This 2020, it is safe to say that cyber security predictions are pretty much the continuation of those that are being experienced at the moment.
But, what is really most notable here is that despite all the advancements in automation technology, AI, and machine learning, humans will remain in the front line during the battle against cyber security threats and attacks. The existing tools will be of great help but in no way will they replace the insights and intuition of an actual human.
Take a look at the following cyber security predictions that are expected to happen this 2020:
1. The Continuous Reign of DoS Attacks
There will be a notable increase in all types of DoS or denial of service attacks. Some cyber security experts may think that these attacks only affect infrastructure elements like a corporate website or the network for instance. However, over half of today’s workloads are now cloud-based. This only means that DoS attacks whose goal is to lock out employees from the cloud are going to become more effective than ever before.
Single-sign on, access management, and cloud-based identity are prone to these attacks. Users will be left in the unknown if they get locked out of their apps. Since most infrastructures right now have become an instrument, you can say that the impact of DoS attacks will be more devastating.
2. More Threats on Nation-State Level
Enterprise organizations will be dealing with more significant threats of nation-state activity. The immediate response of Iran to the drone attack of the United States on General Soleimani this January was for threatening a cyber attack. But, what is most noteworthy here, although not that obvious, is the possibility that this hypothetical attack might not have been meant to target a government infrastructure in particular.
Risks are also imminent for enterprise organizations, especially for popular brands with close relationships with the target nations. For instance, visible companies in the US might be deemed as targets. The attack on Sony in 2014 generally associated with the government of North Korea is an indicator of this move.
3. IoT on the Rise
Attacks on IoT infrastructure will continue to rise. There are talks about IoT cyber security gaps for some time now. Sadly, many enterprise organizations lack sufficient countermeasure, especially as far as IoT infrastructure are concerned, including the networks, storage, and computing platforms where IoT traffic passes through.
Industry groups and standard bodies work to identify cyber security frameworks of IoT infrastructure but all these efforts are still undeveloped. Enterprise organizations should take some proactive measures for the protection of their IoT infrastructure shortly.
4. Collaboration Takes the Limelight
Attackers will become more attracted to tools and suites for collaboration. Tools like Microsoft Teams, Zoom and Slack now serve as new attack vectors. As businesses continue to use these tools, all the more reason for them to improve their cyber security teams and teach them to handle these tools and their shortcomings in terms of security. Over 75% of businesses will have experts on cyber security that will focus on collaboration tools and suites towards the end of this year.
5. Security Concerns in the Supply Chain
There will be more intensified attacks on supply and third party chain. Over a year ago, Super Micro bug was revealed in video hardware that was used in the company that Amazon purchase. Many specialists in enterprise cyber security just shrugged off the incident thinking that the same issue wouldn’t happen to them. This is a big mistake.
Just like what was stated earlier, there is an increasing number of nation-state attacks. Among the key factors that distinguish a nation-state attack is a fact that most nation-states have the money that they can use to invest years in just one attack alone.
Many of the said attacks are from countries with governments that have an iron-clad control on all manufacturing processes. These nation-states can easily have the power to add undetectable hardware bugs to the primary component of the supply chain of the target.
6. More Automation
Automation helps simplify the burden of auditing and compliance. Automation, machine learning, and AI help protect enterprises from security incidents. Automation can also yield an unforeseen advantage in terms of compliance. This technology can automate the process of documenting and logging responses to the attacks.
For example, there are security orchestration, automation, and response or SOAR tools that timestamp and capture all actions responding to an attack. It doesn’t only help in post-mortems as it also makes it much easier to give the required documentation to the authorities.
7. Technology as a Supplement for Security Professionals
Machine learning and automation will give a substantial boost to the capabilities of cyber security teams. The past few years have seen the dramatic decrease of the most crucial operational metric of cyber security, the average total time of containing an attack. The best enterprises now can detect a threat, determine it to be a real threat, and contain within 2 minutes, a substantial decrease from 2018’s 8 minutes.
How did it become possible for enterprises? They are selective in the deployment of machine learning and AI that help with the detection, identification, and automation that help with containment. A security program can benefit from automation through tools like behavioral threat analytics and SOAR.
8. Evolution of Security Experts
Cyber security experts will become more tech-savvy this 2020. This may sound a bit weird but the truth is that most cyber security experts have limited technical capacities outside their core expertise’s narrow area. For the past several years, CISOs have required technical skills and this 2020, these efforts are expected to see results.
9. The Growth of Cloud
Cloud security is going to become its own this 2020. Over half of the workloads these days are no longer in the corporate data center. Many companies respond to this increased use of the cloud with the addition of cloud security budgets, architectures, and teams to their initiatives.
These are just some of the 2020 cyber security predictions. There will be more threat vectors and threats but with proper planning, cyber security teams won’t have a hard time keeping them at bay.
10. Malware challenges
VPN filters, banking Trojans, crypto mining, and ransomware are among the main malware challenges which continue to pose a risk to consumers and organizations likewise.
Live monitoring by Kaspersky, Malwarebytes, and others revealed that the combination of threats differs throughout the year yet the final result of these malware threats is going to be bad this 2020. Some areas like ransomware will see an increased sophistication together with increased malware volumes in some areas and new malware approaches.
So it seems that 2020 is going to be very challenging and interesting for Cyber Security.
You can find also our infographic with 2020 Cyber Security predictions here. Do you think of any other trend or prediction we could add? Please comment below and feel free to share this article around! We wish you happy and safe in 2020!