Some may describe cybersecurity as “a bit like Alice in Wonderland” where you run as fast as you can only to stay in place. And today, if you wish to stay ahead of cyber criminals, you should run twice or ten times as fast as that.
It’s true that cybersecurity offers solutions to ensure privacy protection, however, most people see the data breaches, ransomware, identity theft, denial-of-service attacks and other cyberattacks as proof that cybersecurity is a vulnerability, not the savior, for new innovation. Even as exciting advances occur in artificial intelligence (AI), autonomous vehicles, 5G networks, cloud computing, mobile devices and the Internet of Things (IoT), these same developments seem to cause negative societal disruptions that make daily news headlines.
So what will happen next with cybersecurity? What are the greatest threats for the coming year? What solutions will be most important? What data breaches or ransomware attacks or other threats will cause the most harm?
Predictions have it that most commonly, the 2020 elections in the US will be a target for attackers, as well as cloud attacks and an explosion of problems with deepfake technology. Some big security industry companies like Trend Micro, FireEye, WatchGuard Technologies, Forcepoint, McAfee, Kaspersky Labs, Fortinet and many others have given lists of their predictions about our cybersecurity future and the most common among them all were the following:
- Combining machine learning with statistical analysis to predict attacks by uncovering the underlying attack patterns of cybercriminals, thereby enabling an AI system to predict an attacker's next move, forecast where the next attack is likely to occur, and even determine which threat actors are the most likely culprits
- Geopolitics as a driver of cyber activity
- Cyber activity during the upcoming U.S. elections
- Cybercriminals will turn to blockchain platforms for their transactions in the underground
- 5G offers unprecedented data theft speeds
- Banking systems will be in the crosshairs with open banking and ATM malware
- Deepfakes will be the next frontier for enterprise fraud
- Ransomware shifts toward targeted threats
- Phishing attacks go beyond email
- Mobile malware attacks step up
- Cybercriminals will home in on IoT devices for espionage and extortion
- Critical infrastructures will be plagued by more attacks and production downtimes
- Serverless platforms will introduce an attack surface for misconfiguration and vulnerable codes
- Threat intelligence will need to be augmented with security analytics expertise for protection across security layers
We are witnessing today, in many regions of the world, international tensions mainly between Europe and Russia, the USA and China, not to mention the various conflicts in the Middle East and Africa. It is certain that, at a time when the States have already moved to cyberwar, geopolitical contexts will have an increasing impact in 2020 on the cybersecurity of companies, government organizations and critical or essential infrastructures. According to Kaspersky Labs, attackers will even seek to leave false traces to blame other countries for the attacks.
The world of cybersecurity will continue to consolidate as cyberprotections are showing up as a top priority in every other industry from finance to defense and from government elections to toys.
Numerous acquisitions were made in 2019. VMware bought Carbon Black, Microsoft took over Blue Talon, Broadcom swallowed Symantec, Cisco bought Duo Security, AT&T ate AlienVault, and so on.
For Lookout, the leader in securing the Post-Perimeter World, has in addition to acquisitions, partnered in new alliances such as the App Defense Alliance, which was launched at the end of 2019 to combat malicious applications on Google Play.
A new target, the drones
Drones, a new means of gathering information but also a new means of delivery, will interest cybercriminals. According to CyberArk, “In 2020, hackers will use the physical capabilities of drones to carry out attacks on a larger scale and in particular use them to collect data, for industrial espionage for example”.
IoT: an easy target
The IoT is also often pointed out as one of the future priority targets of cyber attackers. According to Forrester, “Cybercriminals will target an IoT device to obtain ransom from the manufacturer of the device (ransomware). This will require companies to exercise due diligence in assessing and managing the liability risk and security posture of suppliers who work with the products they choose to use”.
Security will be one of the major challenges of the 2020 Cloud
As NTT notes, “If companies use multiple data centers or hyperscalers, it is more difficult to apply standard, software-based security measures across the entire infrastructure.” The major players in the cloud are aware of this. AWS, Google and Microsoft have multiplied agreements with “security as a service” players such as Qualys, for example. Similarly, Microsoft has launched Azure Sentinel and Google has integrated Chronicle BackStory into GCP.
The DevOps chain really needs to switch to DevSecOps
This advice is given by several security editors, including TrendMicro, which sees in 2020 a resurgence of attacks on component vulnerabilities within containers.
According to Gartner, 99% of data security threats will come from vulnerabilities that companies are already aware of but never really considered and patched. A problem that is closely related to the fact that developers often use old versions of open source frameworks and never update them even when updating their applications.
Beware of configuration errors
Configuration errors are one of the attackers' gateways. Unfortunately, they tend to multiply with the increase of the attacking surface carried by still young technologies, therefore rather badly mastered, such as containers and Serverless.
Configuration errors will also be found in workloads placed in public clouds and remain the responsibility of companies. For many analysts, cloud operators will have to get involved and help companies to identify and correct these configuration errors.
Will companies become aware of training needs?
It is well known that the weakest link in any security chain is between the screen and the chair: the user. For Netwrix, "Organizations will make safety training an integral part of employee responsibilities. Faced with the problems of ultra-targeted attacks by increasingly sneaky and malicious emails, and faced with the ravages of ransomware whose attacks almost all start with an email, user training is obviously essential. It is not enough to simply provide training, but to offer regularly repeated awareness campaigns that are personalized to the company's context if we want to see these efforts bear fruit.
Not surprisingly, 2020 is shaping up to be an equally turbulent year on the cybersecurity front. The coming decade will see no less cyberattacks. On the contrary, it will see more cyberattacks, some of which will have more dramatic consequences. The French National Cybersecurity Agency’s (ANSSI) 2019 slogan has never been so topical: "all connected, all involved, all responsible...”.