Author: Richard Harpur
Entering a new decade causes many of us to wonder about the future. What will it hold? How can we plan for it?
When we prepared for the transition from 1999 to 2000, a lot had to change. Everyone who participated in the extraordinary effort to ensure our IT systems didn’t experience major issues knows this all too well. Today, the critical systems they put in place are the operational norm for most organizations, and there’s an even greater level of dependence on IT as a key business capability—an existential capability.
But unlike the “millennium bug,” cybersecurity is not a one-time-fix challenge, and addressing it continues to be beyond the reach of many organizations. The battle to safeguard IT systems from cybercrime remains the same, but the tools, tactics and techniques used by adversaries is constantly evolving. Here are the most prominent cybersecurity threats and trends you need to be aware of as we head into 2020 and beyond.
Ransomware
2019 saw more major incidents caused by ransomware—a rampant, widespread threat that affected schools, healthcare and municipalities, costing millions of dollars and crippling organizations for extended periods of time in several incidents. The cyber security threat of ransomware has been predictably deepening for years, and it doesn’t look like things will improve in 2020. We’re likely to continue seeing more ransomware incidents, with many of them having a significant impact on the organizations they touch.
Human factor
Despite companies investing billions of dollars in cyber security, we are still seeing a rise in cyber attacks. We see new headlines everyday announcing the latest breach. And users are most often the cause of major incidents. Insider threats (both accidental and malicious) will increase, and new technologies will be deployed to address the human factor threats. It’s time for organizations to increase their focus on the human aspect of security. We need to be able to help secure users without hindering their ability to work in an agile and productive manner. The threat of human error will continue to be a cyber security trend in 2020 and beyond.
Security platforms
The acute shortage of cybersecurity skills coupled with ever-increasing IT infrastructure is driving the demand for singular platforms that can manage security requirements. Simplified platforms providing visibility and manageability will continue to be a major requirement for 2020, but such platforms must be extensible and have connectivity to allow for integration with multiple vendors.
IoT
We’re going to see the Internet of Things become the Internet of Everything. With increasing connectivity, we’ll see different types of devices being targeted and attacked. In 2019, we saw smart refrigerators being used for crypto-mining. Will 2020 see ransomware go mainstream with smart devices in the home, or will we see commercial devices, like internet-connected freezers, being held ransom? The barrier to attack for most IOT devices remains low, making these an attractive target for adversaries. Cybersecurity will become applicable to more and more things as IOT devices continue being developed.
Automation
As we head into 2020, it will be critical for us to continue to lean on automation to help with our cybersecurity challenges. This will be driven by two primary needs:
- The need to find additional security skill capacity. (Automation of repetitive tasks will be essential to free up valuable resources for higher value tasks.)
- The need to be smarter about how cyber threats are identified and how incidents are detected using technologies such as artificial intelligence and machine learning. We’ll continue to see investment in these areas, and growing demand for these skills.
So while some things will change in 2020, we’ll also see more of the kinds of incidents we saw in 2019. Cybercrime will continue to affect us as individuals and corporations on a daily basis, and we’ll need to be educated and vigilant if we want to protect ourselves. For more resources, check out Pluralsight’s online cybersecurity courses today!