Authored by: James Forbes-May, Vice President – APAC for Barracuda

2020 has been a bumpy road for businesses across the Asia-Pacific region, with tremendous shifts in the business landscape, carving out a 'new normal' characterised by the acceleration of public cloud adoption and digital transformation; widespread remote working and the boom of e-commerce. The scale of this transformation could not have been predicted, and we only hope that as we move into the new year, 2021 will offer more stability and exciting opportunities for businesses to embrace their digital journeys without too many hiccups. To help, I have put together a few key trends that we at Barracuda expect to see looming large in the Year of the Ox. 

1. Increased focus on zero trust to secure distributed enterprises and remote workers

COVID-19 and the transformational pressure it has created on work habits and environments will continue to place corporate endpoints predominately outside the network perimeter in 2021. This will provide increased attack surfaces into organisations.
 
To reduce the security risk in these environments, a zero-trust approach will be the big focus for organisations next year to provide secure, reliable and fast access to cloud or on-premise applications and workloads from any device and location. This ensures only the right person, with the right device, and the right permissions has access to company resources.

2. Migration to cloud will continue at full speed, but security mustn't take a back seat

COVID-19 forced many companies in Asia-Pacific to significantly accelerate their migration to cloud services to address lockdowns and remote workers. Two key trends will continue in 2021. First, new applications will be delivered as SaaS instead of on-premises implementations. Second, and more importantly, existing on-premises applications are migrating faster to the cloud.
 
While riding this wave of cloud adoption, don't let security take a back seat due to budget and resource constraints. Make sure you know who is responsible for the security of infrastructure, workloads and assets in the cloud. Many don't fully understand the responsibilities of both their organisation and public cloud provider, which could leave gaps. Threat protection must get the attention it deserves to avoid causing reputational and financial damage at a time when most companies can least afford it.

3. Increase in attacks taking advantage of the new reality

Distracted workers, global pandemic, cost pressures from a recession, remote access, accelerated adoption of cloud services. Each of these alone would be cause for concern for cybersecurity professionals. All these macro trends happening simultaneously requires us to have the highest level of vigilance against those who would take advantage of these situations.
 
Threats in 2021 will continue to target the weakest link in the chain – the human element. Three areas for potential concern include:

1. COVID check-in apps – In countries like Singapore and Australia consumers have become accustomed to using smartphone cameras to scan QR codes for contactless signing in when visiting COVID safe businesses, such as restaurants, cafes or gyms. This is a breach waiting to happen. Many of the apps aren't well built, yet we're putting all our personal details into them.

2. Contact tracing – There will be an increase in scams targeting contact tracing in countries relying on these apps, with opportunistic cybercriminals acting as contact tracers to get personal details out of unsuspecting victims. Most likely there will be some critical information sort after, such as credit card details, passport numbers or other details. How do victims really know who is calling them?

3. COVID-19 vaccine – With the huge demand for vaccines across the region, malicious campaigns are likely to surface that take advantage of the heightened awareness (and hope!). Victims may be asked to sign up to secure their spot to receive a vaccine whenever it's released, with the aim to phish personal details out of people.

All of these malicious campaigns really highlight the need for a greater focus to be placed on cybersecurity awareness, education and training.

4. Shortage of key resources to help mitigate security issues

Security executives will need to achieve the same level of security or more with tighter budgets in 2021. There will also be a continued shortage of cybersecurity talent in the region despite the recession and COVID-19 job losses.