Connect with us

Politics

Securing the Future: Cybersecurity Predictions for 2021 – ReadWrite

Published

on

Otavio Freire


Predictions are always a risky business. Anyone writing this post a year ago could not have seen what was waiting in store in 2020. In cybersecurity, the wholesale shift from the office setting to the virtual workspace has transformed everything, in unforeseen ways. To give just one example: collaboration tools like Slack and Teams have become a serious threat vector, on a scale never seen before.

However, 2021 looks like it should be more predictable. Vaccines will roll out, and the cybersecurity lessons learned this year will continue to prove useful. With this in mind, what can we say about next year in cybersecurity? What trends are we likely to see? What shifts should enterprises be prepared for? Here, I’ve pinpointed three answers to these questions:

  • Cyberattacks will become more personalized, via social engineering
  • Enterprises will stay very paranoid, as cybercrime gets worse and worse
  • The password will finally start to die out as a primary layer of defense

The Increasing Personalization of Cybercrime

Personalization is all the rage in B2C consumer technologies. It is also a tactic increasingly embraced by bad actors, chiefly through social engineering.

The 2020 Trustwave Global Security Report analyzed a trillion security and compromise events. The report concluded that “social engineering reigns supreme in method of compromise.” Moreover, increasingly, social engineering attacks threaten social channels as much as they do email. A report from Verizon revealed that 22% of all data breaches included social attacks as a tactic.

Social engineering is about the personalization of cyberattacks. In 2021, we should expect this personalization to increase.

Brian Honan, CEO of the Irish company, BH Consulting, is an infosecurity thought leader. He had the following to say on this topic:

“In 2021, criminals will look to make their phishing and social engineering attacks much more targeted and personal,” Brian predicts. “This will be the case whether those attacks are launched against individuals or against organizations via key staff. Our social media activity will provide criminals with more ammunition and capabilities to make their attacks seem more convincing and personal.”

To stress: the issue here is not email. As Brian says, “criminals will look at other channels to launch attacks against companies; mainly their social media channels. Personal data leaked online through social media will become weaponized.”

Just look at how the ATM infrastructure of the Chilean banking system was compromised by North Korean hackers (zdnetdotcom). Where did the attack begin? LinkedIn. The attackers carefully selected their victims, and tailored their contact to fit the target. This kind of personalization works, which is why in 2021 it will continue.

It’s Not Paranoia if They’re Really Out to Get You

The increasing personalization of cyberattacks is one of the elements that will make 2021 a paranoid year for enterprises. As Javvad Malik, a Security Awareness Advocate at KnowBe4, puts it:

“In 2021, the default position for most organizations will be full paranoia. Can you trust your email? Your social media feed? Your politicians? Your customers? Your employees? Your corporate devices? The answer will be a resounding no.”

This increasing fear is borne out in the numbers. Gartner predicts that cybersecurity spending will reach $170.4 billion globally by 2022. Spending has already increased dramatically in many countries. In Australia and China, 50 per cent and 47 per cent of companies respectively reported exceeding their cybersecurity budgets.

This paranoia isn’t unwarranted. 2020 was a record year for cybercrime. 53% of respondents to ISACA’s State of Cybersecurity 2020 report expect a cyberattack within 12 months. Cyberattacks are the fastest growing type of crime in the US. Globally, cybercrime damages are expected to reach $6 trillion next year. That’s 57x the damages of 2015.

In short, 2021 will be a year in which enterprises stay very worried. There will be no relaxing of vigilance or wariness. We should all be ready for a paranoid mood to continue to influence the cybersecurity industry at large.

Passwords in Question

For a while now, passwords have felt a bit 1995. The memorization, the clicking on the “I forgot my password” link. But above all, the flimsy security of passwords. Here’s Javvad Malik again:

“2021 will be the tipping point for passwords. With advancements and adoption of FIDO and MFA, we’re going to see fewer new services offering only passwords as a form of authentication.”

Considering the dangers of using passwords, this is no surprise. Poor password behaviour remains one of the leading causes of data breaches (itgovernancedoteu).

Nordpass and partners reveal that people are still as lazy as ever when it comes to formulating passwords; and this goes as much for enterprise employees as your mom. Out of the 275,699,516 passwords relating to 2020 data breaches, only 44% of them were considerably “unique.”

The most popular password according to Nordpass dot com? “123456,” utilized by over 2.5 million users.

In short, the password’s days are numbered, at least as a sole or primary form of defence. We’ve already been seeing an exponential increase in the adoption of Fast Identity Online (FIDO) and multi-factor authentication (MFA). In fact, during FIDO Alliance’s Authenticate 2020 conference, it was revealed that various government units and agencies have acknowledged FIDO standards and are now enforcing them alongside existing digital ID policies.

MFA (multi factor authorization), on the other hand, is considered one of the best practices in cybersecurity nowadays, and is seeing increased adoption within businesses across different industries. 2021 will see both these trends increase.

However, Javvad also predicts an increase in attacks against MFA or passwordless technologies:. “We’ve already seen examples of SIM hijacking to obtain the SMS codes, but this will likely ramp up and we’ll start to see bigger and worse attacks.”

(SIM jacking sees bad actors using social engineering techniques to trick mobile phone providers into allocating a target’s phone number to a new SIM.) The Federal Bureau of Investigation (FBI) have released a Private Industry Notification (PIN) document that details how cybercriminals try to circumvent MFA on their victim’s phones.

However, even though MFA isn’t perfect, it remains a lot better than the humble password! Expect next year to be a year where a heavy minority of services rely on passwords.

Readying Ourselves for 2021

If 2020 taught us anything, it’s that the future is always unpredictable. No-one knows for sure what 2021 will bring.

However, I believe the three trends listed here to be pretty firm bets. As we all try to build business agility and business resilience for 2021, we need to do our best to look into our crystal balls.

I hope my fortune-telling here proves useful to you.

Otavio Freire

President, CTO, co-founder

As the President, CTO and Co-Founder of SafeGuard Cyber, Otavio Freire is responsible for the development and continuous innovation of SafeGuard Cyber’s enterprise platform. He has rich experience in social media applications, internet commerce and IT serving the pharmaceutical, financial services, high-tech, and government verticals. Mr. Freire has a BS in Civil Engineering, an MS in Management Information Systems and an MBA from the University of Virginia Darden School of Business, where he currently serves as a visiting executive lecturer.

Politics

Fintech Kennek raises $12.5M seed round to digitize lending

Published

on

Google eyed for $2 billion Anthropic deal after major Amazon play


London-based fintech startup Kennek has raised $12.5 million in seed funding to expand its lending operating system.

According to an Oct. 10 tech.eu report, the round was led by HV Capital and included participation from Dutch Founders Fund, AlbionVC, FFVC, Plug & Play Ventures, and Syndicate One. Kennek offers software-as-a-service tools to help non-bank lenders streamline their operations using open banking, open finance, and payments.

The platform aims to automate time-consuming manual tasks and consolidate fragmented data to simplify lending. Xavier De Pauw, founder of Kennek said:

“Until kennek, lenders had to devote countless hours to menial operational tasks and deal with jumbled and hard-coded data – which makes every other part of lending a headache. As former lenders ourselves, we lived and breathed these frustrations, and built kennek to make them a thing of the past.”

The company said the latest funding round was oversubscribed and closed quickly despite the challenging fundraising environment. The new capital will be used to expand Kennek’s engineering team and strengthen its market position in the UK while exploring expansion into other European markets. Barbod Namini, Partner at lead investor HV Capital, commented on the investment:

“Kennek has developed an ambitious and genuinely unique proposition which we think can be the foundation of the entire alternative lending space. […] It is a complicated market and a solution that brings together all information and stakeholders onto a single platform is highly compelling for both lenders & the ecosystem as a whole.”

The fintech lending space has grown rapidly in recent years, but many lenders still rely on legacy systems and manual processes that limit efficiency and scalability. Kennek aims to leverage open banking and data integration to provide lenders with a more streamlined, automated lending experience.

The seed funding will allow the London-based startup to continue developing its platform and expanding its team to meet demand from non-bank lenders looking to digitize operations. Kennek’s focus on the UK and Europe also comes amid rising adoption of open banking and open finance in the regions.

Featured Image Credit: Photo from Kennek.io; Thank you!

Radek Zielinski

Radek Zielinski is an experienced technology and financial journalist with a passion for cybersecurity and futurology.

Continue Reading

Politics

Fortune 500’s race for generative AI breakthroughs

Published

on

Deanna Ritchie


As excitement around generative AI grows, Fortune 500 companies, including Goldman Sachs, are carefully examining the possible applications of this technology. A recent survey of U.S. executives indicated that 60% believe generative AI will substantially impact their businesses in the long term. However, they anticipate a one to two-year timeframe before implementing their initial solutions. This optimism stems from the potential of generative AI to revolutionize various aspects of businesses, from enhancing customer experiences to optimizing internal processes. In the short term, companies will likely focus on pilot projects and experimentation, gradually integrating generative AI into their operations as they witness its positive influence on efficiency and profitability.

Goldman Sachs’ Cautious Approach to Implementing Generative AI

In a recent interview, Goldman Sachs CIO Marco Argenti revealed that the firm has not yet implemented any generative AI use cases. Instead, the company focuses on experimentation and setting high standards before adopting the technology. Argenti recognized the desire for outcomes in areas like developer and operational efficiency but emphasized ensuring precision before putting experimental AI use cases into production.

According to Argenti, striking the right balance between driving innovation and maintaining accuracy is crucial for successfully integrating generative AI within the firm. Goldman Sachs intends to continue exploring this emerging technology’s potential benefits and applications while diligently assessing risks to ensure it meets the company’s stringent quality standards.

One possible application for Goldman Sachs is in software development, where the company has observed a 20-40% productivity increase during its trials. The goal is for 1,000 developers to utilize generative AI tools by year’s end. However, Argenti emphasized that a well-defined expectation of return on investment is necessary before fully integrating generative AI into production.

To achieve this, the company plans to implement a systematic and strategic approach to adopting generative AI, ensuring that it complements and enhances the skills of its developers. Additionally, Goldman Sachs intends to evaluate the long-term impact of generative AI on their software development processes and the overall quality of the applications being developed.

Goldman Sachs’ approach to AI implementation goes beyond merely executing models. The firm has created a platform encompassing technical, legal, and compliance assessments to filter out improper content and keep track of all interactions. This comprehensive system ensures seamless integration of artificial intelligence in operations while adhering to regulatory standards and maintaining client confidentiality. Moreover, the platform continuously improves and adapts its algorithms, allowing Goldman Sachs to stay at the forefront of technology and offer its clients the most efficient and secure services.

Featured Image Credit: Photo by Google DeepMind; Pexels; Thank you!

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is the Managing Editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind and has over 20+ years of experience in content management and content development.

Continue Reading

Politics

UK seizes web3 opportunity simplifying crypto regulations

Published

on

Deanna Ritchie


As Web3 companies increasingly consider leaving the United States due to regulatory ambiguity, the United Kingdom must simplify its cryptocurrency regulations to attract these businesses. The conservative think tank Policy Exchange recently released a report detailing ten suggestions for improving Web3 regulation in the country. Among the recommendations are reducing liability for token holders in decentralized autonomous organizations (DAOs) and encouraging the Financial Conduct Authority (FCA) to adopt alternative Know Your Customer (KYC) methodologies, such as digital identities and blockchain analytics tools. These suggestions aim to position the UK as a hub for Web3 innovation and attract blockchain-based businesses looking for a more conducive regulatory environment.

Streamlining Cryptocurrency Regulations for Innovation

To make it easier for emerging Web3 companies to navigate existing legal frameworks and contribute to the UK’s digital economy growth, the government must streamline cryptocurrency regulations and adopt forward-looking approaches. By making the regulatory landscape clear and straightforward, the UK can create an environment that fosters innovation, growth, and competitiveness in the global fintech industry.

The Policy Exchange report also recommends not weakening self-hosted wallets or treating proof-of-stake (PoS) services as financial services. This approach aims to protect the fundamental principles of decentralization and user autonomy while strongly emphasizing security and regulatory compliance. By doing so, the UK can nurture an environment that encourages innovation and the continued growth of blockchain technology.

Despite recent strict measures by UK authorities, such as His Majesty’s Treasury and the FCA, toward the digital assets sector, the proposed changes in the Policy Exchange report strive to make the UK a more attractive location for Web3 enterprises. By adopting these suggestions, the UK can demonstrate its commitment to fostering innovation in the rapidly evolving blockchain and cryptocurrency industries while ensuring a robust and transparent regulatory environment.

The ongoing uncertainty surrounding cryptocurrency regulations in various countries has prompted Web3 companies to explore alternative jurisdictions with more precise legal frameworks. As the United States grapples with regulatory ambiguity, the United Kingdom can position itself as a hub for Web3 innovation by simplifying and streamlining its cryptocurrency regulations.

Featured Image Credit: Photo by Jonathan Borba; Pexels; Thank you!

Deanna Ritchie

Managing Editor at ReadWrite

Deanna is the Managing Editor at ReadWrite. Previously she worked as the Editor in Chief for Startup Grind and has over 20+ years of experience in content management and content development.

Continue Reading

Copyright © 2021 Seminole Press.