At the start of 2020, smart businesses were already preparing their security practices against threats including ransomware and phishing. That was before the pandemic, which has resulted in a shift in traditional working practices and a significant rise in remote working this year that has introduced the possibility of additional security risks. Paul Colwell (pictured), CTO at OGL Computer and CyberGuard Technologies reveals where we are now with cyber security and what the IT services providers’ team foresees the next 12 months bringing for UK businesses...
Where are we now with cyber security?
The last year has been full of rapidly evolving cyber threats made increasingly public via the news of high-profile breaches and allegations of election rigging as well as growing global data protection regulation.
News stories, consumer data protection awareness and corporate accountability at every level have contributed to an increased awareness of the need for excellent cyber security. Small to medium-sized businesses are more cyber aware as common attack vectors, such as email phishing, infiltrate every type of business, often costing millions.
Advances in cloud technology, AI and IoT have created a realisation that cyber protection must fully encompass the entire on-site and off-site network as well as peripheral IoT enabled devices.
Cyber Essentials is in high demand and has been accepted across the UK as a good standard for customer and supplier relationships, especially as companies recognise third-party risk can be severe. There has also been a maturity in patch management as specialists strive to fix the stress point of out of date software. Companies are also understanding the rapid development of Windows 10 and other software from cutting-edge creators means new business-beneficial features launch frequently.
What will the next 12 months in cyber security bring?
Companies are transitioning from reacting to threat after threat to a more pro-active security prevention approach. Industry wide advances such as AI-enhanced security services and a conditional rule approach are delivering better threat detection, and faster response rates.
Widespread recognition that threat-intelligence sharing must be enacted for all to benefit has been achieved so that today, and moving forward, companies and specialists can learn from attacks on their peers, and from industry experts and leaders before they themselves fall victim.
2021 in cyber security will see further growth in the need for “visibility” of network activity. Software developments such as the use of AI, high-performing integrated cyber security dashboards, real-time and cloud monitoring as well as regularly scheduled internal checks by specialists will allow the effective monitoring, tracking and response to network events. Real-time monitoring means threats are identified quicker and can be purged faster thus reducing corporate risk, loss, and potential litigation from expensive data breaches.
The combination of threat intelligence sharing, and the development of real-time monitoring means fast reaction – the ability for ‘zero day’ vulnerabilities to be pro-actively stopped before their impact is felt. Gone should be the days where cyber threats are able to infiltrate corporate networks for weeks and sometimes months without discovery.
The use of cloud technology and DevOps methodology as well as widespread remote working and IoT adoption have increased the awareness that cyber security practices must be implemented for every platform, device and user location. The security of cloud data will become increasingly the responsibility of the user. Two factor authentication for VPNs and Office 365 access will be a must. And, as in 2020, the popularity of next generation anti-virus services such as Carbon Black will grow with the need for enhanced security for off-network devices.
Where are we now with IT services
The growth in remote working, and even distance learning, has changed cyber security requirements but also the entire basis of IT provision. Figures from the Office for National Statistics in the UK point to homeworking having become common for nearly half of UK workers by the summer of 2020. This prompted both demand and technology change for bandwidth, remote connections, VPNs and RDS farms.
The use of interactive tools such as Microsoft Teams and Zoom has mushroomed affecting IT solution design, which has to keep up with the resource demand of such applications. Instead of hardware, software and softphones are being used for communication and audio/video calling, and instant messaging is far more prevalent.
Before 2020, IT services providers and IT departments were slowly adapting to remote working trends and greater digital transformation. In many cases mobile devices and laptops were still add-ons to a corporate network and employee perks instead of essential tools for many workers.
What will the next 12 months in IT services bring?
By 2021 digital transformation will have accelerated further. We believe that cloud-based solutions will continue to replace on-premise solutions in most instances, being more suited to remote working trends. Platforms like Microsoft Azure will no longer seem reserved for the enterprise, instead these are tools for almost any sized company.
Microsoft 365 applications, such as SharePoint, PowerBi and Flow, will see increased use. The onward migration to the cloud will give rise to greater use of cloud-based data storage and networking services, especially those that integrate with Microsoft 365 like OneDrive.
Security products that protect such services, like Datto, will prosper. Data storage technology will continue to change with SSD and NVMe (Non-Volatile Memory Express) increasing performance and interoperability for corporate systems. The demand for on-premise and physical equipment will fall, reducing capital expenditure. However, the need for services and subscriptions will increase monthly and yearly operating spend.
Social distancing means less human interaction. As this need continues and embeds into workplace culture the use of AI, machine learning, automation, virtual, augmented and mixed reality will also accelerate. IoT and smart devices will be used more frequently for real-time monitoring of processes, especially to aid distancing. Without Covid-19, AI was already set to revolutionise business intelligence and create efficiencies, especially in sales and customer service processes.
Businesses will budget in 2021 for homeworking solutions and equipment for their employees. Both companies and individuals will utilise smart home solutions to deliver multi-format fluid communications platforms, which need to be engaged frequently during the day. Smart assistants such as Google and Alexa will augment work processes as well as home lives for remote workers.