True North Networks Blog
2019 Cybersecurity Trends That Are Here To Stay
2018 has been a good year for cybersecurity so far, for organizations that have recently updated their systems to include automation, orchestration, and case management in a centralized platform relevant to their industry. For the rest - it's fair to say the past two years haven’t been too great.
We witnessed a number of high-profile cyber attacks; including the Emotet malware attack on Allentown City Council, SamSam ransomware attack on the Colorado Department of Transportation, Equifax, Deloitte and the notorious WannaCry ransomware attack. The number of attacks continue to rise regardless of the constant flow of security updates and patches which raises the question - will 2019 be better or worse than 2018 and 2017? It’s best to stay ahead and learn about 2019 cybersecurity trends that are here to stay.
- Full-lifecycle incident management
Organizations are now investing in turn-key integrations that primarily intake events from a source system and make them available for incident management, investigation and security operations. The Connectors in these security systems are developed with each partner to ease implementation and provide bi-directional data flow from technology alliances that offer factory support from both sides.
An increasing number of cyber criminals appear to have shifted their attention to ransomware. Ransomware works because it depends on on users’ negligent security practices. Given that a large percentage of internet users do not follow best practices – it’s predictable that most cyber criminals in 2018 are turning to it for their source of income. We shouldn’t undervalue the potential damage IoT ransomware could cause in 2019. For example, hackers may target serious structures such as city power grids. If the target city fails or refuses to the pay the ransom on time, the attackers can completely shut down the grid. Alternatively, since many cities and homes are opting for smart technology in 2018 and 2019 like automatic factory lines, smart TVs and more, hackers can target factory production, smart cars, home appliances such as smart fridges, smart ovens and more.
- Attacks powered by Artificial Intelligence
AI/Machine Learning software has the aptitude to ‘learn’ from the consequences of former events to help forecast and classify cybersecurity threats. According to a 2018 report, AI is used by roughly 87% of US cybersecurity professionals. Hence, it works as a double-edged sword as hackers can use the same AI to unveil sophisticated cyber attacks. What can organizations do about this ? Well, the artificial intelligence (AI) built into security systems like D3 transforms incident data and prior responses into a proactive and dynamic security posture. With machine learning and AI-driven response, security teams can automate triage and prioritization, while reducing false positives by up to 91%.
- GDPR compliance post 2018
The General Data Protection Regulation (GDPR), which will come into effect on May 25, 2018 is applicable to all organizations no matter where it is headquartered globally, that intentionally screens the behavior of individuals inside the European Union (EU), or offers goods and services to the EU. It offers an innovative framework for data protection with amplified responsibilities and obligations for organizations including elevated rights for data subjects, larger territorial scope and stringent consent laws. For global organizations that fail to adapt to this change, fines for non-compliance can reach up to 20 million Euros or 4% of worldwide annual turnover, whichever is greater. By early 2019, around 80% of multinational companies may fail to comply with GDPR if they do not understand modern Data Protection regulations.
- Advanced systems for digital investigations
To manage tasks, deadlines and processes, mix of spreadsheets, email and homegrown solutions will not meet the needs of complex digital investigations in 2019. Companies need to adopt a flexible, end-to-end guided investigation procedure, with automated deadline and SLA tracking, contextual instructions, and stage-based workflows that keep users focused on relevant data and features.
- The rise of national level attacks
The rise of national cyber-attacks is one of the most disturbing areas of cyber security. These attacks go beyond financial interests and are politically driven. In the near future, attacks will be designed to obtain intelligence and data to thwart the objectives of any country or political entity. They can be used to target electronic voting systems and user preferences on social media to manipulate public opinion in a particular way. Since national cyber security attacks are sophisticated, targeted, well-funded and have the potential to be extremely disruptive, Governments must safeguard their internal networks by isolating them from the internet and carry out extensive security checks on all staff members. Governments should never acquire and use technology or software from untrusted sources. For example, the U.S. Government banned Kaspersky software in all government agencies over concerns of Russia’s probable influence.
While threats and risks continue to pile up, the good news is the challenges we are about to face in 2019 aren’t insurmountable. The crucial aspect of managing them successfully is staying up-to-date with security systems, understanding possible future threats and pacing back to comprehend big-picture trends that are driving them.