A focus on privacy, evolving threat actors, pervasive deepfake videos and increased election interference are among the issues Optiv Security sees taking on greater importance in the New Year.
“As we look beyond 2019 and into 2020, we have a solid idea of what threats the industry is facing, and not just ransomware and phishing attacks, but new, hard-to-combat threats,” said Anthony Diaz, division vice president, emerging services, at Optiv. “As is always the case, us ‘good guys’ are forced play catch up with bad actors, who constantly remain a step ahead. There is much IT and business leaders must be aware of when it comes to cybersecurity, as the pace of change is quite high. That is why we recommend cybersecurity programs focus on proactive risk mitigation and build out from there. This ensures your organization is actively looking for, combating, and identifying threats before they can cause damage.”
Optiv experts believe the following could be among the most common issues the industry may face in 2020:
- Hybrid threat actors may become more commonplace. Optiv’s 2019 Cyber Threat Intelligence Estimate (CTIE) found a growing number of “hybrid threat actors.” These are attackers who impersonate one type of adversary to disguise their true intentions (for example, a nation state imitating a generic hacker targeting a customer database, when its true aim is to steal intellectual property). Optiv believes a possible increase in the number of adversaries to adopt this technique and launch “imposter” attacks to obfuscate their true intentions, adding yet another layer of complexity to threat hunting and incident response.
- Apple’s “privacy as a human right” campaign should cause others to follow. The world’s foremost technology organization going all-in on privacy will shift the competitive landscape. Security and privacy could become a competitive differentiator for companies that follow Apple’s lead and grab “first mover” status in their markets. Laggards may risk meeting the unseemly fate of past organizations that failed to embrace important technology paradigms such as internet, cloud, and mobile computing.
- Election misinformation campaigns could proliferate. The effectiveness of the Russian misinformation campaign of 2016 increases the possibility of increased copycat attacks for the 2020 election. These attacks could come from nation states as well as domestic groups supporting rival U.S. politicians. This activity threatens to trigger a major public/private response to the online misinformation problem.
- We might see the first cases of deepfakes used to manipulate stock prices. There has been much publicity around the potential to impact elections using deepfakes (AI-doctored videos that enable individuals to make it appear people said things they never said). However, not enough attention has been paid to how cybercriminals can make money using deepfakes against businesses. This might change in 2020, as it’s possible we will see the first deepfake attacks designed to impact stock prices, by having CEOs, financial analysts, Federal Reserve leaders or other powerful economic figures make phony statements that will cause stock market movements. Cybercriminals would use these videos to make quick fortunes in the market.
- There should be widespread realignment of IT and security organizations. As boards view cybersecurity as a peer-level risk to traditional enterprise risks, such as lawsuits and product recalls, more CISOs should become peers of CIOs and other executives, rather than direct or indirect reports. This would cause a realignment of the IT and security organizations to eliminate conflicts and encourage collaboration. The most critical of these will be the continued expansion of DevSecOps, in which security is fully integrated into the application development process; and patch management, which will move from being divided between security and IT (security finds vulnerabilities, IT patches them), to becoming a unified process with a single point of accountability.
- Cybersecurity basics may continue to vex consumers and enterprise organizations. Whether insufficient passwords, lack of education and training around phishing attacks, or simple upkeep and compliance, the tiny details of cybersecurity will continue to be the cause of a vast portion of compromises if left unaccounted for. Simple passwords (those without special characters or are extremely obvious, such as “password123”) only take minutes to crack by professional hackers and can be done inexpensively.