Last year data privacy regulators dived deep into investigating organizations that were breached or exposed customer data. The key finding in most of the cases was that failed Cyber Security protocols were at the root of data breaches, ransomware and supply chain attacks.
It was predicted since 2016 that cybercrime will be the greatest threat to every company in the world and will cost the world $6 trillion annually by 2021. We have developed a list of Cyber Security predictions to ensure our business partners are fully prepared for 2020.
Cybersecurity Predictions for 2020:
1.) Advanced Cloud Security - In 2020, major cloud security threats such as data breach, insecure APIs, advanced persistent threats (APTs), etc., will continue to pose a threat. Vendors and security providers will need new, expanded and renewed thinking on how to collectively approach security. We recommend that they follow a security approach which aims at real-time assessment of risks, strong access policies, sophisticated access management strategies, vulnerability management and technologies to deal with these data breaches
By 2023, most security compromises over the cloud will be drilled down to organizations’ failure to apply basic security controls, not the cloud service providers. The most important thing that organizations must perform is to identify vulnerable hosts in the cloud environment.
2.) Threat Intelligence – Innovation must be a major focal point for organizations in 2020. Unfortunately, the past few years have witnessed greater innovation and creativity in attack methodologies being demonstrated by threat actors. Organizations need to ensure in 2020 that innovation comes from the good guys; we cannot let the bad guys have the lead. For us to defend, we need to get ahead of the threat.
3.) Increasing Significance of General Counsel and Cyber Security Collaboration – The functional role that the General Counsel (GC) plays in an organization’s Cyber Security program, from inception to closure, has seen a dramatic evolution in recent years. We expect this trend to continue well into 2020 and beyond. General Counsel must be rooted at the heart of any organization’s Cyber Security program, partnering closely with key stakeholders, with a sharp focus on educating the Board and working with them to avert and evade cyber-attacks.
4.) Lack of Experienced Cyber Security Talent -The Cyber Security industry has long been plagued by the dearth of qualified and experienced talent. Organizations face challenges largely in acquiring and retaining talent. While a lot of positive developments have been witnessed in recent years, ranging from the incorporation of Cyber Security Masters and PhD programs across academic institutions worldwide, and the introduction of different Cyber Security certifications, we anticipate the trend of skills shortage to continue well into 2020.
5.) IOT Cyber Attacks- By changing the existing IoT architecture of enterprises, new threats will appear and prevailing threats will be enhanced. Gartner forecasts that 8.4 billion connected IoT devices will be in use worldwide in 2017. This is up 31% from 2016 and will reach 20.4 billion by 2020. Intelligence on exploiting vulnerabilities affecting IoT devices is readily available and with the increasing number of IoT devices, there is bound to be an increased number of attacks on them.
To become more security mature in 2020, organizations need to understand how they’re potentially susceptible to an attack and what the implications of those attacks may be, so they can ultimately determine how to best defend themselves. They must understand their assets. They must understand their technology, know where their applications live, know where their infrastructure lives, understand their third-party risk, be capable of determining where all their egress points are, and so on.
– 2020 official annual cybercrime report
– 2019 official annual cybercrime report
– Gartner Press release 2017