In today’s hyper-connected world, where massive amounts of data are created every single day, there is no doubt cyber security will remain a top priority for organisations across all sectors.
Based on recent security developments, we take a look at the trends we can expect to see in the coming year.
Cyber security spending
A number of high-profile security breaches over the last few years — coupled with the pressures of recent data privacy legislation — have left many executives fearful of the cost and PR nightmare a breach can pose.
As such, businesses are wisely investing more money into defending themselves against cyber-attacks. In 2020, we will continue to see organisations increasing their cyber security budgets.
This could include spending on software and hardware, as well as services. More and more companies will also look to hire a dedicated in-house IT or cyber security specialist.
This is great news. Cyber security should be at the top of every corporate executive’s mind. Investments in cyber security won’t be limited to major corporations either — small and medium-sized businesses will also start to realise the importance of having robust cyber security solutions in place.
5G & IoT
The fifth generation of wireless technology is already here. Many telecommunications companies have begun rolling out 5G services, and consumers can expect to have full access to the technology by the end of 2021.
But what does this mean for cyber security?
5G and the Internet of Things (IoT) will add billions of internet-connected devices into the world. However, these devices often have complex security requirements.
As the use of connected devices accelerates, networks will become increasingly vulnerable — exposing gadgets to security threats and making them potential targets for hackers. This will make the expanding IoT and 5G network a nightmare for cyber security experts, who must figure out how to protect devices from attack.
In 2020, organisations across all sectors will need to take a more holistic approach to IoT security, using a combination of traditional and new controls to protect ever-growing networks.
Software developers will also have to integrate security patches into devices and ramp up testing to prepare for threats like malware, RFID spoofing, botnets and malicious scripts. This new generation of security will likely be based on nano security agents such as micro-plugins, which can work with any device or operating system to control data flows and provide always-on protection.
There was a lot of talk about artificial intelligence (AI) in 2019 — and for good reason. AI technologies dramatically accelerate the identification of new threats and responses to them, helping to block attacks before they have a chance to cause widespread damage.
However, hackers are also starting to take advantage of the same techniques to help them probe networks, exploit vulnerabilities and develop increasingly evasive malware. In particular, we are likely to see cyber criminals utilising AI to make phishing and other social engineering attacks considerably more realistic in 2020.
That being said, as AI technology becomes increasingly sophisticated, AI and machine learning will become an integral part of cyber security — helping organisations to defend themselves against cyber-attacks. For instance, AI-controlled systems will be used to perform simulated attacks on company networks to find and fix system vulnerabilities that could be exploited by hackers.
Cloud-based security providers are already starting to gain traction in the security market. But 2020 will be the year they really take off.
Much like cloud-based services, cloud-based security will appeal to many businesses due to the flexible, scalable and easy-to-deliver nature of the platform. As cloud-based cyber security systems are built with open APIs or application programming interfaces, they are also much easier to coordinate with multiple devices — making it easier to manage and control the vast amounts of data companies generate daily.
Most security experts will agree the infrastructure in the public cloud is more secure than what many organisations have built on-premise. Nevertheless, as the volumes of data stored continue to grow and reliance on public cloud infrastructure increases, the platform will increasingly be seen as a high-value target. This will drive many businesses to consider hybrid environments comprising both private and public clouds in 2020.
An increasingly common target of cyber-attacks is the software and hardware supply chain.
Such attacks often occur during generation at the software vendor or at a third-party provider, whereby cyber criminals implant malware into legitimate software packages and updates.
Any user who unknowingly uses the malicious version of the software will consequently have their computer tainted, opening the organisation up to a data breach. There is also a risk that attackers could use hardware to send compromised components out to millions of users.
The last year has seen a drastic increase in the number of supply-chain attacks, and this number is only going to grow in the coming year. As such, it will be critical for companies that rely on partners and third-party vendors to create vendor risk management processes that will help them to prevent such attacks in the future.
Utilities and critical infrastructures
On a wider scale, governments will also need to radically strengthen cyber defences around critical infrastructure in 2020.
Utilities are fundamental to a forward-thinking economy, providing a critical framework to individuals and governments. However, in many cases, services such as power and water-distribution infrastructure use obsolete technology.
This outdated technology is vulnerable to exploitation — particularly as governments are often reluctant to upgrade cyber barriers or fix cyber security defects as this can lead to service interruptions and downtime.
We don’t yet have the benefit of hindsight to know precisely what security threats we will face in the new year. However, one thing’s for certain — 2020 will continue to see cyber criminals developing sophisticated methods to bypass security measures and hack into systems.
Fortunately, cyber security experts are continually innovating to find new ways to protect organisations’ software, applications and data from coming under attack.