Cyber security trend 2021: Higher Cyber Risks for Every Business

Cybersecurity has been a growing concern for a long time now. Yet, the prominent cyberattacks that took place in 2020 showed that cybersecurity is no longer just a technical issue that can be sorted out by an IT department alone. Cyber risks must be treated as serious business risks. Examples are striking, such as the massive cyberattack on the monitoring software provider SolarWinds. The attack affected not only the company itself, but also spread to its clients: Microsoft, Cisco, Deloitte and the US Department for Homeland and Security among others. Not surprisingly enough, on the first days of 2021 the media revealed that the SolarWinds attackers have gained access to the source code for Microsoft products, which is the type of knowledge that can be used to stage novel attacks.

We have identified the five fields of action that all organizations should focus on in 2021.

1/ Raise awareness about the risks

2/ Expect the unexpected

3/ Know your weak spots

4/ Invest wisely in building your shield

5/ Get serious about IT compliance

Some concepts and terms explained

· Emotet, Trickbot: Popular software tools used by ransomware gangs. End users are tricked into accidentally executing the software that then starts to sabotage the digital infrastructure of the victim. High amounts of ransom are demanded for the restoration of the initial state.

· Amnesia:33: Programming error in a network component that is used by various device manufacturers. The error allows a hacker to remotely control the affected product. The problem can only be fixed by a software update provided by the vendor. However, several vendors already refused to fix the error, leaving the affected systems vulnerable.

· TISAX: TISAX is an international best-practice framework for cyber security for the automotive supply chain. Based on the current ISO standard, it includes a process for auditing and a clearing house for audit results.

Mit CISOSCOPE automatisieren wir die Informationssicherheit im Bereich Schwachstellenmanagement, Compliance Assessments und Zertifizierungsaudits.