In 2018, global consulting firm EY published these worrying findings in its EY Global Information Security Survey 2018-19:
Furthermore, a quick search on Privacy Rights Clearinghouse reveals that between 2018 and 2019, over 1 billion records containing personal and other sensitive data have been compromised all over the world.Cybercriminals are getting smarter and using increasingly creative methods to launch sophisticated cyberattacks against individuals, businesses and governments alike. Way back in 2017, a report by Accenture found a 30% YoY increase in the average number of security breaches in organizations worldwide.
Cybercrime costs the global economy more than US$400 billion annually according to a 2015 report by PwC.
These can be either ‘above the surface’ (better-known) costs or less visible, ‘beneath the surface’ costs.
For all these reasons (and more), organizations of all sizes and in every industry and country are beginning to grasp the importance of cybersecurity.
So what are some of the emerging cybersecurity trends on the horizon for 2019-20?
1. Cybersecurity automation will become increasingly common. However, lack of in-house expertise may be a hindrance to speedy adoption
As networks become larger and increasingly inter-connected, more firms will adopt automated cybersecurity systems in the next few years for:
- Data collection, monitoring, and analysis
- Tracking a system – both software and hardware
- Implementing patches to keep them up-to-date
- Performing regularly vulnerability assessments to identify and analyze known (or potential) vulnerabilities
One hindrance to the growing adoption of automation could be a shortage of skilled and knowledgeable staff. Consequently, an inadequate supply of security professionals may work against the increased demand for automation.
2. More mobile devices and the Internet of Things (IoT) systems will be exploited and attacked by cybercriminals
Enterprises with inter-connected systems and employees who use mobile devices interchangeably for personal and professional purposes will be especially vulnerable to cybercrime.
Industrial IoT (IIoT) systems such as human-machine interfaces, industrial control systems and distributed control systems will become a particularly profitable target. Cyber attackers may find new ways to attack the underlying cloud infrastructure of these multi-tenanted, multi-customer environments for lucrative payouts. Equally important, the number of enterprise mobile devices will grow and diversify which will increase the number of endpoints that need to be monitored and protected.
3. More security assessments, increased data regulation policies/legislation, greater accountability
In addition to rising cybersecurity awareness, more governments and businesses will focus on issues like security risks, assessments, compliance, and standards. Following the rollout of the EU’s General Data Protection Regulation (GDPR) in May 2018, companies all over the world have started to review their existing data privacy-related regulations. They will continue to prepare for more data privacy regulations in the coming years.
Greater accountability will also be an important trend going forward.
4. More organizations will shift to the cloud (but cybercriminals might follow them there too)
Many firms are shifting their workloads into the cloud to replace their legacy on-premise systems. However, as the number of people in an organization with access to their cloud’s massively distributed architecture increases; issues like customer misconfiguration, mismanaged credentials or insider theft are set to become big risks. As a result, cloud hygiene will grow in importance. Plus, the role of cloud migration security specialists will become more critical in monitoring cloud configurations and ensuring that alterations in settings (deliberate or otherwise) are investigated and controlled. They will use features and tools that provide automation, enhanced visibility, and auto-alerts to improve their organization’s chances of avoiding devastating data breaches.
5. Organizations and governments will grapple with more ransomware attacks
According to research from Malwarebytes, ransomware attacks against enterprises are on the rise:
Governments have also been targets of ransomware attacks in the recent past and this trend will continue over the next few years. This may increase the frequency and amounts of ransoms paid out which could reinforce the notion among cybercriminals that launching ransomware attacks against governments is profitable.
Other types of cyberattacks on PSUs might also increase, forcing these organizations to upgrade their security systems and fix their system vulnerabilities.
6. Artificial Intelligence (AI) will play a greater role in strengthening cybersecurity
According to a survey Reinventing Cybersecurity with Artificial Intelligence by Capgemini Research Institute, an increasing number of organizations are already relying on AI to bolster their cybersecurity initiatives.
As AI’s potential for providing cyber protection becomes more visible, this trend will become even more entrenched in the future.
Organizations in banking, consumer products, telecom, and retail will be particularly enthusiastic about embracing AI for cybersecurity.
For all these reasons, the market for AI in cybersecurity is projected to reach US$8.8 by the end of 2019 and a massive US$38.2 billion by 2026.
A final word..
Over the next few years, cybercriminals will become even more clever and creative. Simultaneously, cybersecurity will become a more prevalent factor in the business environment. Therefore, cybersecurity professionals will play an increasingly larger role in managing this complex landscape and ensuring business continuity.