Five Key Cybersecurity Trends For 2020
In 2019 we saw it all: supply chain attacks, phishing campaigns, breaches in all verticals and attacks on critical infrastructure. The most common point of entry is still email and the lack of user awareness continues to be a prevalent risk for any organisation. In the last years, we saw phish and whaling expanding from email into social media. Multiload ransomware is still out there and even the FBI changed their stance on paying ransom. The FBI is not advocating to pay, but this may be only cause of action for organisations to stay in business.
“[…] However, the FBI understands that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers.”https://www.ic3.gov/media/2019/191002.aspx
Cybercrime is still a highly lucrative business, and this will not change in 2020. It is estimated that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. Here are my top 5 predictions for 2020 (and the coming years), in no particular order.
Cyberwarfare Is Growing
The Cyber Cold War is already here, and it is here to stay. The current geopolitical situation is fuelling espionage and disruptive campaigns. The tension between the Western World and Iran, N-Korea will raise in 2020 the stakes in this game of cat and mouse. Attacks on critical infrastructure, health services and also companies in the supply chain of a nation’s economy will continue and get more aggressive. We have to expect that there will be casualties in business, as well as in our everyday life. Keeping the advantage not only on the virtual battlefield but also in trade will drive espionage to new heights. Brexit and other major elections will motivate nation-states trying to influence voters to their interests. As the old saying goes,” In War and Love, everything is allowed”, better double-check facts and expect fake news, deep fakes and other forms of propaganda around every corner.
Cyber Insurance Costs Will Rise
How do you insure an unpredictable risk? By raising the premiums avoiding to pay out claims. In April 2019 the NY-times reported that Merck sued over 20 insurers rejecting claims related to the NotPetya attack. War exemption was the reasoning in several cases. The increasing amounts of breaches will drive insurance companies to raise their premiums and update T&Cs asking for stronger cybersecurity requirements. This will up the cybersecurity spend for the coming years.
Increased OT, ICS and Supply Chain Attacks
According to Gartner, buildings will account for 81% of all connected things in 2020. ICS, OT and IoT are becoming more and more attractive targets. These systems and devices are currently the least protected devices in the network with an unbelievable amount of vulnerabilities. Within flat network infrastructures, ICS & OT are an easy mark for adversaries. Many companies may have policies in place for 3rd party access in their offices but in their production environments there little or no controls in place. Many old NT and XP based ICS systems cannot be replaced. Often production runs 24/7/ 365; there is not much space for downtime for patching or security hardening. The suppliers are running old laptops to be compatible with out of date connectors and protocols, or transfer data during maintenance via uncontrolled USB-Sticks. Organisations need to restrict access to ICS & OT from other all networks, implement Zero Trust Policies and use well maintained and security-hardened jump boxes. Putting ICS & OT specific countermeasures in place can no longer be delayed
AI, ML & SOAR Will Be Integral to Security Operations
By now we all got a good dose of AI & ML brainwashing by marketing. In view of the growing disparity of skills and talent on the market, we need all help we can get and AI & ML have made great strides in the past year in all areas of life, private and business. It will continue to grow mainly on the threat detection side. Automation and orchestration are the watchwords for 2020: security orchestration, automation and response (SOAR). Automation and orchestration is the only way to marry detection and response efficiently. If not already done, now is the time to add AI/ML and SOAR to your cyber stack.
The Global Skills Shortage Will Worsen
Employing the right people with the right skills set for cyber has become nearly impossible these days – and this skills gap continues to widen. Many universities and colleges offer courses in cybersecurity, but it takes more than a few certificates to become an expert. The skills and experience we need are extremely broad and hard to come by. Many companies grow talent for their core business from inside. Service providers like us do the same: we replenish our resource by hiring candidates with the right basic skill set, a neck for cyber and good grows potential, help them become the best in the industry and build centres of excellence. It will take many years to fill this void of experienced talent. Seek for help from outside and extend your IT team with an excellent service provider and trusted advisor.
To most this appears to be a bleak lookout for the next year. With the combination of the right technology, threat intel and the right people, you can stay on top of the game.