2020 was a year of unpredictability and uncertainty. We knew in January that things might change after November’s election, but no one could have predicted the instability of our world by March as a result of COVID-19. Nearly every organization was impacted in terms of work environments and security measures. As a result of the pandemic, businesses have had to completely revamp not only their work-from-home and security policies but the general ways in which they do business.
In 2020, reports of increased cybersecurity threats, phishing, malware, ransomware, and data breaches have plagued the headlines. Here are a few notable ones:
- Microsoft, Jan. 22, 2020: A customer support database with 280 million customer records were left unprotected and exposed to the web.
- Estee Lauder, Feb. 11, 2020: An unsecured database exposed 440 million customer records.
- MGM Resorts, Feb. 20, 2020: Over 10.6 million hotel guests had their personal information posted on a hacking forum.
- Marriott International, Mar. 31, 2020: 5.2 million hotel guests’ records exposed.
- Facebook, Apr. 21, 2020: More than 267 million profiles listed for sale on the Dark Web.
- Fresenius Group, May 5, 2020: A reported ransomware attack on this global healthcare company impacted the company’s operations around the world.
- Magellan Health, May 13, 2020: This Fortune 500 healthcare company fell victim to a phishing scam and ransomware attack.
- Cognizant, Jun. 17, 2020: One of the largest IT managed services company had its users’ data stolen in a ransomware attack.
- Dave Mobile Banking App, Jul. 26, 2020: Through a third-party breach, this digital banking app leaked the account details of over 7.5 million users.
- Expedia, Hotels.com & Booking.com, Nov. 6, 2020: A database leaked sensitive data from over 10 million hotel guests worldwide.
It’s Time to Rethink Your Security Strategy
In March 2020, AT&T Cybersecurity conducted a research survey of 500 cybersecurity and IT professionals who manage their organization’s cybersecurity strategies, controls, and operations. The resulting report, The Relationship Between Security Maturity and Business Enablement, found a correlation between business success and a commitment to strong security.
The survey also found that, as organizations build stronger cybersecurity strategies, confidence builds, and the organization becomes more aggressive with IT-driven initiatives. As a result, they report a stronger ROI on security investments.
A surprising conclusion of this survey found no correlation between company size and cybersecurity program maturity level. Large and small companies are equally capable of developing mature cybersecurity programs. The level of success is based more on thoughtful consideration, planning, and organizational culture; however, investments in technology and staff do matter as well.
A Look Ahead
While 2020 is shaping up to be quite possibly the worst year in cybersecurity history, 2021 could prove to be even worse if businesses don’t prepare now. A 2020 Business Threat Landscape report conducted by Bitdefender found that 50% of organizations are completely unprepared for this “new normal” of remote working.
And while large-scale companies, such as the ones listed above, are a target for hackers, the Bitdefender report also found that 47% of reported attacks involved smaller SMBs that had difficulty switching to a remote workforce.
With the number of COVID-19 cases rising across the country, which could result in more lockdowns and more remote workers, leading to a potential increase in your company’s vulnerable attack surfaces, it’s time to up your security game.
Schedule a Demo
Help protect your organization from third-party breach with ProcessBolt’s AI-based vendor risk management platform, the only one on the market designed for both vendors and enterprises. Complete this form to receive a personalized walk-through of ProcessBolt and learn how we can enhance your organization’s third-party risk management program.