7 Security Vendor Predictions for 2021

Emanuel’s colleague Kelvin Murray, a senior threat research analyst at Webroot, foresees increased business email compromise activity next year, due largely to all the people who will still be working from home even after vaccines become widely available.

“[Business email compromise] attacks are currently one of the biggest threats to employees, and this is set to continue into 2021,” he says. “Amid the continued shift to remote working, we’re likely to see this threat continue to be successful as targets are unable to quickly check with colleagues about dodgy looking emails [and] are more likely to click on dangerous links or transfer money when requested by someone seemingly legitimate, like a trusted colleague or boss.”

Nachreiner worries about another work-from-home threat. “Malicious hackers often include worm functionality modules in their malware, designed to move laterally to other devices on a network,” he says. “In 2021, cybercriminals will exploit under-protected home networks as an avenue to access valuable corporate endpoint devices.” In fact, attackers are likely to train their code to seek out home-based devices doing corporate work, by looking for evidence of heavy VPN use for example.

Robert Meyers, a compliance and privacy professional at One Identity, has a different warning for channel pros: Don’t be surprised if you find yourself reading about work-from-home breaches more often in the coming months, but don’t be fooled into thinking those incidents are all recent.

“At the start of 2021, there will be an increasing number of companies that will begin to acknowledge data breaches that occurred in 2020,” he says. “In response, there will be a drastic number of regulatory audits, making it appear that data breaches are on the rise. However, the vast majority of breaches being publicized will not be new.”