My 2020 Predictions Revisited: What Worked, What Didn’t
“Turns out, people aren’t all that good at predictions,” I wrote in my 2020 article. How true this turned out to be. Few could foresee the turns 2020 would take. Yet, some of what we were looking for did come to pass. Here’s a look back at those predictions.
Cyber Crime in 2020
I predicted, with money still being the top motivating factor for crime, criminals would blend techniques and technologies into new unforeseen attacks. This was partially true with incremental advances in most crimeware packages. With the world’s attention shifting, phishing emails preying on people reading the latest headlines led to nearly 200% increase in overall phishing attacks in 2020. Ransomware saw a similar increase in attacks, with updated platforms like WastedLocker. But overall, more of the same was the theme in crime in 2020.
I expected hacktivism to return, after declining since its peak in 2015. This was based on worldwide protests. With 2020, protests came to the USA. There was a rise in web defacements and data theft. Some 200 police departments had records exposed. The classic distributed denial-of-service (DDoS) tactic is still in use. Hacktivism also moved up the stack in 2020, disrupting events through social media. I expect this trend to continue in the near-term as the unrest continues.
Defenses in 2020
The rapid shift to remote work this year propelled digital transformation, cloud adoption, and securing it all with zero trust principles. I’m tempted to say 2020 was the year of zero trust. However, a Google search turned up such proclamations for 2018, 2019, 2020, and even 2021. Setting that aside for the moment, a significant number of organizations deployed strong authentication, adaptive and risk-based access, endpoint device health, and brought these tactics together to secure people working in ways we never imagined back in 2019.
User and entity behavior analytics (UEBA) made significant strides as one way of determining trust in a zero-trust architecture. The other prediction I made was passwordless authentication being on the security roadmap in 2020. Well, it was. But then it wasn’t.
As one CISO shared with me, “Our crisis response and subsequent focus on securing productivity pushed new initiatives to 2021.” We continue to chip away at the password, however, removing passwords as the primary factor will take a bit more time than I originally thought.
With 2020 in our rearview mirror, we can now look ahead to what another year brings. Periods of rapid change, periods of unforeseen turmoil, are difficult on us all. The optimist in me points to how this year has accelerated innovation, and how this year shone a spotlight on what technologists can do. We witnessed the largest migration in human history, a migration from the physical to the digital. We stood up. We made it happen. We secured it. Now, onward.
Try Duo For Free
With our free 30-day trial and see how easy it is to get started with Duo and secure your workforce, from anywhere and on any device.