From COVID-inspired phishing attacks to vulnerabilities associated with remote work environments, 2020 has challenged businesses and cybersecurity professionals in ways no one could have predicted. Fortunately, there are trends you can plan for as we head into the second half of the year.

2020 has thrown many new and unexpected obstacles our way, with virtually no industry overlooked. Organizations have had to pivot drastically to accommodate remote working capabilities; phishing attacks have increased 350 percent during the COVID-19 pandemic; and many small businesses have had to close their doors forever.

While unexpected setbacks can— and will— occur, we can still look to the past, particularly data, for insight into what the second half of 2020 may bring. The following are cybersecurity trends that organizations can educate themselves about and plan for.

1. Cybersecurity professionals shortage— This will come as a surprise to few. Skilled cybersecurity professionals have been in high demand and short supply for years, and experts anticipate that trend will continue. A lack of trained experts means an increase in successful data breaches. By 2021, Cybersecurity Ventures predicts 5 million cybersecurity jobs will remain unfilled globally.
2. Increased cybersecurity spending— Because of the widening skills gap, organizations are left no choice but to invest more heavily in cybersecurity measures. COVID-19 has also made organizations more concerned about enterprise security, given the sharp rise in cyber attacks since the pandemic began. By 2023, enterprises are predicted to spend $12.6B on cloud security tools (up from $5.6B in 2018) and $1.63B on cloud security solutions (up from $636M in 2020); and $24.6B (up from $18.3B in 2020) on infrastructure protection. Endpoint security tools, which are 24 percent of all IT security spending, will reach $128B globally in 2020.
3. Adapting and changing security processes— In a post-pandemic world, endpoint protection (which is the origin of 70 percent of successful breaches), ransomware and phishing education, and remote working guidelines are more important than ever. Users working from home are more likely to click on phishing emails, and their personal computers and networks do not have enterprise-level security. Organizations from all industries will need to adapt to the new threat landscape and instate tighter policies and procedures around data protection and loss prevention, user awareness, backups, and supply chain security.
4. IoT security— Internet of Things devices will continue to be popular and increase in number within the healthcare industry, critical infrastructure, public and private businesses, and personal use. 5G and advanced computing technologies boost data transport speeds and reduce data latency, which make them highly attractive to a fast-paced society used to having a world of data at its fingertips. The International Data Corporation (IDC) estimates that there will be 6 billion connected IoT devices by 2025— all the more reason to invest in their security now. Organizations that build secure hardware and software systems will be able to more efficiently control any potential data breaches related to IoT.

The trends above are not new, though the challenges they present continue to become more difficult and costlier to contend with. COVID-19 has pressed many organizations to their breaking point, or, at the very least, has thrown several curveballs their way. Although the pandemic was largely unexpected, its long-term effects on IT security can be measured and predicted. Organizations should not forget about IT security during this time and should, instead, invest more heavily (and smartly) in the people, processes, and technologies that will keep data and systems secure.

2020 Cybersecurity Trends was originally published on LinkedIn by Securance President Paul Ashe.