The top cyber security trends that will shape 2020
As we embark on a new year, it’s normal to think about what the future will have in store for us. From a cyber-security perspective, there are a lot of conversations about what will be. What are the big technology trends and what risks will they pose? Will attackers be all about new technologies like AI and biometrics or will the focus be more on infiltrating conventional systems in new and innovative ways? What will the attack vectors be? Will traditional attack methods continue to reign supreme or will new approaches emerge?
As we head into a new decade, there’s no doubt that attackers will try to use innovation against us but determining where they will focus is always a challenge. Here are the top security trends CyberArk believes will impact both businesses and consumers in 2020:
1. Drones open up a new pathway for intelligence gathering:
To date, the security concern around drones has mostly been focused on the physical damage that could be perpetrated by nefarious actors, including nation-states. In 2020 we could start seeing attackers focus more on what drones know and how that information can be exploited for intelligence gathering, corporate espionage and more. While it’s true that drones have the potential to do physical damage, the longer-term opportunity for attackers is to use drones as another pathway to steal – and manipulate – sensitive information.
Goldman Sachs recently predicted that businesses will spend more than US$ 17 billion (£12.8 billion) in the next five years on drone functionality. With an emphasis on innovation and development, these devices need to be treated as any other IoT device, with software that gathers and stores sensitive information that needs to be protected.
Organisations need to consider who has the ability to control the drone’s activities, what information the drone is storing, how access to that information is being managed and monitored, and ultimately who owns responsibility for securing it. These questions will need to be addressed by the creation of a security framework that can help mitigate emerging security risks and potential regulatory and compliance challenges.
2. The butterfly effect of ransomware:
In the first nine months of 2019, reports indicate there were between 600 to 700 ransomware attacks on government agencies, healthcare providers and schools in the US alone. Cities and public sector organisations around the world have faced a steady barrage of ransomware attacks, with momentum continuing to build heading into 2020. With the goal of these attacks aimed at disruption and destabilising systems, cities and towns in particular will need to elevate their approach to cyber-resiliency.
The constant bombardment will have a butterfly effect; its impact will reach far beyond what we’ve seen to date.
* Attacker Innovation shifts to the cloud:
The absence of spectacular ransomware attacks like Petya doesn’t mean attackers have stopped investing in malware. They’re just shifting their focus. In many ways attackers subscribe to the "if it ain’t broke don’t fix it" mentality. The malware families that have been around for years still work, and are effective for many reasons, mostly because many organisations still neglect to adhere to basic patching practices.
That said, attackers keep looking for new ways to monetise their assaults. If they’ve got malware that is steadily performing in Windows environments, what’s the next target? Wanting access to a greater diversity of systems, including cloud environments and containers, we’ll begin to see innovation in ransomware that focuses more on Linux to take broader advantage of digital transformation trends.
* Cyber-insurance gold rush fuels ransomware attacks:
Despite government warnings not to pay the ransom in ransomware attacks, more organisations are turning to cyber-insurance to protect their assets and uptime. CyberArk expects to see a significant increase in the number of entities buying cyber-insurance, making it one of the fastest-growing markets related to cyber-security. In fact, cybe- insurance is projected to be a US$7 billion (£5.3 billion) market in the US alone. However, this investment in "protection" is having a contrary effect – and will drive even greater waves of attacks.
Attackers will target organisations with cyber-insurance because of the high likelihood of getting paid. This is because insurance companies weighing the cost benefits of a payout will often choose to do so if the cost of the ransom is less than the cost of downtime needed to rebuild a network. Ultimately, this gold rush will benefit attackers – tilting the power in their direction, fueling resources and spurring the need for policy changes and disruption across the insurance industry.
3. Election security: Cyber-attacks as a disenfranchisement mechanism:
Election security is a hot topic for democracies everywhere. While much of the discussion tends to focus on disinformation campaigns, including the use of deep fake technology to influence opinion, attacks will evolve to have a broader disruption theme that goes beyond media. Beyond ballot box tampering, it’s important to consider the broader impact of disruption and disenfranchisement.
Attackers have repeatedly demonstrated skill at causing disruption – when it comes to impacting democracy, we could see disruption come in many – even seemingly disconnected – forms. We’ve considered the impact of stalling major transportation systems – like buses and trains – in major metropolitan areas that could keep citizens from safely getting to the polls. A sequencing of these attacks that impact core infrastructure – halting transportation, shutting down the electrical grid or launching an attack on voter registration databases – can have a domino effect and impact the ability for the voting system to operate consistently with trust and reliability.
4. Biometrics creating a false sense of security in the enterprise:
With biometric authentication becoming increasingly popular, we’ll begin to see a level of unfounded complacency when it comes to security. While it’s true that biometric authentication is more secure than traditional, key-based authentication methods, attackers typically aren’t after fingerprints, facial data or retinal scans. Today, they want access that lies behind secure authentication methods.
So, while biometric authentication is a very good way to authenticate a user to a device, organisations must be aware that every time that happens, that biometric data must be encrypted and the assets behind the authentication are secure. Even more importantly, the network authentication token that’s generated must be protected. That token, if compromised by attackers, can allow them to blaze a trail across the network, potentially gaining administrative access and privileged credentials to accomplish their goals – all while masquerading as a legitimate, authenticated employee.
source scmagazineuk
Industry: Cyber Security News
Latest Jobs
-
- Senior Client Microsoft Security Delivery Consultant - Hybrid (London | Remote)
- London
- N/A
-
Senior Client Microsoft Security Delivery Consultant - Hybrid (London | Remote) We are seeking an experienced technical Security Consultant to help clients deploy and enhance their cyber defences across Microsoft and vulnerability management technologies. You will work with enterprise customers to deliver tailored solutions across threat detection, endpoint protection and exposure management, ensuring security platforms are efficient, integrated and aligned with operational goals. Whilst you won't do the design yourself- you will work alongside technical Presales to document, agree and then deliver the solution. You will have experience leading delivery the implementation and improvement projects, providing hands-on support with configuration, integration and optimisation. You will assess existing environments, recommend enhancements and guide clients on best practice to strengthen visibility and control. Strong experience with SIEM, XDR and vulnerability tooling (Microsoft & Tenable ecosystems ideal) Understanding of Azure security, identity and access controls Background in consulting or project-based cyber delivery Clear communication skills with the ability to engage senior stakeholders Extra points if you have the SC-100. You must be eligible to achieve UK Security Clearance to be considered for this role.
-
- Account Director | Cyber Security Consulting | UK - South East
- London
- N/A
-
Account Director | Cyber Security Consulting - Financial Services | UK - South East. New Role due to Growth We are looking for an experienced Account Director to develop and expand existing relationships across the financial services sector, working with investment firms, asset managers, private equity groups and strategic partners to deliver intelligent cyber consulting and a bespoke Cyber product offerings. You will act as a trusted advisor, helping organisations strengthen digital resilience, manage third-party and regulatory risk and adopt a proactive approach to cyber assurance. Key Responsibilities Manage a defined portfolio of financial clients, understanding business priorities and aligning tailored cyber solutions. Drive new client engagement while nurturing existing partnerships through a consultative, long-term approach. Present the benefits of advanced cyber services including threat intelligence, vulnerability management, incident readiness, and continuous risk monitoring. Collaborate with technical and delivery teams to ensure smooth engagement from proposal through to implementation and ongoing support. Prepare proposals, negotiate commercial terms, and clearly articulate value and business outcomes. Build trusted relationships at senior and board level. Ideal Profile Strong background in cybersecurity, consulting, or risk management within financial services. Skilled communicator with proven success managing and growing key accounts. Able to translate complex technical insight into commercial and strategic value for clients. Confident engaging with senior stakeholders and decision makers. Please note: Sponsorship is not available.
-
- SOC Analyst- Level 2- Hybrid Greater London
- London
- N/A
-
SOC Analyst- Level 2- Hybrid Greater London New opportunity created through continued growth. We’re looking for a SOC Analyst (Level 2) to strengthen a growing managed security team. You’ll work hands-on with Microsoft Sentinel and Defender XDR, investigating alerts, responding to incidents, and helping improve how clients stay protected. This role is ideal for someone who enjoys unravelling security events, thinking critically under pressure, and making a real difference day to day. What you’ll do · Investigate and respond to security activity across SIEM and endpoint tools · Analyse network and log data to uncover real threats · Support automation initiatives to streamline response processes · Help maintain visibility, data flow, and performance across SOC platforms What you’ll need · Practical experience using Microsoft Sentinel and Defender XDR · Confident working with KQL or similar query languages · Understanding of attacker tactics and response techniques · SC-200 certifications would be nice. · Experience supporting multiple customer environments Please note: Sponsorship is not available.
-
- Senior SOC Engineer - UK - New role due to growth
- London
- N/A
-
Senior SOC Engineer – New role due to growth We are hiring a Senior SOC Engineer to take the lead across security operations for a growing managed service. You will lead detection, response and onboarding activity across multiple clients, helping shape how the SOC evolves. Expect variety; from fine-tuning alerts and threat hunting to supporting customers and mentoring junior analysts. What you’ll bring · Strong experience across SIEM, EDR, and threat detection tools · Confident working with customers in a managed service environment · Skilled in scripting or query languages such as KQL or PowerShell · Knowledge of frameworks like NIST, ISO27001, MITRE ATT&CK · Calm communicator with a problem-solving mindset · Experience with Azure Lighthouse or delegated access models · Prior involvement in automation or SOC improvement projects Location: South East England- Hybrid role Please note: Sponsorship cannot be offered now or in the future.