Here are predictions for developments in cyber security in 2020.
As for data privacy, the cyber product company McAfee warns of a growing trend of personal online accounts being brokered on the Dark Web. See also the company’s threatscape report.
As for the finance sector, business priorities have shifted and digital risk management is now central. Because they are such high-value targets for cybercriminal activity, it is imperative that financial services firms monitor what is happening both inside and outside their networks in real-time to create effective mitigation strategies before, during and after an attack, says Daniel Solís, CEO and founder, Blueliv, a cyberthreat intelligence firm based in Barcelona. More in a free download at: https://blueliv.com/resources/white-papers/Finance_whitepaper_ENG.pdf.
Bridewell Consulting, a NCSC certified and CREST accredited cyber security and data privacy consultancy, has issued some warnings for businesses; based on the industry changes that the Bridewell team witnessed in 2019:
1) More and bigger attacks – An increase in cyber attacks will certainly happen in 2020. The continued integration of applications and systems (often spanning multiple organisations, but with little end-to-end oversight) will lead to bigger, wider reaching attacks. Future cyber attacks will have the power to affect an entire business, especially those that are ‘born in the cloud’, whereas until recently, such attempts would likely be limited to taking down a firm’s website or one specific element of the business.
2) The cloud compromise – With the sharp increase in moving workloads to the public cloud, it is likely there will be more opportunity for hackers to use new technology to compromise a business. The convenience and ease of access of cloud increases the risk, for example the single-sign-on functionality for many applications. As a result, it’s likely we will see organisations fail to implement software security features sufficiently, thereby enabling hackers to gain access to accounts and the rest of the corporate network through lax folder permissions or phishing attacks.
3) Start of the AI arms race – In 2020 and beyond, artificial intelligence (AI) will be used a lot more in cyber security solutions to stop threats and mitigate risk. Activities that used to be laborious manual tasks by human analysts will become automated. In the same vein, cyber criminals will also use AI and machine learning to develop malware with self-evolving code that will learn and try another approach if blocked from an organisation’s network. This will mark the beginning of a shift to an AI “arms race” between attackers and defenders of systems, with organisations that are slow, or lack the skills to effectively implement new AI-based controls, becoming increasingly vulnerable.
4) Attacks from inside social media – Social media is already a well-established avenue for social engineering, but moving into 2020 we will see more phishing attacks coming from social media posts themselves; cyber criminals setting up fake accounts (known as Sockpuppets), befriending individuals and interacting with them to foster trust. The end game could be getting them to divulge personal or company information or stealing their logon details. New technological developments, such as convincing AI-generated faces and “Deepfakes” make the identification of Sockpuppets considerably more challenging. We can also expect to see developments in the use of AI/automation to identify the type of Sockpuppet a given user will be most receptive to, in order to make these more tailored to their target and therefore more likely to be accepted.
5) Weaponising IoT and 5G – As the cost comes down and the adoption of 5G grows, so too will the number of connected devices, opening the doors to bigger attacks by cyber criminals. Many organisations still fail to adequately segregate insecure Internet of Things (IoT) and 5G-enabled devices from the rest of their network, making these a popular “stepping stone” allowing attackers to reach higher value targets. Cyber attackers will be rubbing their hands at the growing opportunity to compromise systems and networks, as more and more devices become connected to the internet.
Anthony Young, Director at Bridewell says: “As we move into a new decade it is more important than ever that businesses keep abreast of the latest cyber security developments. There’s no room for complacency; organisations need a layered cyber security strategy to mitigate risk and stay ahead of attackers.”
And here are views of Stuart Wilson, CEO of network analytics firm Endace.
What do you think will be the biggest challenge(s) for network security in 2020?
“More automation and AI on both the offensive & defensive sides will drive a faster rate of change in the threat & defence landscapes. Allowing security operations centres and investigation teams to become more agile will become critical. Complexity in network & application design and maintenance and complex budgeting & purchasing procedures will make agile response to threats and agile application of new tools inefficient. Large organisations will suffer the most simply because of complex logistics. Many large organisations that manage sensitive private data will continue to manage their own networks, data centres and security because not everyone can move to the cloud because of data governance issues.”
What will be the major trends for network security in 2020?
“The rise of AI-based threat detection. AI still has a long way to go but there are several strong players in the market already. We’ll also see the number of security tool vendors increase, the continued importance of security orchestration and heavy reliance on cast-iron evidence.”
If large enterprises do only one thing to improve their network security in 2020 it is….?
“Simplify, simplify, simplify.”
How important do you envisage the increasing role of automation to be when it comes to managing the type/volume of threats?
“Automation is the only way we will fight the volume of threats being introduced, but, automation only works when there are standardised platforms and procedures being used. With a highly fragmented vendor landscape automation is going to be hard to develop at scale.”
How do you see the interoperability of tools and data evolving?
“No one tool will solve all problems, so being able to build systems out of multiple tools, being able to introduce new tools quickly as the threat landscape changes, and to do this efficiently at scale is the issue. Interoperability and automation are intrinsically linked. The ability to interoperate efficiently requires standardised interfaces, platforms and workflows.”
How do you expect the threat landscape to evolve?
“Threats will morph more and more rapidly. Standardised attack methods will be automatically synthesised into multiple, even individually customised attack vectors based on results from prior attacks. Rapidly changing attacks customised to individuals will relegate standard pattern-based techniques to basic network husbandry. We will need tools that can recognise attack behaviour, and, we need analysts to investigate generic attack techniques.”
What types of new threats should large enterprises be cognisant of?
“Ransomware – because it attacks the organisation, not just the network, or applications.”
Are large enterprises better equipped to deal with cybersecurity threats than they were 12 months ago?
“Organisations are continuously falling behind because attacks are becoming more sophisticated, and varied, enterprises have systems that are too complex, and in many cases too old to defend effectively and tool fragmentation is a huge problem, with little or no interoperability, and lack of standard platforms.”
What will be the prime targets for cyberattacks in 2020?
“Anyone holding critical personal data, and cash in the bank.”
