The intensity and frequency of data breaches and cyber attacks are growing in such an alarming rate, and organizations and individuals all over the world can expect more of these this coming 2019. Below are the top 10 Cyber Security predictions that are expected to hit the online world this 2019 and continue to have an impact even beyond.
1. The Coming Pain of GDPR
May 25, 2018 has come and gone and many organizations breathed a sigh of relief because it was somewhat painless. Security processes were put in progress and they can say that they are on the way to a secure situation. But, does it mean everything is fine now?
Well, the world is still bracing for the first ever big GDPR penalty. Once it arrives, organizations will suddenly start to look seriously at the things they need to do. Big names including Facebook, Cathay Pacific, and BA have suffered some breaches just recently and these will result to different corporate cost levels, depending on the side of the deadline in May 25 they sit. This just means that General Data Protection Regulation is expected to have a significant effect in 2019.
2. Increase in Sabotage, Espionage and Crime by Rogue Nation-States
With the continuous failure of substantial UN, international, and national level repercussion and response, nation-state sponsored sabotage, cyber-crime, and espionage is expected to expand further. It is clear to see that many organizations have not been structured well to defend against these attacks that will succeed in getting through the defenses. The cyber security teams have to rely on techniques of breach detection.
3. Dark Ages of Single Factor Passwords
Single factor passwords are among the simplest and easiest keys to enter the kingdom combined with the failure to manage breached network privileges. Simple passwords serve as the number one tool attack vectors use, from the most inexperienced hackers up to the professional nation-state players.
Unfortunately, single factor passwords remain to be the main security protection for most organizations in spite of the ease and low cost deployment of the multi-factor authentication solutions. Sad to say, password-based breaches and password theft will continue as a day to day occurrence this coming 2019.
4. Insecure Clouds
2018 saw a growth of cloud insecurity and sadly, this will grow even more this 2019. Increasing amounts of data get deployed from different parts of organizations and most of these data end up unsecured. In spite of the continual publicity of repeated breaches, most organizations still fail to deploy and enforce good housekeeping across their entire cloud data estate.
5. Growth of Cyber Hygiene in companies
The unending shift of attack vectors from users to networks causes a reappraisal of ways of managing security. Driven partly by GDPR and partly by changes in boardroom awareness, most organizations are now belatedly recognizing that the weakest link they got is none other than their users.
Aside from the increased awareness of insider threats from malicious current and previous staff, there is also an ever growing recognition that cyber training and awareness among staff is a critical step to secure this very vulnerable area. Response from the organizations will be in the form of cyber education combined with monitoring, measuring, and testing cyber behavior of staff.
6. Malware challenges
VPN filters, banking Trojans, crypto mining, and ransomware are among the main malware challenges which continue to pose a risk to consumers and businesses alike. Live monitoring by Kaspersky, Malwarebytes, and others revealed that the combination of threats differs throughout the year yet the final result of these malware threats is going to be bad this 2019. Some areas like ransomware will see an increased sophistication together with increased malware volumes in some areas and new malware approaches.
7. Increased risks with bad housekeeping and shadow IT Systems
There is a continuous proliferation of shadow IT systems as well as the number of access points and applications to the systems which include legacy applications. Shadow IT systems are vulnerable as there are. As for the increasing access points and applications, they can be more difficult to defend and identify if they are related to abandoned or old applications.
Both cases are very easy attack surfaces with substantial oversight, budget challenges, and internal politics and were seen in the past as a lower resolution priority. But, there has been an increased awareness of attack opportunities through this route as well as increase in number of attacks that will further accelerate this coming 2019.
8. More Challenges in IoT
The world has already seen and witnessed some of IoT’s security challenges but 2019 is going to significantly show an upward trend in the area. Driven by IoT’s benefits and convenience, the technology is getting more and more deployed by a lot of organizations with lesser thought about the possible consequences and security risks.
Since several IoT deployments are far from the primary network areas, they have now slipped away from the radar. With the lack of standard or perceived security need, IoT is going to be deployed even more and create insecurity in areas which used to be secure.
9. Boardroom Cyber Security
10 or probably 20 years late for several organizations, the board currently considers cybersecurity as a primary risk. This trend will accelerate this 2019 with boards demanding understanding and clarity in an area which was often delegated as subcomponent of the role of CISO and was not actually a main boardroom topic. The reputational, C-Suite employment, and financial risks of cyber breach are going to continue driving cybersecurity in the agenda of the board.
10. Unseen Nightmare of DDoS
DDoS is a dirty secret for most organizations, with attacks continuing to grow in 2019 together with the price of defending against them. But still, DDoS attacks are not really newsworthy unless big name organizations are involved or the website has been down for a very long time.
Of course, the victim doesn’t want to put their lack of defense under the spotlight. This is not great for share prices or custom. The price of launching attacks is relatively and shockingly low at times, with quick rewards as the victim pays just so it will go away.
Final thought
So it seems that 2019 is going to be very challenging and interesting for Cyber Security.
You can find also our infographic with Cyber Security trends here. Do you think of any other trend or prediction we could add? Please comment below and feel free to share this article around! We wish you happy and safe 2019! 🙂