Cybersecurity Awareness – Always a Priority, But Especially in 2021

Introduction

Last month was National Cybersecurity Awareness Month, and organizations across the nation shared a focus on cyber vulnerabilities and efforts to educate Americans using the hashtag #BeCyberSmart.

At NextLink Labs, we encourage companies to #BeCyberSmart year-round. Current cybersecurity threats keep companies on their toes, and they require consistent assessment and prevention measures to combat. Among others, here are four current threats that companies are facing.

Remote work continues to prevail

In 2021, a concern for many organizations lies in the large portion of employees now working remotely, at least some of the time. For years, companies had more control, and they could focus on securing their centralized office networks with their personal routers, firewalls, and oversight. Home offices are much less protected, and estimates reveal that more than 1 in 4 American employees will work remotely through 2021. The initial transition to remote work in March 2020 was abrupt for many companies, and cybersecurity was neglected in favor of other logistics at the time.

At home, vulnerabilities abound. Employees may have unprotected Wi-Fi networks or use their own mobile devices to access work. They may be working on the go and accessing private data in a public space, visible to all, or they may cohabitate allowing free access to their work materials to their roommate or family member. Managing the cybersecurity of remote workers is a challenge that will continue to affect businesses on an ongoing basis.

Smart Devices are on the rise

We typically think of our phones as cybersecurity threats, but currently, other “smart” devices like fitness trackers and watches, smart speakers, and smart refrigerators are gaining popularity. These devices give cyber attackers a greater number of entry points into someone’s home. If that person is working remotely from home, cybersecurity suffers.

Cloud use has increased and is more vulnerable:

An effect of remote work, use of the cloud is more widespread than ever. It helps organizations stay connected, but it also creates gaps in security for those organizations. Cloud-based systems can be complicated to implement, and when there are mistakes, the consequences can be extreme. For example, if cloud storage is misconfigured, an external actor could access servers and, thus, data. APIs on the cloud could create a security threat with lapses in authentication and authorization controls. These lapses also create an avenue for an attacker to target an organization’s data.

With remote work more and more common, a company’s Intellectual Property is a top target for attackers, and the loss of this data is detrimental, whether the data is deleted or held

hostage with a ransomware attack. Some estimates indicate that 21% of files uploaded to the cloud include sensitive information, including Intellectual Property.

Multi-Factor Authentication is improving, but still vulnerable:

Many companies employ multi-factor authentication (MFA) to protect access to their data in the cloud. Many companies consider MFA to be very effective in safeguarding data. However, just last year, Microsoft warned against using phone-based MFA because of the ability of an attacker to intercept passcodes with them. Instead, they consider app-based MFAs a more secure option for authentication.

Conclusion

You can turn to NextLink Labs for your cybersecurity needs. Access our free white paper on cybersecurity here, and consider letting us take care of your operational needs so you can get to work doing the big projects. We can assess your vulnerabilities at all levels and tell you how best to remediate them internally, or you can depend on us to take care of any needs you have on our end. We have enhanced cybersecurity for companies across multiple industries, tech in particular. It is impossible to do everything – Click here to contact us today, so we can take care of your cybersecurity needs and you can focus on your business.

November 18th, 2021

Take our free DevOps and Cybersecurity Readiness Assessment

Take Our Assessment