The most unpredictable year in recent memory is at our backs. With that, businesses of all walks are looking to 2021 to assess how significant cybersecurity trends and operational realities that emerged or expanded in 2020 — remote workforce, continued exponential growth of IoT deployments and the growing enterprise attack surface, to name a few — will carry into 2021. Whether companies are hoping to continue innovating, improving customer experiences, increasing operational efficiencies or capitalizing on new revenue opportunities, they will need strategies for protecting their growing attack surface.
To help businesses take stock and prepare for the coming year, here are the most significant cybersecurity trends that impact business in 2021, along with the recommended best practices that companies need to secure their wireless devices and networks.
Growth of connectivity, from 5G to satellite link. From connected cars, to smart power grids, to industrial automation, 5G connectivity will play a role in all areas of both public and private sectors. This will enable true hyper-multipath connectivity and edge computing, where wireless becomes the new enterprise network. At the same time, satellite link connectivity will play an increasing role across sectors and applications— from urban smart parking meters to soil sensors for industrial agriculture — as satellite launches become more affordable. However, this exponential increase in connectivity in general translates into an exponentially expanding attack surface for enterprises and cities — particularly as 80% of new IoT devices are wireless. This means that protection of broad-spectrum wireless IoT and cellular wireless networks will be a major priority for 2021.
With wireless remote work, growth of Shadow IoT. Although the pandemic will gradually subside, remote work will continue to be the norm for many organizations for the foreseeable future. While companies expand their use of IoT generally, employees will also continue to connect personal devices, both in the office and at home. These “Shadow IoT” devices will include everything, from smart thermostats and smart TVs to voice-activated assistance and USB WiFi thumb drives. Such connectivity will expand the wireless network and attack surface dramatically in remote environments, while at the same time decreasing its visibility from a corporate perspective — thus creating significant “back-door” and lateral risks from unknown and unprotected devices. This lack of visibility will be the primary challenge in securing wireless devices and networks 2021, period. As such, enterprises will need to gain an understanding of remote device behaviors, vulnerability conditions and the means of securing wireless networks against traditional and emerging threats.
Healthcare continues to get smart. While health systems already rely on hyper-connectivity to provide efficient, targeted and empathetic care, the use of smart technology will reach new heights in 2021. As health systems have embraced new ways to stay connected with patients during the pandemic, they will continue to support and expand telehealth services and at-home IoT health monitoring, along with increased IoT smart monitoring in both acute and post-acute care settings. As a result of these care improvements, providers will also be at increased risk for cyberattacks. As such, 2021 will see health systems looking for innovations in detection and risk mitigation to keep their devices secured and their patient data protected.
Manufacturers leverage IIoT for efficiency. As manufacturing companies look to drive faster and more efficient business decisions, they will increasingly deploy wireless IIoT (Industrial IoT) devices across their operational environments. Such sensors will allow them to make more data-led decisions, from better resource allocation and improved logistics and warehousing, to reduced manufacturing errors and streamlined product development. However, wireless proliferation will also introduce new management challenges and security risks, as such devices are governed by dozens of varying protocols and operating systems. Moreover, such devices are typically purpose-built for their function with limited CPU, storage and memory — and without robust security protections. Thus, manufacturers in 2021 will have an increasing need to not only gain visibility into their IIoT devices, but identify both risk and mitigation strategies for their wireless networks.
Retail experiences go fully digital. Still under pandemic pressures, the retail industry is experiencing significant transformation. Digital strategies and experiences have thus become table stakes for attracting and retaining consumers throughout every touchpoint in the customer journey — be it touchless commerce, curbside delivery, interactive applications, augmented reality or (soon) drone delivery. As with other sectors, retailers in 2021 will also be faced with the need to secure their wireless connected devices — wireless payments tools, interactive devices, warehouse and logistics sensors — that are expanding the retail attack surface.
Smart cities on the rise. Wireless IoT is enabling more cities to operate smarter. From smart traffic lights and parking meters, to connected sensors for utilities and other critical infrastructure, communities now have more data to make intelligent decisions and improve the lives of citizens. At the same time, smart cities are becoming the next cybersecurity battleground, as they represent high-value targets for hackers and nation state-backed malicious entities. With the transition to 5G and the race to WiFi 6 now on, 2021 will see governments and enterprises looking for new ways to identify risks and protect their broad-spectrum wireless IoT and cellular wireless networks, which have become the largest attack surface in history.
Regardless of the sector, broad-spectrum wireless IoT and cellular wireless devices have created the world’s largest attack surface. In order to stay ahead of the ever-changing threat landscape in 2021, companies must adopt new approaches to detect and assess the emerging risks of IoT. Here are a set of security best practices that organizations should strive to adopt in the coming year.
Continuous Asset Discovery and Visibility. Security professionals, no matter how expert, cannot defend what they cannot see. This means that, in 2021, comprehensive IoT visibility will become (and already is) essential for robust security.
Risk Analysis. Enterprises must also have the ability to identify IoT vulnerabilities and rank them by severity — enabling proactive, prioritized responses before any security events occur.
Automated Risk Mitigation. With the scale of today’s wireless networks, organizations will need to adopt automated tools for mitigation, which include strategies like air termination and API integrations with firewalls or NAC vendors to implement command and control blocks.
Event Detection and Response. Meanwhile, organizations will also require extensible API integrations for existing SIEMs and SOARs platforms — enabling additional threat correlation for their broad-spectrum wireless and cellular IoT environments.
Data Usage and Cost Analytics. Finally, as enterprises increasingly use cellular backhaul technology to support fleets of IoT devices, device behavior analytics and predictive cost management will become essential to ensure that data overages do not occur and businesses do not incur unnecessary costs. While cost management may not receive the high-profile attention that security does, it is no less critical for successfully deploying wireless IoT at scale.
To learn more about our 2021 predictions, see our press release here: LOCH Technologies IoT and Wireless Security Predictions 2021
With that, we’d wish you a happy and successful 2021! For more information on how your organization can protect its wireless assets in the new year, learn about our new approach with Wireless Machine Vision.