March 1, 2021 | Written by: Hrvoje Pavicic
Share this post:
After a break of two and a half months, this week I played football again with the team. In Croatia, lockdown measures have been slightly relaxed and outdoor sports can now be played. It was -4 Celsius. The sports ground was fully booked both before and after our time slot. There were 10 players on the field, just like before. Compared to previous matches, the only difference was that the café was closed this time. As we hadn’t seen each other for a while, we stayed outdoors after the football for thirty minutes and talked.
The main topic was whether people would return to their previous lifestyles after the pandemic (as we did immediately with football) – or more precisely, whether people would return to the office after the pandemic, or if a significant number would still work from home.
My teammates come from various industries and everyone has a different view. Common to all, however, was the prediction that many more people would continue to work from home than before. Although the predictions are different, everyone agrees and expects at least 20% more people – or time (at least one day per week) – working from home.
Based on my discussions with leaders, it turned out I assume that at the beginning of the pandemic in March, in the Republic of Croatia, only 15% of people in large banks came to work in HQ offices, while 85% worked from home. IT made it all possible in two weeks. The pressure on IT departments was huge. At that time, IBM provided all its products enabling safe work from home for free use for the next three months. This was necessary to help companies to quickly adapt to the new working conditions.
Likewise, cybercriminals also saw their opportunity in the new conditions and changed their pattern of behaviour. Through 2020 there were more ransomware attacks than ever before. The evolving ransomware model is proving successful for attackers as some organized ransomware groups make upward of hundreds of millions of dollars a year (it is no exaggeration to say). Also, the growth rate of malware that runs on Linux OS was 40% over year, while the growth rate of Go-related malware was 500%. Gartner predicts that 70% of firms will invest more in the cloud environment in the following year. And 90% of the cloud workload is running on Linux OS.
It is clear that security and IT professionals face huge challenges in 2021. Every year, the IBM X-Force team publishes a security review of the previous year and predictions for the year ahead. The IBM X-Force Threat Intelligence Index 2021 was published last week and we clearly see which threats were most prevalent in 2020, and which we need to focus on in 2021.
In these new disruptive times it is difficult to make predictions, but for security some bets are easy to make. Securing hybrid cloud environments, and defending against ransomware and Linux-based malware will be the three focus areas of all security professionals in 2021.
How can we mitigate these challenges without compromising the company’s agile business development requirements? IBM believes that the answer lies in leveraging open standards, AI and automation to connect security tools and data across a companies IT infrastructure. To that end, IBM has focused on establishing an integrated Threat Management platform, Cloud Pak for Security in order to provide a single, unified platform to connect all of a company’s security tools and data from IBM and others.
Rather than integrating select tools from specific vendors, Cloud Pak for Security is built on open technologies that create a more flexible foundation to reduce vendor lock-in, such as those provided by the Open Cybersecurity Alliance (OCA).
IBM Cloud Pak for Security platform is enabling clients, through a unified user interface and while leaving data where it resides, to identify security threats and quickly orchestrate responses to those threats (SOAR).
The ease of use and power of IBM Cloud Pak for Security is best described in customer testimonials such as that of coal mining firm JSW SA, where IBM Cloud Pak for Security helps them reveal hidden threats and make more informed decisions based on risk analysis.
In addition, we will continue to leverage AI to identify and contextualize suspicious activities or access data in order to prevent cyber attacks. For example, many of our clients are taking advantage of IBM QRadar Advisor with Watson and seeing results that are more accurate, more insightful and faster.
It is worth recalling how AI strengthens our capabilities in cybersecurity issues: AI can help alleviate some of the effects of the existing skills gap facing security teams by making junior analysts more effective. This is just one of the findings of this blogpost based on research conducted by ESG – and it still seems to be current. (All in all, developing both AI and cybersecurity skill sets will be important for the next generation’s security workforce, so that the IBM Academic Initiative represents a great help for learning programs.)
Join me in getting familiar with the IBM X-Force Threat Intelligence Index 2021, and in the meantime, I will enjoy outdoor football, respecting all epidemiological recommendations, and look forward to seeing what we all went through in 2020 from the IBM X-Force angle, and where the expected security focus will be in 2021.
Dear friends, stay healthy and take care of your loved ones.