Five cyber security trends
In the last cyber security year, the focus was on the increase in politically motivated cyber threats, but also attacks on smart home devices or the one-year anniversary of the GDPR. Which trends will continue in the coming year?
What new developments are expected this year? Stefan Wehrhahn from the IT security provider BullGuard highlights five cyber security trends for 2020:
- 5G and cyber security
5G will be the most comprehensive communications revolution we have ever seen. It will not only make the mobile Internet faster, but also enable new services for companies and consumers. For example, 5G is an important basis for connected autonomous driving. But how will the 5G network revolution and the associated devices and applications be secured? After all, as with the Internet of Things, there are so many different market players involved that no one has ultimate responsibility for cyber security in 5G.
The primary candidates for this task could be the service providers who provide the network. They will presumably be supported by government and industrial security authorities. The introduction of cyber security seals for products and services in the context of 5G also stands to reason. In parallel, a broader introduction of machine learning or artificial intelligence - especially among network providers - is conceivable to ensure more automation in the protection of the 5G infrastructure.
- Increasing use of machine learning in cyber security
Machine learning has already been successfully used for some time for more cyber security. It helps in automated threat detection, providing additional security against zero-day attacks. These technologies classify data based on given parameters, similarities and anomalies. They learn from previous decisions and apply these insights to unknown data, for example in identifying and blocking zero-day threats.
In 2020, machine learning will be increasingly used because of these advantages, especially in companies. Here, the threats are diverse, the processes complex, and resources scarce. Automated solutions offer a higher level of security and help to distinguish the unimportant from the important incidents. However, the increasing use of machine learning in enterprises will be easily slowed down by a lack of cyber security experts who can handle this technology.
- Combating identity theft
Identity theft will continue to be a major issue in 2020: social media accounts, Internet searches, shopping preferences, emails and more will be compiled into large data sets for data mining. Once attackers have access to a network, it is particularly easy for them to steal such bundled data sets.
In the coming months, more research will be conducted on how to improve digital identity verification and reduce ID fraud. The focus will be on DNA-based ID verification, multi-layer ID document verification or biometric checks. Banks and the gaming industry are early adopters looking to curb fraud and comply with regulatory requirements.
- More protection for user data
The revenues and market capitalization of today's tech giants are fueled by trading in user data. At the same time, hacks in which millions of customer records are stolen have become almost commonplace. Laws like the General Data Protection Regulation (GDPR) are at least an attempt to restore the balance of power between providers and users.
In 2020, we will see data protection move from a reactive stance to proactive action. The driving force will not only be legislation, but ultimately consumer frustration and anger at the use, careless handling or loss of their data. There is a growing realization that the power of data-driven corporations depends in large measure on how willing they are to make information about themselves available.
- Easy prey: cyber attacks on SMEs experience upswing
Nearly one in two cyberattacks already affects a small business, according to the latest Verizon 2019 Data Breach Investigations Report. They have significantly less time, budget or technical expertise available to protect themselves from cyber attacks compared to large corporations. This situation will be exploited by hackers and lead to an increasing number of attacks on small businesses.
The main risk for SMEs will continue to be ransomware. The increasing complexity and decreasing cost of ransomware-as-a-service will allow hackers to carry out attacks with impunity. At the same time, ransomware will become more customized: ransomware will be tailored to the industry, size or solvency of the target company.
Access to corporate networks and confidential information also remains lucrative. Hackers gain access to bank data, payrolls or customer data. Once in possession of this information, there are no limits to the hackers' creativity: blackmail or phishing fraud are possible uses. Some also use the data obtained to gain access to other networks, such as those of customers or suppliers.
While large companies invest in security intelligence, incident response or predictive analytics, smaller companies often lack the resources or expertise for cyber security. Hackers have therefore identified them as easy prey. However, they will put cyber security high on the agenda for 2020 out of concern for reputational damage and growth cuts - supported by external help or largely automated security solutions.
Source: BullGuard