Predicting the Unpredictable: PCI Pal releases cyber security and compliance predictions for 2021
Geoff Forsyth, CISO, PCI Pal highlights key considerations and predictions for what will likely be another unpredictable year
If 2020 has taught us anything, it’s that trying to predict upcoming threats and opportunities is like playing roulette – don’t bet anything you can’t lose, hedge your bets on broader chances rather than specific shots and still be prepared for the casino to burn down. However, as challenging as 2020 has been, it’s not certain that 2021 will be smooth sailing either, especially when it comes to cyber security and compliance.
Businesses need to understand the changing threat landscape and take steps to guard themselves against it. PCI Pal’s CISO Geoff Forsyth outlines his predictions and considerations for the New Year:
1. “Many companies around the world will make their temporary move to remote work permanent in 2021. The thought of commuting and dressing for the office again is just too much to bear!
But for industries like contact centres that weren’t built for homeworking prior to COVID-19, new cyber security considerations will be necessary to ensure continued security at home. These include improving encryption of data and descoping call agents from as much personal and payment card data as possible.”
2. “The most vulnerable in 2021 will be the companies that have taken the biggest hit in 2020, such as travel and hospitality.
But the struggles of this year will be nothing compared to what they’ll face in 2021 if they don’t step up cyber security efforts. As people come out of hibernation, these sectors will experience heavy traffic, taking in a huge flood of personal and payment card data. But a squeeze on resources and surge in demand for operational – not security – resources may leave them under-prepared for opportunistic cybercriminals looking to capitalise on potential vulnerabilities.”
3. “The retail sector will have to keep a close eye on cyber security, too. According to recent PCI Pal research, 79% of UK consumers plan to continue shopping online for some or most of their retail needs even after the COVID-19 pandemic is over. This presents both good and bad news for retailers. On the one hand, consumers aren’t showing any signs of online shopping fatigue. On the other, retailers will need to take extra steps to secure online and other digital shopping channels in 2021 or risk suffering a data breach. With a significant 74% of UK consumers reporting they’ll stop shopping with a brand for several months in the event of a breach, this could have long-term consequences for revenue and customer loyalty.”
4. “2020 saw a rise in phishing and social engineering attacks, with cybercriminals taking advantage of COVID-19 fears and remote work to steal sensitive data from vulnerable personnel.
This trend is likely to continue into 2021, and unfortunately, data breaches are likely to rise with them as bad actors begin to make use of the stolen data. Companies should ensure their employees are continuing to practice safe cyber security behaviours, varying passwords across different accounts, verifying links and attachments before clicking on them and exercising extra caution when sharing any sensitive financial or personal information online or over the phone.”
5. “Privacy regulations are still weaker than they need to be to address the lax security culture and current cyber security threat environment. Yet somehow, many organisations are still struggling to clear the current bar, and remote work hasn’t made this any easier.
In 2021, it’s time for a compliance refresh. While the ways in which companies collect and use data should still be the same, they likely need to enact new security measures and tools to ensure employees and compliance officers can handle and access data securely at home.”
Concludes Geoff Forsyth: “2020 turned the business world and much of the rest of our lives upside down. In 2021, businesses will need to be prepared for the unexpected and take extra steps to secure their data whether working from home or in the office to rebuild.”
Geoff Forsyth is CISO at PCI Pal
PCI Pal is a leading provider of SaaS solutions that empower companies to take payments securely, adhere to strict industry governance, and remove their business from the significant risks posed by non-compliance and data loss. Our mission at PCI Pal is to safeguard reputation and trust by providing our customers with secure Cardholder Not Present payment solutions for contact centres and businesses.
Our products secure payments and data in any business communications environment including voice, chat, social, email, and contact centre. We are integrated to, and resold by, some of the worlds’ leading business communications vendors, as well as major payment service providers.
The entirety of the product-base is available from our global cloud platform hosted in Amazon Web Services (“AWS”), with regional instances across EMEA, North America, and ANZ. PCI Pal products can be used by any size organisation globally, and we are proud to work with some of the largest and most respected brands in the world.
For additional information on PCI Pal view their Company Profile