Cybersecurity Challenges and Opportunities in 2021
By : Mark Kuivila
2020 was a uniquely difficult and disruptive year. In the fog, some businesses may have understandably let important considerations slip through the cracks. The year has finally come to a close, but 2021 is shaping up to pose its own challenges, particularly in the cybersecurity world.
In mid-December, news broke that hacking groups backed by Russian intelligence had executed a sophisticated, large-scale cyberattack against the US by exploiting vulnerabilities in SolarWinds, VMware, and Microsoft software. These espionage efforts lead to massive data breaches at multiple federal organizations—including the Departments of Defense, State, Justice, and Treasury—and at least 50 private businesses. Reports indicate that hackers had sweeping access to sensitive federal and private-sector information for over 8 months before the attack was detected.
Given the scale and severity of the breach, it’s reasonable to anticipate that the incoming administration will revitalize ongoing efforts to strengthen federal cybersecurity programs. Organizations who regularly contract with the federal government should expect an increased level of scrutiny over their internal cybersecurity practices in 2021. This is particularly true for members of the Defense Industrial Base (DIB) for whom implementation of the DoD’s Cybersecurity Maturity Model Certification (CMMC) has been an ongoing source of anxiety.
DIB members and other federal contractors are advised to prioritize their cybersecurity compliance efforts early in the year. By conducting a self-assessment, your organization can preemptively identify and remedy security gaps before bidding on new contracts that require cybersecurity protections. Additionally, taking a proactive approach to cyber compliance sets your business apart from other organizations, providing a potential edge over the competition in the bidding process.
The recent cyber-attack wasn’t just a wake-up call for the federal government, however. With at least 50 private sector organizations affected by the breach, it’s clear that businesses need to put serious focus on their cybersecurity practices in 2021, whether or not they regularly contract with the federal government. If your organization is interested in establishing a robust cyber program or revamping an existing one, consider adopting a set of industry recommended best practices such as SOC2, COBIT, or CIS. Subscribing to a defined selection of procedures helps take the guesswork out of cybersecurity and provides your business and your stakeholders with more confidence in your approach.
If you are a managed service provider (MSP) or cybersecurity advisor, the tools you use to bring your clients into cybersecurity compliance matters. Click here to learn more about the InFront Compliance cybersecurity assessment and compliance management platform that can help you and your clients meet your cybersecurity goals.