Multiple cyber-attacks and compromise of personal information of millions of people globally show that the complexity and intensity of cybersecurity attacks are on the rise, and it could have broader political and economic ramifications. As cybercrimes become more lucrative and cybercriminals become smarter, cybersecurity too will have to be intelligence driven, enabling a swift response to the advanced attacks. As breaches get harder to detect, the stakes for protecting one's organization from cyber threats will get higher this year. Following are some of the trends that will influence the cybersecurity landscape in 2019.
Effective Solution for Hybrid Cloud Security will be Priority
Emerging technologies and applications are transforming organizations, making them better able to respond to rapidly changing market conditions and customer expectations. To keep pace, organizations are embracing a hybrid IT infrastructure including cloud, third-party and microservices, which provide the necessary flexibility and scalability. With resources spread across on premise, private and public clouds, organizations do not have centralized control and visibility, leaving many security gaps. As hybrid environments can strain traditional solutions designed for more static environments, businesses will have to ensure that their security is not left behind. To bridge these gaps, organizations and vendors' work towards finding an effective solution for hybrid cloud security will intensify in 2019.
Businesses & Cyber-Criminals will Both Leverage AI, ML
Artificial Intelligence (AI) is taking center-stage in cybersecurity and consists of Machine Learning (ML), which has the potential to identify and respond to threats as they occur. These technologies will get even more efficient this year at protecting customers, processing and prioritizing data and ascertaining which of the threats are real. As AI and ML can help turn volumes of data into actionable insights, they can tangibly improve organizations' cybersecurity efforts. However, though there are clear benefits that AI and ML can bring to applications and infrastructure, there is a flipside too. Cybercriminals will also leverage them to launch sophisticated attacks via AI botnets, better-designed phishing attacks and make it more challenging to identify complex attacks. Thus, organizations will have to account for the cybersecurity challenges that AI will pose in the future.
Automation will bring in efficiency in attack analysis & response
Automation and usage of Robotic Process Automation (RPA) in particular, will increase in the area of cybersecurity, including Incident detention, analysis and response. SOC and incidence response teams will need more automation to keep up with the pace of non-stop cyber-attacks. Recognizing its potential, organizations have started deploying RPA in cybersecurity, where automation eliminates the risk of human errors from tedious manual work and allows them to focus on more proactive tasks. The scope of automation will also expand in 2019, where robots and machines will automatically remediate some of the security issues, which were manual focused.
IoT Attacks will Increase
Driverless cars, smart cities, smart homes, smart watches and virtual assistants are all part of the Internet of Things (IoT) revolution and are gaining popularity. Along with increased adoption of IoT, they will continue to be a prime target of cyber-attacks. This is because many of the IoT implementations are not secure end-to-end (from field level devices and gateways to the cloud-based applications and APIs). Attacks on these connected devices will also rise owing to existing gaps and lack of standards concerning its security. Due to the lack of any industry-wide framework and standards, IoT security is left to respective vendors and device manufacturers, whose focus is often on the functionality of the device rather than the potential risks and consequences. In the backdrop of emerging threats, regulatory frameworks or guidelines addressing security concerns is the need of the hour.
Increased Attacks on Small Businesses & Individuals
Digital transformation implies that effective security is no longer an option, it is mandatory. Attacks will be spread out and more number of small businesses and even individuals will come under the radar of cybercriminals in 2019. Large organizations have already done considerable work to protect themselves from attacks. It is easier to target small and mid-size companies as they may not have adequate security measures and resources in place to protect themselves. Small companies must re-assess their security posture and ensure adequate measures and controls are implemented to safeguard against today’s cyber-attacks.
Data Privacy Laws Go Big
The dynamic nature of cybersecurity outruns regulations and there will be a paradigm shift in ways companies will use and manage data in 2019. In the light of high-profile data breach incidents, customers are worried and are demanding better protection measures. Governments and regulatory bodies are also concerned. This coupled with the implementation of the General Data Protection Regulation (GDPR) in the EU and the enactment of the California Consumer Privacy Act (CCPA) in the US, among others, are forcing companies to look at privacy issues more seriously and prepare for more data privacy regulations in 2019. Such laws are making companies move from a reactive approach to a proactive approach to security. As privacy-related compliance goes up, the onus will be on respective organizations to implement robust security measures and practices.
This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.