The world significantly increased its technology use in 2020, with many in-person activities shifting to the virtual arena. From the rise in telehealth services to an increase in e-commerce, people worldwide now spend more time than ever interacting virtually. For companies, this shift creates enormous potential to reach new customers and take business operations online. However, it also puts companies at increased risk of costly and time-consuming cyberattacks. Firms must understand how cybercrime affects their business and what steps they need to take to mitigate risk.
This post examines three trends that will shape cybersecurity in 2021. Read on to discover why cybercrime is increasing, how the severity of risks is changing, and one step your company can take to stay ahead of growing threats.
Trend 1: Remote Work Increases Cybersecurity Risk
COVID-19 accelerated the business world’s transition to remote work by forcing countries to adopt strict social distancing practices. With remote work set to continue in 2021 and beyond, companies must ensure their cybersecurity procedures catch up to the change.
Remote work puts companies at a heightened risk of cyberattacks. A recent study by cybersecurity provider VMWare Carbon Black surveyed over 3,100 security professionals across multiple industries in the United States, the United Kingdom, Singapore, and Italy. The survey found that a staggering 91% of companies across sectors saw increased cyberattacks after their employees shifted to remote work.
Experts attribute the growing risk of out-of-office cyberattacks to several developments. First, employees are more likely to use personal devices when working at home than while in the office. Personal devices often lack the security measures that cybersecurity professionals implement on company-issued technology, such as VPN and endpoint protection.
The shift to remote work also causes companies to rapidly increase their use of cloud-based services. When working in a centralized office, many companies rely on legacy software, which is owned, operated, and updated on-site by the company’s IT team. Shifting to cloud-based services requires IT and cybersecurity teams to update their security practices. Many cybersecurity teams lacked the time to adequately prepare for the sudden transition to cloud operation, resulting in security gaps. These teams faced additional complications when their companies attempted to merge legacy and cloud systems, leading to an increased risk of attacks.
Experts also identify human behavior as a cause for the increased cybersecurity risks that come with remote work. When companies are not fully set up for teams to work outside the office, employees find it difficult to access necessary data or systems. As a result, employees are more likely to resort to workarounds that save time but compromise security. These include using personal devices rather than work devices and opting for personal programs for services such as email rather than using those set up by the company.
Trend 2: The Cost of Cybercrime Is Increasing
Firms face more significant cybersecurity risks than ever before, and the costs of cybercrime are at an all-time high—and continuing to rise.
According to the global cybersecurity research firm Cybersecurity Ventures, cybercrime will cost companies worldwide $6 trillion annually by 2021. To put this figure into context, the estimated cost of cybercrime in 2021 is higher than all but two world economies—the U.S. and China. It also represents a 100% increase from 2015, when cybercrime posed a $3 trillion worldwide threat. Analysts expect cybercrime’s costs to continue to rise past 2021, reaching $10.5 trillion annually by 2025.
On a per-company basis, a single data breach costs firms an average of $3.86 million. Costs are highest in the U.S., where breaches cost firms an average of $8.64 million. Each breach also demands an average of 280 days of a company’s time, diverting resources from other critical initiatives.
The lengthy response time for breaches creates additional costs. If companies do not detect and contain the threat within 200 days, the cost increases by an average of $1.1 million per breach. According to Wendi Whitmore, IBM’s Director of X-Force Threat Intelligence, “Time really is money. The more time an attacker has within an environment, the more access they can get to different devices, different pieces of data, different accounts, and all of those that are things that we need to remove their access and limit their impact moving forward.”
As the costs of cybercrime rise, so does the amount of money firms invest in protection. VMWare’s most recent Global Threat Report reveals that 96% of companies plan to increase their cybercrime budgets—a percentage that rose steadily over the last two years.
Money alone is not enough to address growing cybercrime threats and costs. Companies must be intentional with how they invest resources. IBM’s 2020 Cyber Resilient Organization Report concluded that firms using more than 50 security tools are less able to both detect and respond to attacks. The takeaway: as the costs and risks of cybercrime increases, firms need to take an intentional and holistic approach to security in 2021.
Trend 3: The Cybersecurity Skills Gap Is Closing
While tools alone won’t save companies from the increased risk of cyberattacks, there is good news for firms looking to bolster their cyber protection in 2021. The cybersecurity skills shortage is closing.
Companies have faced a lack of cybersecurity talent for years. In a 2020 survey by the Enterprise Strategy Group and the ISSA (Information Systems Security Association), 70% of respondents reported that the skills gap affected their companies. Many sources estimate there is a shortage of approximately four million cybersecurity professionals across the globe.
For the first time in years, however, the gap of cybersecurity professionals has shown signs of closing. The International Information System Security Certification Consortium concluded that the cybersecurity workforce gained 700,000 members in 2020, reducing the skills gap from just over 4 million professionals in 2019 to 3.12 million in 2020.
The increase in qualified cybersecurity personnel makes it easier for companies to hire professionals who coordinate their cybersecurity efforts. As a result, companies can better guard against the rising risks and costs of breaches by investing not only in tools but in professionals who know how to use them.
Find the Right Cybersecurity Professionals by Hiring Internationally
Even as the number of available cybersecurity professionals rises, finding the right employee for your company remains a challenge—especially as demand for skilled labor continues to exceed inventory. Resourceful companies increase their ability to find the right employees by looking beyond their borders. By working with a global expansion expert, these firms compliantly hire, onboard, and manage remote employees in countries across the world.
Velocity Global has unparalleled experience helping companies hire employees in over 185 countries across the globe. Our in-country specialists have the comprehensive knowledge necessary to mitigate risk and ensure full compliance when sourcing talent internationally. As a result, companies like yours can find the right supported employee for your specific needs. Reach out today to learn how our services and support can help you hire the cybersecurity talent you need to ensure protection in 2021 and beyond.