As we enter a new year and a new decade, 2020 will be a critical year for businesses and governments around the globe as they deal with a more complex and evolving cyber threat landscape. NNT’s cybersecurity evangelists, CEO Mark Kerrison and CTO Mark Kedgley, have investigated the current state of the industry and identified key cybersecurity predictions and recommendations to help you improve your cybersecurity defenses in 2020.
1. Acceleration and Fortification of Corporate Fines
Data breaches, hacks and exploits have compromised the private data of hundreds of millions of users in 2019. We saw some eye-watering fines handed out to Equifax, Marriot Group, British Airways, Uber and Tesco Supermarkets. These alone amounted to well over $1 billion in penalties issued for failures to competently and convincingly address internal Data Protection responsibilities.
The fact that governments and legislators have taken such an active interest in ensuring corporations take this issue seriously strongly suggests that we can expect to see a ramp-up of fines issued, both in terms of volume and severity.
Recommended Action: John Gilligan, CEO of the Center for Internet Security, recently addressed a special Senate hearing to outline a number of straightforward steps that could have been taken to mitigate breaches and risks of subsequent fines. For example, the adoption of the first six CIS-critical controls would have protected each of these organizations, and it certainly would have prevented them from the double jeopardy of breach and fine penalties.
2. More Ransomware, and More Effective Ransomware
It has been a few years since the WannaCry plague that swept the world in just a few hours, claiming over 230,000 victims in more than 150 countries, causing agony and disruption for both corporate and home users across the globe. Ransomware may be just another form of malware which still relies on phishing to gain access to corporate networks, but its impact is so immediate and crippling that it is still the one attack you really want to avoid. Given that ransomware can be monetized so directly and spread so cheaply, it is still a hugely attractive scheme for cybercriminals, so expect it to be around for a long time (in ever-more-extreme forms).
Recommended Action: Continue to practice responsible ransomware avoidance measures, including a combination of internet sandboxing, mail quarantine facilities and hardening your desktop, browser and email client security. (This will provide technological defenses, but user education must be a daily task as well.
3. Greater Adoption of Security Controls
We say this every year, and despite an increased spend on security products globally, the number of data breaches continues to rise. Without the implementation of necessary operational security controls, buying more security tools remains a ‘spend and hope’ strategy. Being cyber secure requires an understanding of why there is a range of necessary security controls; for example, the CIS Controls, which advocate 20 essential security controls. While implementing some of the controls but not all of them is better than nothing, doing so will leave you with security gaps that increase your potential risk of suffering a breach. Too many organizations still continue to embrace the ‘it won’t happen to us’ attitude; unfortunately, it is only a matter of time before it will, in fact, happen to them.
Recommended Action: The only advice is to start getting familiar with the CIS Controls and assess how well your organization adopts these today. Make sure you understand the risks associated with any remaining gaps, then prioritize your increased adoption for the coming year. The more you do, the more secure you will be.
4. Increase in Data Analytics and AI
It is likely that we will start to see AI creep in, both as a developing means of attack and as a corresponding method of protection. There is something of a perfect storm at play, as organizations face increased breach activity, a general shortage of cybersecurity personnel and the challenges caused by using many different security tools (which either generate too much noise or too little in the way of discernible and usable event information).
We should expect to see a shift towards ‘complex event processing’ and the ability to harvest valuable associated application and event information. This will help provide correlations and preventative predictions, so we’re better able to make sense of patterns of behavior which, in isolation, may mean very little—but combined, indicate a threat.
Recommended Action: The first step in all this requires organizations to have deployed the right and trusted monitoring tools in the first place. Ultimately, any form of AI is only as good as the information you feed it. Build a solid security stack initially, and you can expect to see developments that will enable better interpretation of events over time.
5. Weaponization of Social Media and PII Theft
2020 is another election year in the US, so expect to see an escalation in the weaponization of social media. This is a genie which is well and truly out of its bottle, and with big advertising revenues to be had, the social media and internet channels won’t ever want to police this themselves. With any calls for legislation immediately being labeled by opponents as censorship and attacks on freedom of speech, this is something that will remain open to abuse for some time yet. Expect to see greater efforts to harvest personally identifiable information, coupled with more bot-driven content—all with the objective of influencing public opinion.
Recommended Action: This is a problem for society as a whole, and one that will take us several generations before we’re anywhere near sufficiently ‘internet street-smart.’ Until then, the best practice is to employ the mindset of ‘Don’t believe everything you read.’