Editorial

Quarter 4 2020: Cyber Security Update

Lisa Ventura, CEO of the UK Cyber Security Association and Think Digital Partners, Cybersecurity Advisor gives us an update on activity across the last 3 months of 2020.

Posted 15 December 2020 by

Welcome to my quarterly post for Think Digital Partners (TDP) on all thing’s cyber security. As a cyber security professional, I have my finger on the pulse of what is happening when it comes to data breaches and the latest cyber security related news. As part of my role as a cyber security advisor to TDP, I will be reporting on any interesting cyber security projects, news, and initiatives every quarter.

CYBER SECURITY NEWS

With the COVID-19 pandemic not going away anytime soon, many organisations are continuing with working from home. There has not been a widespread move back to the office yet with many still in tier 2 or tier 3 restrictions in the UK, and in addition businesses are starting to consider reducing their real estate and letting their employees work from home remotely on a permanent basis. The security ramifications of this are immense, with many organisations letting their employees work on their own personal devices and without having a BYOD policy in place. I discussed this in a webinar for Infosecurity Magazine recently entitled “Enabling Secure Access: Anywhere, Anytime and Any Application.”

Data and security breaches during the last quarter continue to be significant, and some of the more high-profile breaches that have occurred in the last 3 months include:

The FireEye cyber security attack goes to show that even the most secure of organisations can be targeted and hacked, and that no-one is immune to the growing cyber threat.

The number of cyber-attacks have also increased exponentially during the coronavirus pandemic, especially when it comes to phishing and ransomware attacks, and the NCSC have released some guidance for small businesses for how to deal with these.

DEAL OR NO DEAL: BREXIT AND CYBER SECURITY

At the time of writing this blog, the Prime Minister is in the middle of negotiations to avoid a no-deal Brexit with the European Union.

However, to date cyber security hasn’t featured much in discussions around Brexit. The two sides seem to be content to have a future cooperation in this area but on an ad hoc basis. How this will pan out in the event of a no deal Brexit is shrouded in mystery. If this is the outcome, both sides will stand to lose out from a cyber security perspective, unless they are able to build alternative frameworks for cooperation to continue some of the effective collaboration that has been built up in recent years when it comes to cyber security.

Once Brexit has happened, and whether there is a deal or not, the UK is unlikely to have the same involvement in EU cyber security policy, nor have any involvement in the growing industrial policy strand that is linked to cyber security. The EU will also miss out on the practical measures that the UK has put in place for cyber security on policy.

The industrial policy strand of cyber security from both the UK and EU perspective is becoming increasingly important. It is not just a question of funding for cyber security, as the EU has access to tens of millions of pounds worth of funding that is available to support capacity building. This will include coordination, training, and private/public partnerships.

I will be keeping a close eye on the Brexit negotiations and what a deal or no deal will mean from a cyber security perspective for the UK in the coming months.

PREDICTIONS IN CYBER SECURITY FOR 2021 

2020 has brought cybersecurity to the forefront like never before, and it has also seen a huge rise in the number of cyber-attacks that prey on the vulnerability that people find themselves in because of the COVID-19 pandemic. 

In the light of the changing world we now find ourselves in, I have the following predictions for cybersecurity in 2021: 

Remote working will continue to rise 
The COVID-19 pandemic forced us all to change the way we work very quickly. Many organisations decided not to return to the office in 2020 leading to a reduction in real estate, and this is likely to continue in 2021. 

Ransomware will continue to be a major threat 
Ransomware attacks are more intricate and devastating. Demands can run into millions of pounds, and this is only going to get worse. 

Cloud security will become king 
Organisations that have migrated to the cloud will need to focus on their cloud security and understand the relationships they have with their providers. 

Security validation will be needed to keep defences and budgets in line 
With the shift in how we work, organisations will need to rely more on security validation to reduce their spend and optimise their security.


The Launch of ITN Productions “Safer Spaces Online” Documentary in 2021

Chris Windley from Cyber Security Valley UK and I are working with ITN Productions on a documentary which will be released during 2021. Called “Safer Spaces Online”, it will focus on the COVID-19 pandemic and how businesses and organisations can stay safe online when it comes to the growing cyber threat. For further information and to discuss getting involved in the documentary, please email me via info@cybersecurityassociation.co.uk

I wish you all a very Merry Christmas and a happy and prosperous 2021. Please do feel free to contact me for any help or advice on your cyber security posture via info@cybersecurityassociation.co.uk, and I will be delighted to help or to point you in the right direction of other organisations who can help you stay safe online.