In our last post, we discussed six cybersecurity threats that will likely have the greatest impact on organizations in 2021. Phishing campaigns will continue to proliferate, and many will exploit the fear and uncertainty that continues to surround the COVID-19 pandemic. Experts are also predicting “Nigerian Prince” scams preying on individuals and businesses looking for economic stimulus payments.

In a previous post, we took a look at the serious problem of insider threats. Accounting for 30 percent of all security breaches, insider threats include well-meaning users who make mistakes or work around security policies and insiders who attack company IT systems out of malice or for personal gain. The most expensive insider attacks involve credential theft, in which outside hackers steal legitimate usernames and passwords to gain access to IT systems.

Organizations are right to be concerned about shadowy hacker groups infiltrating their IT systems. According to Verizon’s 2020 Data Breach Investigations Report, 70 percent of security breaches can be traced to malicious external actors. Organized criminal groups were behind 55 percent of breaches, and 86 percent of breaches were financially motivated.

If 2020 has taught us anything, it’s that IT strategies need to stay flexible. Experts had been saying for years that we were overdue for a pandemic, but no one anticipated that we’d need to retool our operations overnight due to lockdowns and social distancing requirements. Many scheduled projects and initiatives had to be put on hold so that IT staff could focus on enabling remote access.