If 2020 has taught us anything, it’s that trying to predict upcoming threats and opportunities is like playing roulette – don’t bet anything you can’t lose, hedge your bets on broader chances rather than specific shots and still be prepared for the casino to burn down. However, as challenging as 2020 has been, it’s not certain that 2021 will be smooth sailing either, especially when it comes to cybersecurity and compliance.
Businesses need to understand the changing threat landscape and take steps to guard themselves against it. PCI Pal’s CISO Geoff Forsyth outlines his predictions and considerations for the New Year:
1.) “Many companies around the world will make their temporary move to remote work permanent in 2021. The thought of commuting and dressing for the office again is just too much to bear! But for industries like contact centres that weren’t built for homeworking prior to COVID-19, new cybersecurity considerations will be necessary to ensure continued security at home. These include improving encryption of data and descoping call agents from as much personal and payment card data as possible.”
2.) “The most vulnerable in 2021 will be the companies that have taken the biggest hit in 2020, such as travel and hospitality. But the struggles of this year will be nothing compared to what they’ll face in 2021 if they don’t step up cybersecurity efforts. As people come out of hibernation, these sectors will experience heavy traffic, taking in a huge flood of personal and payment card data. But a squeeze on resources and surge in demand for operational – not security – resources may leave them under-prepared for opportunistic cybercriminals looking to capitalise on potential vulnerabilities.”
3.) “The retail sector will have to keep a close eye on cybersecurity, too. According to recent PCI Pal research, 79% of UK consumers plan to continue shopping online for some or most of their retail needs even after the COVID-19 pandemic is over. This presents both good and bad news for retailers. On the one hand, consumers aren’t showing any signs of online shopping fatigue. On the other, retailers will need to take extra steps to secure online and other digital shopping channels in 2021 or risk suffering a data breach. With a significant 74% of UK consumers reporting they’ll stop shopping with a brand for several months in the event of a breach, this could have long-term consequences for revenue and customer loyalty.”
4.) “2020 saw a rise in phishing and social engineering attacks, with cybercriminals taking advantage of COVID-19 fears and remote work to steal sensitive data from vulnerable personnel. This trend is likely to continue into 2021, and unfortunately, data breaches are likely to rise with them as bad actors begin to make use of the stolen data. Companies should ensure their employees are continuing to practice safe cybersecurity behaviours, varying passwords across different accounts, verifying links and attachments before clicking on them and exercising extra caution when sharing any sensitive financial or personal information online or over the phone.”
5.) “Privacy regulations are still weaker than they need to be to address the lax security culture and current cybersecurity threat environment. Yet somehow, many organizations are still struggling to clear the current bar, and remote work hasn’t made this any easier. In 2021, it’s time for a compliance refresh. While the ways in which companies collect and use data should still be the same, they likely need to enact new security measures and tools to ensure employees and compliance officers can handle and access data securely at home.”
Concludes Geoff Forsyth: “2020 turned the business world and much of the rest of our lives upside down. In 2021, businesses will need to be prepared for the unexpected and take extra steps to secure their data whether working from home or in the office to rebuild.”
Download the press release in full here.