The 2019 cybersecurity landscape was once again littered with attacks. From the resurgence of ransomware to mega data breaches, cybercriminals continue to target organizations and individuals around the world. In addition to the sheer volume of attacks in 2019, the industry also witnessed a mix of old and new threats with hackers using their standard playbook of phishing, botnets, malware, and DDoS to launch more sophisticated attacks with artificial intelligence (AI) and machine learning (ML).
But threats were not the only things that evolved in 2019. The technology being developed and used to counter these attacks – as well as the corporate “value” assigned to security – also continued to evolve. Organizations are investing more in security research teams and bug bounty programs, and new training resources are helping companies reduce insider threats.
As we move into 2020 and the new decade, there have been a lot of cybersecurity predictions and trends grabbing headlines. Here are five that caught our attention:
1) The Shortage of Qualified Cybersecurity Professionals Worsens
The lack of skilled cybersecurity professionals continues to be a paramount issue for the industry as it moves into 2020. According to the 2019 Workforce Report from (ISC)2 there are currently approximately 1.3 million open cybersecurity positions worldwide. In the U.S. alone, CyberSeek currently shows more than 500k job openings (with an average base salary of approximately $96,000 USD). To help change this trend, the industry must continue to take a multipronged approach that not only focuses on creating technology that empowers professionals, but also building on formal education and development programs, and expanding the talent pool. Interested in understanding the job satisfaction level of current security professionals? This recent Help Net Security article explores that dynamic in more detail.
2) Will You Be Cloud Smart?
Cloud everything continues to rise, including concerns with cloud data loss, unauthorized access, misconfiguration, encryption and more. As a matter of fact, 93% of organizations are moderately to extremely concerned about cloud security. But how organizations adapt to these cloud security challenges will be interesting in 2020. There’s no shortage of predictions around this topic as some experts predict a rise in misconfiguration leading to more breaches, while others look to new SaaS SIEM solutions and alliances to move the market forward. Check out these articles from Solutions Review and Forbes to learn more.
3) Artificial Intelligence and Machine Learning as a Tool for Us and Them
When it comes to cybersecurity, metaphorically speaking, humans are the tortoise and threats are the hare. While we might not be able to keep up with the sheer volume of attacks hitting networks, innovation around AI and ML are helping to accelerate early identification of and response to these threats, especially new ones. Unfortunately, hackers are already using this technology to acquire knowledge for AI models, to better conceal malicious code in applications, and much more. As we move into 2020, we could see new AI-modeled malware that evades sandboxing or AI-enabled spear phishing that further increases attacks at scale. Read more about the impact of AI and ML in cybersecurity with these articles from CISO, CIO, and Security Magazine.
4) Cybersecurity and Risk Management Tops Priority List for CIOs
According to the National Association of State Chief Information Officers (NASCIO), cybersecurity is the number one priority when it comes to 2020 strategies, policies and management processes. Security Enhancement Tools claimed the fourth spot on their list of Top 10 Technologies (with Cloud Solutions, Legacy App Modernization and Data Analytics rounding out the top three). Interestingly enough, Forrester Research’s 2020 predictions focused on a different set of challenges that includes talent acquisition and retention, data strategies, and automation. Can you guess what tops the list for CFOs? Check out this Crain’s New York Business article to find out.
5) The IoT Security Problem Grows
The rise in IoT devices continues to present challenges for security teams tasked with securing corporate networks. With IoT attacks up significantly in 2019 (Kaspersky reported an increase from 12 million in the first half of 2018 to 105 million in the first half of 2019), it’s no surprise that many in the industry predict major growth around this attack vector, as hackers enlist compromised devices to launch large scale attacks. Combating this threat means organizations must increase the attack surfaces they monitor, utilize new solutions that simplify management, and reduce the false-positive security alerts that often plague IoT solutions. A recent article from CISO Magazine outlines some of the more unique attacks, which include an Internet-connected gas station and connected coffee machine attacks.
This list easily could have included 10-20 more fascinating trends, predictions, and challenges. We’ll be sure to keep a keen eye out to see what hits and what misses in 2020.
* * *
If you enjoyed this post, you might also like:
18 Cybersecurity Statistics and Research Figures Summarizing 2019