During 2018 Cybersecurity trends were a blur of giant DDos (Denial-of-service) attacks, social engineering, malware and crypto mining. If you escaped unharmed, you should count yourself lucky but you are never safe. There is always room for progress on the Cybersecurity front.
The majority of organisations are trying to make progress. Spending on security solutions grew by 5% in 2018, according to ComputerWeekly. Although, the percentage of organisations that reported a data breach rose by 10%. Before you finalise your cybersecurity strategy for 2019, take a step back and consider what is coming for you.
Understand what’s on the threat horizon for 2019
Hackers are having a field day with your unsecured business routers and connected devices- IoT is bigger than ever. There was 35% growth in DDoS attacks in 2018, with the average attack size expanded by 500%. With Ransomware as a service (RaaS) epidemic continuing to rise, it’s a safe bet 2019 will see an ongoing trend towards higher-volume and higher- frequency DDoS threats.
When hackers aren’t trying to use your unsecured endpoints in these attacks, they’ll be investigating another easy position for data theft. A Threat Stack study revealed 73% of AWS cloud environments have at least one critical security misconfiguration. It’s also worth noting 28% of data breaches last year involved insiders, according to Verizon’s Data Breach Investigations Report.
Build out your 2019 Cybersecurity Strategy
Data breaches are more expensive than ever, compliance requirements are costly and customers have become more alert and aware of how their data is being managed and secured in today’s cybersecurity climate.
As a result of this, cybersecurity threats are finally getting the much needed attention they deserve. Whilst this trend will likely result in an increased budget and support, it also presents new challenges. Here are a few options for tackling those challenges:
Know what’s actually on your network
“Today, CISOs are desperate for solutions to secure existing endpoints,” said Head of Security Practice Michael Howard during the Black Hat security conference. “Many lack understanding of their current multivendor environment. They need vendor-neutral advice on basic best practices.”
The pressure is now on IT to catalog every single device on their network and to develop a comprehensive plan for securing them. Whilst this best practice sounds like a no-brainer, it’s difficult to do in an age when endpoints are multiplying in the form of mobile devices and IoT devices.
It is increasingly difficult to defend yourself against 10,000 invisible devices on your network. That’s a lot of open vulnerabilities leaving many endpoints unsourced. There are also risks that can’t be mitigated easily, including the biggest piece of malware on a company network-humans. To protect against human error and other risks within an organisation that are difficult to detect businesses must adopt smarter endpoint protection techniques. The first move towards the effective strategy is recognising key endpoints and assets that need secured – organisations need to understand the state of IoT security risks.
If your IoT devices have embedded security and analytical capabilities, you have an advantage when it comes to preventing cybersecurity threats turning into real cybersecurity incidents.
Learn business as as second language
IT professionals are now forced to collaborate with business leaders. A recent RSA study found that 70% of IT leaders believe that building relationships with different organisations can be challenging due to the different technologies, success metrics and terminologies that are used by the two teams.
The most-needed upgrade to your cybersecurity in 2019 may be as simple as improving communication and data dashboards that both sides find valuable.
What Cybersecurity Threats to watch out for in 2019
IT professionals are now forced to collaborate with business leaders. A recent RSA study found that 70% of IT leaders believe that building relationships with different organisations can be challenging due to the different technologies, success metrics and terminologies that are used by the two teams.
Innovation in the DDoS space
The rate of innovation within the DDoS space is worth keeping an eye on. Hackers are often finding new vectors, such as the recent rise of memcached attacks on open source of infrastructure software. During February 2018, it was marked as the first DDoS attack that was larger than one terabyte, and 2019 will likely host new vulnerabilities and new varieties of sophisticated DDoS attacks. Putting funding into the the unsecured IoT technology of your business could be a risky move. The Internet of Things (IoT): A New Era of Third-Party Risk reveals that nearly all respondents – 97 percent – believe that an attack related to unsecured IoT devices could be “catastrophic” for their organisation.
Artificial Intelligence
Researchers at BlackHat demonstrated how hackers can easily fool artificial intelligence with current methodologies. There is even a chance that robots could start to be hacked by the end of 2019. Adversarial attacks can alter the output of algorithms through feeding it “subtly altered images, sounds or objects that can trick AI without setting off human alarm bells.”
Critical infrastructure
According to the The 2018 Black Hat USA Attendee Survey 69% of BlackHat conference attendees believe it’s highly likely a successful attack on the USA’s critical infrastructure will happen within the next two years. Concurrently, the research shows that the less- skilled threat actors are beginning to use the tactics of nation-state cyber crime groups in order to target the enterprise. Researcher Jenifer Ayers tells DarkReading– “This also entails employing hands-on-the-keyboard tactics to break into the systems, steal credentials, conduct reconnaissance and move laterally.”
Prepare for the Cybersecurity trends of the future NOW
While 2019 could be the year that marks the arrival of entirely new categories of threats, it’s most likely going to be another year of the same types of cyber crime materialising at a slightly higher frequency and volume. The majority of hackers will continue to remix the same basic techniques for malware, hacking and social engineering. Employee errors and unsecured endpoints are most likely to continue to cost millions.
The largest challenges to your Cybersecurity strategy are within your organisation. In order to become resilient, you must understand what is happening on your network, fast-track mitigating vulnerabilities and communicate these risks to the board. With more secure communications such as Salt Communications, we can help you keep your organisation secure in 2019 and beyond.
If you would like to protect your organisation in 2019 consider Salt Communications. We understand the security of mobile communications in today’s global business environment is paramount, that’s why Salt Communications is built with the features and technology to keep your communications private and compliant.
If you have any questions about this article, please contact us on marketing@saltcommunications.com and we’d be happy to assist you in any way.
About Salt Communications
Salt Communications, ranked in the top half in the Cybersecurity 500, provides a fully enterprise-managed software solution that enables absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. The Salt Communications Desktop and Mobile apps are intuitive and easy to install and use. The Salt Communications Communication Manager provides a console for tight management of users and can be configured for the management of regulatory compliance. Salt Communications is headquartered in Belfast, Ireland, for more information visit saltcommunications.com.
