The 4 Key Security Gaps Every Security Team Needs To Close In 2021

2021 will be another challenging year for cybersecurity professionals.  Security teams now face a plethora of new challenges brought on by the rapid deployment of tools, technologies and processes that enabled business continuity over the last 12 months.  Many of these challenges stem from the widespread shift to remote working which, in a matter of days, completely changed the threat landscape for most organisations. 

The rushed nature of the remote working rollout now poses some major data security issues, which are compounded by the impending shift to a hybrid working model in the long term.  In a recent Gartner survey of business leaders across HR, Legal, Compliance, Finance and Real Estate, 82% of respondents said they are planning to permit remote working some of the time as employees return to the workplace, while almost half intend to let employees work remotely full time. 

It is the combination of employees working flexibly – both onsite and remotely – that cements the challenge for security teams in 2021.  The increasing severity of the threat landscape is clear.  Deloitte’s Cyber Intelligence Centre observed a significant spike in phishing attacks, malspams and ransomware in 2020, with threat actors using COVID-19 as bait to mislead employees working outside the confines of the corporate environment.  The closing weeks of the year presented an even greater threat, with what looks to be the most widespread advanced persistent threat (APT) attack in the history of cyberwarfare.  According to Microsoft, the sophisticated nation state attack – which penetrated a vast range of both public and private sector organisations – was a “moment of reckoning” in the evolution of cybersecurity threats. 

As this evolution continues its relentless march forwards, security leaders and practitioners across all industries will need to focus on closing four key security gaps to ensure their organisation is both productive and secure in 2021.   

  1. The proliferation of mobile devices

The ‘new normal’ has changed both the scope and definition of how organisations will need to think about ‘mobile security’ in 2021.  With more employees now…