Review 2021: Uncertainty in IT security

Review 2021 IT security b.r.m. brm

Many companies and organizations had significant problems not only due to the coronavirus pandemic, but also in terms of IT security. 2021 was not a good year for IT security, as it revealed significant security gaps and cyber attacks on companies rose sharply, our 2021 review:

Development of cybercrime

In 2021, there was a significant increase in cyberattacks on companies and organizations. This trend has increased significantly since 2020. According to a study by the website Check Point Research, the number of cyberattacks on organizations of all kinds increased by 40%.

The pandemic created enormous time pressure for IT service providers due to the need to make work more flexible. In addition, hacker attacks occurred much more frequently and became increasingly sophisticated. Hackers were often faster than the defenses against them. One massive problem in IT security was the so-called zero day.

Zero-day gap as a major threat

IT systems are constantly evolving and software is therefore usually quickly outdated. New patches bring the devices up to date and close old security gaps.

However, this so-called zero-day included four security flaws in Microsoft Exchange servers, which were inadvertently implemented by the developers due to faulty programming code. This gave the hacker group Hafnium the opportunity to infiltrate and scan thousands of Exchange servers. However, as it has not yet been possible to clarify whether a backdoor was installed, the consequences for the future cannot yet be determined.

What can we learn from this?

You cannot prepare for a zero day, as they can occur anywhere and undetected. However, you can comply with data protection rules in accordance with the GDPR. There are two versions of this: privacy by design and privacy by default. The latter describes settings that are data protection-friendly by default. Privacy by design describes the data protection processes that are best complied with if they have already been technically integrated during development. A double locked door, so to speak.

However, this requires a reliable IT security policy. This relies not only on progressive technology, but also on an appropriate firewall. IT security is defined by continuous updates and qualitative combating of security gaps.

Review 2021: IT security is a very dominant topic in the IT industry and is associated with a constant striving for quality. In addition to process digitization, increasing the speed of data management and developing digital products is also a challenge for future IT.