Cybersecurity has faced it’s fair share of challenges over the last few years; as cyber-criminals come up with crafty ways to attack databases and steal vital information.
Much of the UK had to adapt to a work from home culture in 2020, due to the outbreak of Covid-19. As a result, information which would have been accessed over a shared, reliable and secure in-house network, now was retrieved by workers over their personal home networks.
This posed a risk of important data potentially being leaked if home networks were not secure; and this has led to many businesses considering stricter security to protect their networks and databases.
According to a survey in March 2020, conducted by GOV.co.uk, almost half of businesses (46%) and a quarter of charities (26%) reported having cyber security breaches or attacks in the last 12 months.
Among the 46 per cent of businesses that identified security breaches, more experienced these issues at least once a week during 2020 (32%, vs. 22% in 2017).
It hasn’t been businesses alone that have been exposed to security breaches, but also the general public.
The closure of high-street retailers for the majority of 2020 meant that consumers were forced to conduct their shopping activities online. Ecommerce businesses and online retailers faced increased volumes of activity and had to ensure shoppers were safe whilst purchasing items.
During the middle of lockdown in 2020, it was reported that online shopping fraud has resulted in about 16,000 people in the UK losing a total of more than £16m to criminals during the coronavirus lockdown, with those aged from 18-24 being the most affected.
Most recently before Christmas, Manchester United announced that their computer systems had been hacked and that security agencies were conducting a “thorough” investigation. The club confirmed that no personal information of fans and customers had been breached.
Data from NHS Digital revealed that they had received thousands of malicious emails in just in one month during the height of the coronavirus pandemic. 21,188 malicious emails were reported to the official NHSmail reporting address between 1 and 31 March, 8,085 during April. That number began to decline in May through to July.
NHS found themselves not only overwhelmed tackling the outbreak of Covid-19, but also working hard to keep systems secure.
At the time, Neil Bennett, chief information security officer at NHS Digital, said: “This is an unprecedented time for the NHS, including the cyber security and IT teams who are continuing to work hard in all NHS organisations to keep patient data and systems secure to support the delivery of safe patient care.
“As part of NHS Digital’s cyber-security operations, we collaborate with all areas of the system to ensure they are aware of potential threats. This includes highlighting the need for staff to report suspicious emails by raising awareness through our Keep I.T. Confidential campaign. We have also published additional advice and guidance for NHS staff around cyber security while remote working.”
Will we see an increased demand for cyber-security skills in 2021?
As the immediate future remains unknown, many businesses, workers and consumers are likely to continue to operate on an remote/online basis.
Covid-19 is likely to shape the demand for cyber-security skills in 2021; and as more workers continue to work from home, the skills which are required for effective cyber-security defence, have become a top priority for organisations.
The pandemic has been seen as a golden opportunity for hackers; however, organisations must be ready to protect themselves post-pandemic.
As we mentioned before, as employees continue to access office applications from home, they will need to ensure their websites are kept secure from malware such as viruses and ransomware. Skillsets around span network, application, and OS security will be relevant.
The reality is that organisations will continue to face increased breaches and threats in their IT networks, including malware and hacker attacks. In order to remain protected, organisations will be looking to equip themselves with skills required, such as wireless network security, firewalls and IDS/IPSes, VPNs and remote access, as well as endpoint security.
Businesses which have invested in cyber-security protection in the past will continue to invest in order to protect themselves. There have also been businesses over the past year that have had to build and maintain an online presence – they will be looking to begin investment. Organisations will be on the lookout for highly-skilled security professionals, such as web engineers, which could become a required skillset for tech professionals going forward.