If 2020 has taught us anything, it’s that trying to predict upcoming threats and opportunities is like playing roulette – don’t bet anything you can’t lose, hedge your bets on broader chances rather than specific shots and still be prepared for the casino to burn down. However, as challenging as 2020 has been, it’s not certain that 2021 will be smooth sailing either, especially when it comes to cybersecurity and compliance. Businesses need to understand the changing threat landscape and take steps to guard themselves against it. PCI Pal’s CISO Geoff Forsyth outlines his predictions and considerations for the new year.
Many companies around the world will make their temporary move to remote work permanent in 2021. The mere thought of commuting and putting on pants again is just too much to bear! But for industries like contact centers that weren’t built for homeworking prior to COVID-19, new cybersecurity considerations will be necessary to ensure continued security at home. These include improving encryption of data and descoping call agents from as much personal and payment card data as possible.
The most vulnerable in 2021 will be the companies that have taken the biggest hit in 2020, such as travel and hospitality. But the struggles of this year will be nothing compared to what they’ll face in 2021 if they don’t step up cybersecurity efforts. As people come out of hibernation, these sectors will experience heavy traffic, taking in a huge flood of personal and payment card data. But a squeeze on resources and surge in demand for operational – not security – resources may leave them under-prepared for opportunistic cybercriminals looking to make a quick buck (or a thousand).
The retail sector will have to keep a close eye on cybersecurity, too. According to recent PCI Pal research, 70% of consumers plan to continue shopping online for some or most of their retail needs even after the COVID-19 pandemic is over. This presents both good and bad news for retailers. On the one hand, consumers aren’t showing any signs of online shopping fatigue! On the other, retailers will need to take extra steps to secure online and other digital shopping channels in 2021 or risk suffering a data breach. With 70% of consumers reporting they’ll stop shopping with a brand for several months or even permanently in the event of a breach, this could have long-term consequences for revenue and customer loyalty.
2020 saw a rise in phishing and social engineering attacks, with cybercriminals taking advantage of COVID-19 fears and remote work to steal sensitive data from vulnerable personnel. This trend is likely to continue into 2021, and unfortunately, data breaches are likely to rise with them as bad actors begin to make use of the stolen data. Companies should ensure their employees are continuing to practice safe cybersecurity behaviors, varying passwords across different accounts, verifying links and attachments before clicking on them and exercising extra caution when sharing any sensitive financial or personal information online or over the phone.
- Privacy regulations are still weaker than they need to be to address the lax security culture and current cybersecurity threat environment. Yet somehow, many organizations are still struggling to clear the current bar, and remote work hasn’t made this any easier. In 2021, it’s time for a compliance refresh. While the ways in which companies collect and use data should still be the same, they likely need to enact new security measures and tools to ensure employees and compliance officers can handle and access data securely at home.
2020 turned the business world and much of the rest of our lives upside down. In 2021, businesses will need to be prepared for the unexpected and take extra steps to secure their data whether working from home or in the office to rebuild.
Contact PCI Pal today to learn how our secure payment solutions can protect customer data and your business from whatever 2021 may bring.
About PCI Pal:
PCI Pal® is a leading provider of SaaS solutions that empower companies to take payments securely, adhere to strict industry governance, and remove their business from the significant risks posed by non-compliance and data loss. Our mission at PCI Pal is to safeguard reputation and trust by providing our customers with secure Cardholder Not Present payment solutions for contact centres and businesses.
Our products secure payments and data in any business communications environment including voice, chat, social, email, and contact centre. We are integrated to, and resold by, some of the worlds’ leading business communications vendors, as well as major payment service providers.
The entirety of the product-base is available from our global cloud platform hosted in Amazon Web Services (“AWS”), with regional instances across EMEA, North America, and ANZ. PCI Pal products can be used by any size organisation globally, and we are proud to work with some of the largest and most respected brands in the world.