driving cloud adoption, and how well the sector understands its cybersecurity challenges, Trend Micro commissioned a global study of more than 2,500 IT decision makers in 28 countries across several industry sectors, including healthcare.
As 2021 nears, enterprises have to orient themselves to the main focus areas and considerations. In response to the Covid-19 pandemic, organizations have had to rethink their operational and security processes — from business functions and cloud migrations to teleworking support. These, along with constant security risks, have not only challenged organizations in 2020 but also raised concerns regarding their readiness for disruption.
Now that working from home has become commonplace, houses have since been flipped into offices for the foreseeable future. More employees are using devices (some even personal) to access confidential data on home and corporate networks, which poses a considerable risk to any organization. Without secured access and robust security tools that protect the distributed attack surface, threat actors can easily hack into networks and jump from one machine to another until they find a suitable target.
Here are some of the other predictions that we believe security professionals and decision-makers should watch out for in the coming year.
In the previous part of this three-part series, we explained how organisations are increasingly exposed to financial and reputational risk through unpatched vulnerabilities. The bad news is that these flaws are being found and exploited on an ever-growing scale, thanks to the work of legitimate researchers on the one hand and cybercrime groups and nation state actors on the other. Fail to manage this risk effectively and your organisation may suffer a major data breach and/or ransomware-related outage.
If nothing else, the past year has shown us that the traditional network perimeter as we knew it is now gone. Today’s organisations run a complex blend of remote working endpoints, cloud applications and servers alongside their traditional on-premises assets. This inevitably creates new security and compliance challenges, because all the operating systems and software that run on these endpoints need continual patching against new malware exploits. Fail in this, and CISOs run the risk of a potentially serious security incident that could lead to widespread disruption and financial and reputational damage.
The problem is that patching is not as easy as it sounds. This is where virtual patching can help.