Get Started with a One-to-One Personalized Demo
Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.
See IncMan SOAR in Action.
2019 has been a record-setter for cyber security. With more than 4 billion records breached, system breaches and 0-day malware have run at a breakneck pace and spear-phishing and ransomware continue to top the charts as the most relevant threats to organizational information security on a global scale.
Now is a great time to reflect on lessons learned in 2019 and incorporate them into the challenges of 2020. Let’s take a look at what could be the top 8 considerations in cyber security in the following year.
The 5G market helped lay the foundations for the beginning of the fourth generation of the industrial revolution linking billions of devices together. While 5G technology will create significant opportunities across nearly all industry verticals, it will increase threats from those who wish to exploit it for nefarious purposes.
As the 5G market continues to show a triple-digit growth rate, this will be a golden ticket for hackers looking to abuse organizations' vulnerabilities well beyond an organization’s information security infrastructure.
Another consideration is that 5G network deployment increases an already abundant attack surface. In 2020, we will see an exploitation of this increased attack surface targeting confidential data even as privacy laws struggle to remain applicable. New issues call for new solutions. Enterprises looking to fight the 5G security threats, will go with divergent network configurations and try alternative threat response solutions.
Automated cyber-attacks will continue to evolve in 2020. The Morris worm made its automation debut in 1988 and malware velocity has only increased. Automated attack tools in use will produce an exponential increase in the volume of data that is received and processed by cybersecurity teams.
For some time it’s been nearly impossible for an IR organization consisting solely of human analysts to keep up with the amount of alerts being received daily. With the number of incoming alerts increasing in a manner similar to Moore’s law, the only effective way for organizations to fight back is to implement their own automated security technology. This will lead to innovative implementations of machine learning technologies incorporated into security automation and orchestration tools that will automatically identify and intervene in cyber-attacks in progress.
One of the organization's biggest security mistakes in 2019 was overlooking a substantial threat risk, third-party vendors. As companies outsource more of their business tasks nowadays, their risk profile grows in addition to the attack surface.
On top of that, many of these third parties have weak cybersecurity programs and processes. In other words - it makes them a rich target for cyber criminals and an easy path to achieve their goals.
While many organizations are concerned about insider threats like malicious employee's activities or accidental insiders, they should not repeat the mistake in 2020 and fail to notice the big deal - third-party vendors. Given the 78% increase in supply chain attacks in 2018, this will continue to evolve as one of the primary exploit vectors for an organization as we wait for the results of 2019.
In 2020, insider threats will remain one of the biggest cyber security problems for organizations causing the most damage. They should not be underestimated like they did years before. Instead, insider threats should be viewed as seriously as external threats (e.g. like a cyberattack).
The need for companies to stay one step ahead of the malicious insider will escalate in 2020. Organizations can mitigate the insider threat by addressing network perimeters, cloud systems, and services that should include an automation component as the foundation for any comprehensive infrastructure.
A significant impact on insider threats in 2020 will likewise come in the form of machine learning algorithms used to detect anomalous behavior that is indicative of malicious intent. This machine learning coupled with the liberal application of historical malware and social engineering events ensures a more complete approach.
In 2020 we will continue to see an exponential increase in cyber-attacks that leverage Artificial Intelligence (AI). Cybercriminals will likewise continue to use a combination of automation and AI to find and exploit security weaknesses.
The simpler machine learning development tools are to use, the more they will be utilized in their new attacks. This will quickly lead to more sophisticated malware capable of adapting to obstacles.
Considering the immense volume of data available online, 2020 is expected to be a year filled up of AI-backed cyber-attacks.
As organizations migrate their data to the cloud, it is expected that there will be even more attacks against cloud service providers to snatch data. This will stimulate companies to find alternative ways to have control over their data both in their cloud environment and on-premises to ensure a clear picture when analyzing corporate risk in the cloud.
Additionally, those organizations dealing with sensitive data will start requesting their cloud service providers to obtain higher levels of data security measures in step with industry and governmental requirements.
In 2020, following the attacks in 2018 and 2019, the healthcare industry will continue to be attacked by cybercriminals. The emerging threat of ransomware attacks on medical devices will continue to produce alarming vulnerabilities affecting multiple verticals and industries. Device innovation that creates devices that are cheaper and more scalable medical devices connect through IoT.
Additionally, we can expect an expansion of the amount of money made by defrauding health insurance companies, healthcare providers and individual consumers. This will be a golden opportunity for cybercriminals to engage in false, duplicate and inflated insurance claims leveraging the power of malware automation.
While healthcare companies struggle with so many priorities, cybersecurity concerns will continue to be elevated as part of their risk profiles.
Considering the evolution of threat profiles previously mentioned, it is a given that organizations will significantly increase their spending on cyber security. The challenge that arises is not merely budgetary, it’s the sage appropriation of personnel and funds that will be required in 2020 and beyond.
Unfortunately, many organizations are content to fight tomorrow's threats with today’s technology. Rule-based security solutions like SIEMs can be a great asset for detecting known vulnerabilities, but they present challenges when faced with new and unknown threats. In order to stay viable, organizations will need to prudently invest their time and personnel to stay ahead of the threat curve in 2020.
While going over my list of 2020 predictions, I could hear the words of IT security expert Yaron Levi whispering in my ear, “Security leaders are under a lot of pressure to show quick wins while knowing full well that everything they do will be heavily scrutinized and challenged, and ultimately, they will pay the price for things that are not under their control.”
See IncMan SOAR in Action.