41 minute read




The predictions focus primarily on key learnings from the past year, as well as anticipated trends and areas of clear business necessity. At the core of these forecasts, Alteryx identifies better use of data analytics and process automation, in addition to investments in upskilling as areas which are pivotal to aiding sustained growth in the digital age.

Businesses must be on the right side of the analytic divide

Like the much-publicized ‘digital divide’, an ‘analytic divide’ is also starting to emerge. Many companies were driven to invest in analytics due to the pandemic, while others were forced to cut anything they did not view as critical, simply to keep the lights on – and a proper investment in analytics was, for these organisations, one of the first items on the chopping block. This means that the analytic divide will further widen in 2021, and this trend will continue for many years to come. Without a doubt, the winners and losers in any industry will continue to be defined by those that are leveraging analytics and those that are not.

Data democratization and synergy between teams will become the new norm

It is the job of the Chief Data Officer (CDO) to ensure expansion of growth across the entire business. This can be achieved by providing structured data that people can actually use. A successful CDO should democratise data so that it is accessible and understandable by people. A good CTO will complement the CDO by creating the necessary tooling to find the required data. This means giving users a set of visualisation and reporting tools that allow them to identify trends and key learnings. The new year will bring closer collaboration between these two roles, driven by sheer necessity. If a business has tools with ‘bad’ data, data challenges are exacerbated. If there are limited tools, only a small subset can exploit that data for the good of the organisation and the audiences it serves.

Citizen data scientists will play a bigger role in preventing cyberattacks

Using a powerful analytics platform that enables machine learning capabilities is crucial to detecting and addressing cybersecurity threats more rapidly, providing the ability to examine large volumes of data, identifying patterns and deliver actionable intelligence. With the further democratisation of data, industries will witness citizen data scientists increasingly playing a key role in helping security teams enhance and simplify their cyber defense technologies by precisely detecting future attacks, proactively identifying security blind spots across the network and protecting valuable company information.

The zero-trust approach to security will be a responsibility for all to bear

The work-from-anywhere concept has created an opportunity for CISOs to consider strategic approaches for managing non-traditional security risks. To accommodate this shift, corporate security departments will begin expanding the perimeter into employees’ homes to ensure that cyber risks are not unknowingly introduced into the corporate network. CISOs must work with HR teams to increase employee awareness of cybersecurity measures, proactively recognising and reporting risks. CISOs adopting the zero-trust model will be able to improve secure access to corporate resources through continuous assessment and intent-based authentication policies.

AI-driven supply chain analytics will help businesses see around corners

The pandemic has made it clear that the world still depends on robust manufacturing and supply chains. As businesses gear up not just to survive, but to thrive in the era of social distancing, predictive analytics will further emerge as a crucial tool for mitigating risks, managing volatility and offsetting risk. During the height of the pandemic, businesses saw their forecasting models and processes simply break down. With supply chains more complex and dynamic than ever, moving forward it will be crucial that they are augmented, automated and enhanced through the support of analytics processing that matches their sophistication.

The greater focus on data and analytics is here to stay

COVID-19 forced organisations to address an enormous number of challenges and in doing so, drove an intense focus on data and analytics to provide much-needed insight. From genome sequencing and understanding the virus, its mutations and spread, to anticipating the needs of healthcare workers and managing the rollout of government aid – all of this was made possible by the analysis of data. With the virus also shedding light on other areas more improvement, organisations are now more acutely aware of how data analytics and automation can solve not only business, but also some of humanity’s greatest challenges.



2020 provided a glimpse of just how much AI is beginning to penetrate everyday life. It seems likely that in the next few years we’ll regularly (and unknowingly) see AI-generated text in our social media feeds, advertisements, and news outlets. The implications of AI being used in the real world raise important questions about the ethical use of AI as well.

So as we look forward to 2021, it is worth taking a moment to look back at the biggest stories in AI over the past year.

GPT-3: AI Generated Text

Perhaps the biggest splash of 2020 was made by OpenAI’s GPT-3 model. GPT-3 (Generative Pretrained Transformer 3) is an AI capable of understanding and generating text. The abilities of this AI are impressive — early users have coaxed the AI to answer trivia questions, create fiction and poetry, and generate simple webpages from written instructions. Perhaps most impressively, humans cannot distinguish between articles written by GPT-3 and those written by humans.

Although GPT-3 is not yet approaching the technological singularity, this model and others like it will prove incredibly useful in the coming years. Companies and individuals can request access to the model outputs through an API (currently in private beta testing). Microsoft now owns the license to GPT-3, and other groups are working to create similar results. I expect we’ll soon see a proliferation of new capabilities related to AI’s that understand language.

AlphaFold: Protein Folding

Outside of Natural Language Processing, 2020 also saw important progress in biotechnology. Starting early in the year, we got the rapid and timely advancement of mRNA vaccines. Throughout the year, clinical trials proved these to be highly effective. As the year came to a close, another bombshell — DeepMind’s AlphaFold appears to be a giant step forward, this time in the area of protein folding.

This fall, the latest version of AlphaFold competed against other state-of-the-art methods in a biennial protein folding prediction contest called The CASP Assessment. In this contest, algorithms were tasked with converting amino acid sequences into protein structures and were judged based on the fraction of amino acids positions the model predicts correctly within a certain margin. In the most challenging Free-Modeling category, AlphaFold was able to predict the structure of unseen proteins with a median score of 88.1. The next closest predictor in this year’s contest scored 32.4. This is an astonishing leap forward.

Going forward, scientists can use models like AlphaFold to accelerate their research on disease and genetics. Perhaps at the end of 2021, we’ll be celebrating the technology that work like this enabled.

Democratising Deep Learning

As highlighted above, deep learning — the primary method underlying many state-ofthe-art Ais — is proving useful in domains as disparate as biology and natural language. Efforts to make deep learning more accessible to domain experts and practitioners is accelerating the adoption of AI in many fields.

Anyone with an internet connection can now generate a realistic but completely fake photograph of a human face. Similar technology has already been used to create more realistic — and more difficult to detect — fake social media accounts in disinformation campaigns, including some leading up to the 2020 U.S. election. And OpenAI is planning to make the capabilities of GPT-3 available to vetted users through a comparatively easy-to-use API. There is genuine concern that as deep-learningenabled technology becomes more accessible, it also becomes easier to weaponise.

But pairing AIs with human domain experts can also be leveraged for good. Domain experts can steer the AIs towards impactful, solvable problems and diagnose when the AIs are biased or have reached incorrect conclusions. The AIs provide the ability to rapidly process enormous volumes of data (sometimes with higher accuracy than humans), making analyses cheaper and faster, and unlocking insights that might otherwise be out of reach. User-friendly tools, APIs, and libraries facilitate the adoption of AI, especially in fields that can leverage already well-established techniques such as image classification.

AI Ethics

One of the interesting consequences of AI and ML systems becoming more readily accessible has been the resulting shift of priorities in the field of AI Ethics.

What stands out about the field of AI Ethics in 2020 is not any single achievement or breakthrough, but rather the sheer amount of work that was done in re-orienting and focusing attention towards topics of immediate concern. These include questions ranging from how to deal with racial and gender biases in datasets to inequities resulting from lowpaid gig work labeling the very data used to train algorithms.

Some of these issues are now being confronted because of increasing interaction with AI systems but the other driving factor has been a small but dedicated group of researchers, often from groups that are underrepresented in the broader AI community, who have not only been sounding the alarm about these ethical concerns but have also been pushing for increased diversity and representation in the field itself.

Despite all the progress that has been made so far, a large uphill battle remains. At the beginning of December, Google fired its ethical AI co-lead, Timnit Gebru. The news has been unsettling for the broader Ethical AI community, not only because Gebru was attempting to publish a research study on the environmental consequences of training large scale language models (core to Google’s business) and the issues regarding lack of diversity that have been exposed as a result of the review process, but also because the incident raises questions about how the academic research community should relate to industry.

Nevertheless, the accomplishments in this burgeoning field lay the groundwork in determining for whom and for what AI should get used.

Looking towards 2021

At the start of 2020, some researchers expressed concerns that AI research may soon be entering another winter, in which progress reaches a standstill and both interest and funding dry up. While the novelty and excitement surrounding deep learning may indeed be wearing off, it is certainly interesting to note that two of the more exciting breakthroughs in 2020 were GPT-3 and AlphaFold, both of which leveraged existing theoretical approaches, but greatly advanced the practical applications of AI algorithms in their respective domains. Moving forward, we suspect focus will shift towards making it possible to learn from smaller amounts of data, while improving generalisability and interpretability, all in service of making AI models more practicable.

Human domain experts will also continue to play an important, if different, role, as democratisation efforts continue to push AI capabilities into new fields. As these changes continue to change the landscape in which AI is deployed, and the methods by which we interact with such systems, we’re also likely to see continued focus on pragmatic problems with real societal impacts, and continued discussions about the role of AI in society.

In any case, practical applications appear to have substantial room before they exhaust the available theoretical advances. And unlike prior decades, the penetration of AI into society and the promise of attainable pragmatic solutions seems likely to sustain AI progress for the foreseeable future.


In recent years threat hunting has become much more widely adopted, but today the definition of threat hunting is still quite a controversial topic. Threat hunting is the art of finding the unknown in your environment, going beyond traditional detection technologies, with active cyber defence activity, proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.

An essential part of security operations centre (SOC) services, threat hunting should be incorporated at an early stage. However, even though organisations have been threat hunting for a number of years now, with the job of ‘threat hunter’ being defined about five or six years ago, adoption and use is still quite a hotly debated topic. This is one of the reasons why we recently sponsored this year’s SANS 2020 Threat Hunting Survey, to see if this would shed more light on how organisations are using threat hunting and how valuable it is proving to be.

Threat hunting is being utilised to tick the compliance box

Whenever introducing new threat hunting strategies to find malicious activities, there are various methods that organisations can utilise. The SANS survey found that some companies define how their threat hunting operations need to work and build up teams to meet these goals. Unfortunately, the other stillquite-common approach is to run threat hunting operations with what organisations already have. Instead of defining goals that threat hunting needs to deliver the maximum value to the organisation, they define threat hunting as simply having some form of threat hunting in the business, classifying it as an activity for existing teams to adopt. While this approach might still render results, these will not be as beneficial to the organisation and

its security posture as they could be. SANS frequently sees this approach at compliance-driven IT organisations whereby some standards require them to have threat hunting in place, which prompts them to set up a form of threat hunting simply to tick that box.

Security professionals state that threat hunting has strengthened their company’s defences

Interestingly, in the recent VMware Carbon Black 2020 Global Threat Report which interviewed over 3,000 IT leaders from 13 different countries, it found that threat hunting teams were starting to formalise their processes and procedures, and that trends were moving in the right direction for the industry overall. 80% of respondents stated that attacks had become more sophisticated, however respondents also said unequivocally that threat hunting was paying dividends and increasingly being recognised for its value in identifying malicious actors already in the system. When asked “In the last 12 months did your company’s threat hunting achieve a goal of strengthening its defences against cyberattack and did the threat hunting find malicious cyberattack activity you would not have ordinarily found?” 88% of respondents said they are using it as part of their cybersecurity strategy and that it was proving effective with 86% saying it had strengthened their company’s defences.

The difference between threat hunters and incident responders

However, the SANs report found that many organisations were tagging threat hunting activities onto the incident responder’s role. Undoubtedly there are commonalities and differences between threat hunting and incident response. While threat hunting comes in various shapes and forms, the most sophisticated way of threat hunting is hypothesis-based hunting. In this case, the hunter envisions an attack scenario that might have happened in the organisation. That scenario leads to a hypothesis that subsequently must be tested. Testing that hypothesis usually requires intimate knowledge about the suspected attack path as well as the right toolset and visibility to either accept or reject the hypothesis.

Incident responders usually know that an attack occurred, then start their investigation with limited knowledge about the attack path. This results in incident responders extending their knowledge about the attack and establishing visibility to investigate further. The tools and techniques for this overlap broadly between incident response and threat hunting. For that reason, it tends to be beneficial to use incident responders when building up threat hunting operations. However, over time the incident response-led approach should transform into a dedicated threat hunting team.

A lack of automation and frequently switching applications all impact the hunt

The report also found that there does appears to be a significant gap in the use of automated tools to aid in the curation of useful and applicable threat intelligence. And that most threat hunters are not full-time threat hunters but split their time with other responsibilities. The trend to staff threat hunting operations with incident responders and SOC analysts was also very prominent. While incident responders may be very familiar with the task of finding new, unknown threats, SOC analysts might have difficulties deviating from their routine of analysing alerts to actively searching for signs of a breach.

The report found that what threat hunters struggle most with are frequent context switches, as only a few respondents said that they never need to switch tools while doing their job. So, jumping between applications is one area that has a huge potential for improvement and increased efficiency. What also factors into efficiency is that a high proportion of respondents (36.3%) are manually applying the threat intelligence they have collected. One of the reasons appears to be that almost half of the respondents don’t store threat intelligence in a platform but rather they are using traditional file-based methods such as spreadsheets or PDFs.

Finding a common understanding of threat hunting

I found it surprising that half of the respondents said that they see no value in hunting for new or unknown threats because uncovering unknown threats is one of the main arguments for threat hunting, while daily threats can be met by a SOC.

In summary and to move forward, we need to establish a common understanding of threat hunting, improve tools that reduce context switches, automate the process and make threat hunting more measurable. Low-hanging fruit for many respondents would be to switch their intelligence management from document-based to an open-source or commercial platform to make threat intelligence easier to consume, evolve and apply.

Threat hunting is becoming more pervasive in the industry, but its general value is still not widely understood, nor is there a gold standard for threat hunting today. If you are interested why not download the SANs Threat Hunting Report 2020 by clicking here [insert link].


Since the rise of the Internet, businesses have been forced to continually shift their strategies to effectively compete in the digital marketplace. From on-demand to subscription-based offerings, all digital business models center on the use of various technologies to improve operational efficiency and the customer experience, thereby enhancing their overall value.

But while digital-first strategies are proving to be beneficial across all business sectors, it is ecommerce that stands out as one of the most widely used models available. This was especially true in 2020, as many shifted to online shopping as a result of the COVID-19 pandemic. In fact, it is predicted that global B2C ecommerce sales will reach $4.5 trillion by 2021.

Security Risks Impacting Digital Business

Digital business models such as ecommerce have become a critical component of the global economy, but they do not come without their own set of risks. As organisations rush to digitise, cybersecurity is often left out of the equation for the sake of saving time and initial costs. However, when security is not weaved into the framework of a digital strategy, organisations may end up losing the resources that they had initially fought to save. This fact alone should be of concern for any digital business, especially those in the ecommerce space.

A rise in online shopping has led to increased web traffic, something cybercriminals have been all too quick to exploit. And in 2020, this issue only grew more significant, further impacting the security of ecommerce sites. Between September and October alone, the FortiGuard Labs team saw a 140% increase in attempted attacks targeting this space. With the knowledge that more people are shopping online now than ever before, cyber criminals have taken advantage of the increase in virtual queues and slow web processing times.

With digital transformation comes the expansion of the threat landscape, presenting various opportunities for cybercriminals to target unsuspecting individuals. One strategy that threat actors have adopted is placing ads or links

on trusted websites to lead shoppers away from their secure browsing experience, usually with the promise of a great deal. Upon arriving at the fraudulent site, shoppers will be directed to enter access credentials – including a username and password – that a cybercriminal can then use on the real website to steal personal information.

Through the deployment of phishing, malware, and man-in-the-middle attacks, and by leveraging Rogue Access Points (APs), cyber criminals can further their attempts to exploit wireless or proxy servers. Often, the goal here is to gain access to payment card information that can be used to fund other efforts. And while cyberthreats such as these are unfortunately common across digital businesses in general, the lack of security measures across many ecommerce sites is particularly concerning considering the large portion of the public that shops online without understanding the potential risks.

Taking Steps to Secure Digital Experiences

The ecommerce space is extremely profitable, which is exactly why cybercriminals target these types of businesses. They rely on the fact that most individuals do not ask themselves, “How do I know if this online shopping site is safe?” For this reason, it is up to the business to implement strategies that will enable secure transactions from behind the scenes, stopping threat actors in their tracks before they can even reach customers. Below are just a few ways in which this can be accomplished: • Ensure Compliance: Meeting compliance standards is one of the most basic, yet critically important, ways that ecommerce sites can protect their customers. By taking certain steps, businesses can ensure they have laid a partial framework for combatting cyberthreats – this often means not storing more data than is necessary. Major cybersecurity-related regulations that ecommerce sites should comply with include: Payment Card Industry Data Security Standard (PCI-DSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and International Organisation for Standardisation (ISO). • Confirm Infrastructure is Up to Date: Unsurprisingly, outdated security is a top reason for repeated attacks. This often comes with basic misconfigurations on storage buckets and public cloud computing access systems, resulting in vulnerabilities that can be easily exploited. And while this is undoubtedly an issue across all types of digital businesses, having up-to-date infrastructure within ecommerce is especially critical due to the complexity of these sites. In some scenarios, this could be as simple as upgrading a plugin, but in other cases, entire systems and websites may have to be updated to effectively manage vulnerabilities. In other words, there is not a one-size-fitsall solution, and requirements will vary on a case-by-case basis. •Require Strong Passwords: Both ecommerce sites and digital businesses in general should require customers to create passwords that cannot be easily guessed by cybercriminals. While this can come in the form of general recommendations (i.e., discouraging the inclusion of phone numbers or birthdays), it can also mean rejecting certain passwords altogether. To be effective in their security goals, websites should require passwords that contain at a minimum 8 characters, including a combination of numbers, symbols, and uppercase and lowercase letters. Further, it is recommended that users leverage random word combinations (the revised passphrase method) or transform sentences into a password (the Bruce Schneier method). Above all, remember that length and obscurity is key. • Maintain Updated SSL/TLS Certificates: While maintaining an updated SSL/ TLS certificate is essentially tablestakes for ecommerce merchants due to PCI and other industry regulations, it is critical nonetheless and doing so allows businesses to realise a number of benefits. From a security standpoint, they help ensure their websites can stand up to cyberthreats, exploits, and website misuse while also keeping customer data secure by enforcing end-to-end encryption of data. From a reputational standpoint, the inclusion of “HTTPS” at the beginning of their page URL creates a sense of trustworthiness that will help customers feel more confident in the security of their digital experience. From a business standpoint, HTTPS allows for use of more powerful web platform features and API integrations that require permissions to execute such as Geolocation services.

While these strategies are all crucial to the security of digital businesses, each one cannot stand on its own. Instead, security teams must weave a framework of tactics such as these to deliver the highest level of protection to keep their organisations and their customers secure.

Final Thoughts on Securing Digital Business

Digital transformation continues to change the way we do business, as well as what customers have come to expect. This is especially true across the ecommerce space. With more of the public shopping online now than ever before, businesses must ensure their websites can handle this influx of traffic, both from a performance and security standpoint. While there is no single foolproof way to manage ecommerce site security, businesses that take care to consider the basics when working to protect their customers set themselves up for success versus those that look to cut corners.



As children we are taught to practice caution to ensure our safety and security are not compromised. Now that most of our daily activity is online, businesses need to take the same level of precaution that we did as children, albeit in a more sophisticated and digital manner.

There have long been a number of myths, or preconceptions adopted by the IT industry that have led to poor data practices, leaving them wide open to a myriad of issues.


Although our rapidly advancing technology continues to help protect businesses against ransomware, it would be naïve to assume that ransomware is not simultaneously keeping up. The cost of ransomware is on the rise, and estimates state that global costs will reach $20 billion by next year; an increase from their predicted damages of $11.5 billion in 2019 and $8 billion in 2018. In the last year alone, 49% of organisations surveyed in the UAE had witnessed a ransomware attack.

We’re also seeing an exponential increase in ransomware payments. According to one company, ransomware encryption fees went up 33% in the last quarter alone and are now on average around $110k. Travelex is even reported to have paid hackers a huge $2.3m in an attempt to recover from an attack in January which was instrumental in eventually forcing the company into administration.

We’re seeing the same threats that organisations have faced for years, now evolving with tactics that capitalise on world events to facilitate their effectiveness. The increase in remote working due to the global pandemic is one example of this; significantly amplifying the risks businesses face from these threats, and making the need for effective cyber resilience essential.

It is likely that cyber resilience strategies are lacking key elements, with some organisations not having a strategy at all - Security leaders need to invest in strategies that build resilience, while moving at the same pace as digital transformation.

When it comes to protection, raising user awareness across the whole business is of paramount importance. Arming employees with the knowledge they need to practice secure email and browsing habits can prevent many ransomware attacks from succeeding. Protection also involves backing up data securely, reliably and automatically. The strongest position to be in is one where you can just walk away from attackers because you have another clean and safe copy - backup and recovery solutions can give you this.

Protection is only one element of a

comprehensive data strategy, something that has always been a necessity is compliance – an area where many have struggled to distinguish myth from fact.


Despite months of publicity surrounding the General Data Protection Regulation (GDPR), including the potential benefits of compliance, very few organisations were actually ready for the designated deadline, with many of the view that this would merely be an arbitrary law with little consequence. This led to many businesses scrambling to catch up, both before and after the implementation date.

One of the most common myths surrounding GDPR is that it only applies to companies that store or processes personal information about EU citizens within EU states. This view doesn’t go anywhere near far enough, however. Even if your business is GDPR compliant, you must ensure suppliers and contractors are also GDPR compliant – regardless of where they sit in the world.

Many ended up falling into this trap, which had led to overconfidence, poor risk assessments, wasted effort and ultimately noncompliance. It’s easy to forget that the new regulations are a unique opportunity for businesses to improve data protection practices and help to prevent cybercrime.

In the Middle East, the recent DIFC Data Protection Law, Law No. 5 of 2020 (DIFC DP Law) came into force on 1 July 2020 and, as of 1 October 2020, is now being enforced. The new DPL 2020 law will actively benefit companies in a range of ways. Not only will it ensure companies have to manage data more effectively to achieve compliance, it will also increase companywide efficiency, provide competitive advantage, and protection against malware attacks.

Compliance is most effective when organisations enter into the spirit of regulations, rather than trying to paper over the cracks in their systems in order to abide by the letter of the law. To truly engage with compliance, businesses need to implement good data management practices.

Data Storage

Another question to consider is, where is all the data actually stored? For most, the answer to this is in mega data centres. Hordes and hordes of data are stored in such facilities – where organisations adopt an ‘out of sight, out of mind’ approach. A large portion of this is actually considered as ‘dark data’ - data which is acquired through various dayto-day operations but not categorised for use to derive insights or for decision making. People also think that data centres are just ‘safe’ storage facilities – however maintaining the upkeep of the data in these centres has come into sharp focus in recent months. For instance, on average 52 percent of all data stored by organizations worldwide is ‘dark’ as those responsible for managing it don’t have any idea about its content or value.

Here in the UAE, dark data stood at around 47%, according to the 2019 Veritas Middle East Databerg Report. More recently, updated findings for 2020 revealed that 75% of the data stored by the surveyed organisations in the UAE is dark and ROT (Redundant, Outdated, Trivial information) – 42% being dark and 33% being ROT.

The associated belief is that this dark data is no longer required, so it has little value and therefore little impact on operations. What organisations need to remember is that they themselves are 100% responsible for all of it, whether it lives on premises, or has been outsourced via a third-party cloud provider. It’s important to remember that all data that is deemed worthy to keep hold of has tremendous value, if not to the organisation – then at the very least to hackers.

Much has been said about the financial cost of dark data, but the environmental cost has, so far, often been overlooked. In April this year Veritas estimated that 5.8 million tonnes of CO2 will be unnecessarily pumped into the atmosphere as a result of powering the storage of dark data this year alone. While, on average, 52 percent of all data stored by organisations worldwide is ‘dark’, analysts predict that the amount of data that the world will be storing will grow to 175ZB by 2025. This implies that, unless people change their habits, there will be 91ZB of dark data in five years’ time – over four times the volume we have today, with all the energy associated with powering the infrastructure in which the data lives. By simply managing and clearing out our dark data, we will be helping the planet.

When a more structured and responsible approach to data management is taken, there are countless potential rewards. Organisations that take a holistic view of their data can expect to see improved employee productivity, lower costs, more satisfied customers and increased compliance. When the correct approach is taken, data management stops being a cost to the business, and transforms into an asset that creates both value and unveils better business opportunities.

It’s time for organisations to understand that big data is a big responsibility. Properly managed data has the potential to make or break a business, providing benefits that begin with knowing where their data is located to utilising their data in a way that builds competitive advantage. With data being at the heart of every business, it’s time we start treating it and managing it with the weight that it deserves – and there’s no better time to do so than now.



The pandemic of 2020 has made the concept of remote teams and remote work collaboration a reality. Previously used by digitally mature and advanced organisations, like high-tech companies, the requirement of enabling mobile work triggered by the need for social isolation across much of 2020, has forced all organisations to adapt to this new reality.

Transformation of the physical workplace has been a logical consequence, whether at home or at the office.

Team members whether they are part of the family working at home, or employees when they are working from the office by rotation, will usually not sit at any one physical location. They need to be able to work equally well from any place in the office work area.

Wi-Fi network connectivity and power over the Ethernet networks (PoE) need to be ubiquitously available and scalable across such places of work. Flexibility and scalability of the Wi-Fi network access points, access to the Ethernet, and availability of Power over the Ethernet, are now prerequisites to support teams working in the “new normal”.

While places of work, whether they are supporting the family working and schooling at home, or employees at the office premises, are transforming, on a much wider scale, networks within buildings themselves are also transforming.

Just a few years ago, the convergence of voice into IP based, LAN data networks, was a high point of disruption and innovation. Since then, there has been a relentless trend into converging siloed networking systems into IP networks. Today, these include security systems, building management systems, access entry systems, biometric systems, digital signage, low voltage power, LED lighting.

This has spawned the term – ‘Everything over IP’ or an ‘All-IP’ approach in the convergence of isolated networks.

The benefits of this convergence of networks are many, fueling continuous industry innovation and end user adoption. Such, ‘Everything over IP’ networks, offer significant benefits ranging from savings in power, cost, time for installation, activation, modifications and upgrades of networks.

Such types of networks also reduce the chances of network failures and downtime and because of their ability to rapidly scale up or down, match today’s requirements demanded by agile organisations.

However, all these innovations and transformations are also putting pressure on the design and architecture of networks. These include: • Mapping the networks to match the functional distribution of workers. In others words, there should be more network points and connectivity, wherever there is more employee activity. Working areas with a high density of people and devices should also have the provision to provide higher network connectivity and power usage. • Creation of active consolidation points to allow networks to scale. Creation of

consolidation points allow the network to support an unlimited number of devices in theory. In practice, it means it should be possible to create additional network points on demand. • Fibre To The Office (FTTO), can be used to boost redundancy and longevity.

FTTO is a centralised LAN cabling technology that combines passive fibre cabling with active switches and requires no floor distributors or technical rooms.

Combining fibre and copper offers the advantages of a fibre infrastructure, while end user devices can be connected with a standard copper connection, guaranteeing no changes in usage and comfort for the end user. The concept of a digital ceiling solution is becoming increasingly relevant in digitally advanced buildings. The traditional LAN network is now being deployed vertically to support growing installation of ceiling access points, surveillance cameras, motion sensors, indoor atmospherics, amongst others. A digital ceiling approach combined with an FTTO solution could bring significant benefits in terms of flexibility and scalability to the building’s IT network infrastructure.

The benefits of such, single converged networks, that support the connectivity requirements of agile organisations, are being realised every day. Hot-desking and smart desking are now logical and functional solutions realised in the office workspace. For network administrators, managing a single network for operations, performance and efficiency offers huge time and cost savings.



At the beginning of the pandemic, along with the rapid rise of digital workplaces’ popularity, 40% of companies saw an increase in cyberattacks and only 30% of them declared they feel fully prepared to move to remote work. Even World Health Organisation noted that since the start of the pandemic it has seen fivefold increase in cyberattacks directed at its staff. The most common attack that internet users are likely to experience is phishing – about 90% of all cyberattacks’ attempts are based on impersonating other entities.

Many industry organisations and companies note that ever since the start of the pandemic they observed a significant increase in the cyberattacks. Phishing or scam attempts will usually promise something impossible yet very desired in return for our personal data. Before the user understands what is going on, it is usually too late because some damage has been already done.

The global chaos is a perfect playing field for the cybercriminals who usually do not hesitate to use their advantage in such situations. The fears for the health and safety of families might make the internet users an easier prey for them. But there are some steps that everyone can take in order to avoid unpleasant situations.

Watch out for phishing

The cybercriminals will try to impersonate various companies, delivery couriers, payment methods, e-stores or traditional stores. They might call, send emails, or text messages. Usually, they will state that there’s an incredible opportunity which needs to be taken advantage of very quickly (i.e, a sale or a discount), or highlight that there is some sort of danger which needs to be fixed quickly (i.e. to prevent your account from being blocked).

If the user is unsure about the authenticity of that email, they might want to avoid clicking links in the message and instead of that, log in to their account directly from their browser or check in with the customer support. Pay attention also to typos, punctuation, or weird grammar – usually, official messages from the company will not contain such omissions. To make sure that everything is alright, it is also worth contacting them directly, i.e, by phone.

Suspicious shop promotions

Many users are exposed to targeted advertisements in social media showcasing unique products or highlighting discounts. Among a variety of really interesting goods offered by many niche shops, it is often difficult for sellers to understand whether they can trust a particular e-store, especially if it’s located abroad.

In such cases, the user could look up reviews of the store to see what other buyers think about it. It is also helpful to take a look at the return policy and check the quality of its customer support. Payment methods that are available in the e-shop are also a good indicator of its trustworthiness. For example, if the user pays with PayPal and there is something wrong with the product or – worse – it never arrives at all, it is easy to dispute the unsuccessful purchase and receive the money back.

Other suspicious situations might involve a seller asking the buyer to transfer money through unofficial channels rather than the official payment method available on the website.

The companies also protect their customers

Customers should be careful at all times and be wary of offers that are too good to be true. The importance of the trusted payment method is highlighted in such situations, as the fintech companies not only help their customers in recovering the money when something goes wrong. They also continuously work to ensure the highest protection measures are used for money transfers, such as fraud prevention based on machine learning, throughout the efforts of in-house IT specialists or acquisitions, such as the purchase of Simility by PayPal in 2018, valued at $120 million.



On December 13, 2020, the cybersecurity industry learned nationstate threat actors had compromised SolarWinds’s Orion IT monitoring and management software and used it to distribute a malicious software backdoor called SUNBURST to dozens of that company’s customers, including several high-profile U.S. government agencies.

This SolarWinds-SUNBURST campaign is the first major supply chain attack of its kind and has been referred to by many as the “Cyber Pearl Harbor” that U.S. cybersecurity experts have been predicting for a decade and a half.

The campaign also represents a shift in tactics where nation state threat actors have employed a new weapon for cyberespionage. Just as the use of nuclear weapons at the end of WWII changed military strategy for the next 75 years, the use of a supply chain attack has changed the way we need to consider defense against cyber-attacks.

This supply chain attack operated at the scale of a worm such as WannaCry in 2017, combined with the precision and lethality of the 2014 Sony Pictures or 2015 U.S. government Office of Personnel Management (OPM) attacks.

Within hours of its discovery, the magnitude of the campaign became frighteningly clear to organisations responsible for U.S. national security, economic competitiveness, and even consumer privacy and security.

While some may argue that government agencies are legitimate targets for nationstate spy craft, the campaign also impacted private companies. Unlike government networks which store classified information on isolated networks, private organisations often have critical intellectual property on networks with access to the internet. Exactly what intellectual property or private data on employees has been stolen will be difficult to determine, and the full extent of the theft may never be known.

This type of attack also poses a threat to individuals and their families given that in today’s highly interconnected homes, a breach of consumer electronics companies can result in attackers using their access to smart appliances such as TVs, virtual assistants, and smart phones to steal their information or act as a gateway to attack businesses while users are working remotely from home.

What makes this type of attack so dangerous is that it uses trusted software to bypass cyber defenses, infiltrate victim organisations with the backdoor and allow the attacker to take any number of secondary steps. This could involve stealing data, destroying data, holding critical systems for ransom, orchestrating system malfunctions that result in kinetic damage, or simply implanting additional malicious content throughout the organisation to stay in control even after the initial threat appears to have passed.

McAfee believes the discovery of the SolarWinds-SUNBURST campaign will expose attack techniques that other malicious actors around the world will seek to duplicate in 2021 and beyond.

Weaponised AI Attacks on Cloud Platforms and Users

The COVID-19 pandemic has also hastened the pace of the corporate IT transition to the cloud, accelerating the potential for new corporate cloudrelated attack schemes. With increased cloud adoption and the large number of enterprises working from home, not only is there a growing number of cloud users but also a lot more data both in motion and being transacted.

McAfee cloud usage data from more than 30 million McAfee MVISION Cloud users worldwide shows a 50% increase overall in enterprise cloud use across all industries the first four months of 2020. Our analysis showed an increase across all cloud categories, usage of collaboration services such as Microsoft O365 by 123%, increase in use of business services such as Salesforce by 61% and the largest growth in collaboration services such as Cisco Webex (600%), Zoom (+350%), Microsoft Teams (+300%), and Slack (+200%). From January to April 2020, corporate cloud traffic from unmanaged devices increased 100% across all verticals.

During the same period, McAfee witnessed a surge in attacks on cloud accounts, an estimated 630% increase overall, with variations in the sectors that were targeted. Transportation led vertical industries with a 1,350% increase in cloud attacks, followed by education (+1,114%), government (+773%), manufacturing (+679%), financial services (+571%) and energy and utilities (+472%).

The increasing proportion of unmanaged devices accessing the enterprise cloud has effectively made home networks an extension of the enterprise infrastructure. We expect that widespread attacks will start weaponising AI for better efficacy against thousands of heterogenous home networks.

One example could be a widespread brute force attack against O365 users, where the attacker seeks to leverage stolen credentials and exploit users’ poor practice of re-using passwords across different platforms and applications. As many as 65% of users reuse the same password for multiple or all accounts according to a 2019 security survey conducted by Google. AI will be leveraged to exploit this practice at scale. Where an attacker would traditionally need to manually encode first and last name combinations to find valid usernames, a learning algorithm could be used to predict O365 username patterns.

Additionally, instead of launching a classic brute force attack from compromised IPs until the IPs are blocked, resource optimisation algorithms will be used to make sure the compromised IPs launch attacks against multiple services and sectors, to maximise the lifespan of compromised IPs used for the attacks. Distributed algorithms and reinforcement learning will be leveraged to identify attack plans primarily focused on avoiding account lockouts. While the volume of sensitive data in motion increases and enterprise cloud postures mature, we also predict that the attackers will be forced to handcraft highly targeted exploits for specific enterprises, users and applications.

The recent Capital One breach was an example of an advanced attack of this kind. The attack was thoroughly cloudnative, it was sophisticated and intricate in that a number of vulnerabilities and misconfigurations across cloud applications (and infrastructure) was exploited and chained. It was not a matter of chance that the hackers were successful, as the attack was very well hand-crafted.

McAfee believes attackers will start leveraging threat surfaces across devices, networks and the cloud in these ways in the months and years ahead.

New Mobile Payment Scams

Mobile payments have become more and more popular as a convenient mechanism to conduct transactions. A Worldpay Global Payments Report for 2020 estimated that 41% of payments today are on mobile devices, and this number looks to increase at the expense of traditional credit and debit cards by 2023. An October 2020 study by Allied Market Research found that the global mobile payment market size was valued at $1.48 trillion in 2019, and is projected to reach $12.06 trillion by 2027, growing at a compound annual growth rate of 30.1% from 2020 to 2027.

Additionally, the COVID-19 pandemic has driven the adoption of mobile payment methods higher as consumers have sought to avoid contact-based payments such as cash or physical credit cards.

But fraudsters have followed the money to mobile, pivoting from PC browsers and credit cards to mobile payments. According to research by RSA’s Fraud and Risk Intelligence team, 72% of cyber fraud activity involved the mobile channel in the fourth quarter of 2019. The researchers observed that this represented “the highest percentage of fraud involving mobile apps in nearly two years and underscores a broader shift away from fraud involving web browsers on PCs.”

McAfee predicts there will be an increase in “receive”-based mobile payment exploits, since they provide a quick mechanism for fraudsters that combines phishing or smsishing messages with payment URLs.

This could take shape in schemes where fraudsters set up a fake call center using a product return and servicing scam, where the actors send a link via email or SMS, offering a refund via a mobile payment app, but the user is unaware that they are agreeing to pay versus receiving a refund.

In the same way that mobile apps have simplified the ability to conduct transactions, McAfee predicts the technology is making it easier to take advantage of the convenience for fraudulent purposes.