The top cyber security trends that will shape 2020
As we embark on a new year, it’s normal to think about what the future will have in store for us. From a cyber-security perspective, there are a lot of conversations about what will be. What are the big technology trends and what risks will they pose? Will attackers be all about new technologies like AI and biometrics or will the focus be more on infiltrating conventional systems in new and innovative ways? What will the attack vectors be? Will traditional attack methods continue to reign supreme or will new approaches emerge?
As we head into a new decade, there’s no doubt that attackers will try to use innovation against us but determining where they will focus is always a challenge. Here are the top security trends CyberArk believes will impact both businesses and consumers in 2020:
1. Drones open up a new pathway for intelligence gathering:
To date, the security concern around drones has mostly been focused on the physical damage that could be perpetrated by nefarious actors, including nation-states. In 2020 we could start seeing attackers focus more on what drones know and how that information can be exploited for intelligence gathering, corporate espionage and more. While it’s true that drones have the potential to do physical damage, the longer-term opportunity for attackers is to use drones as another pathway to steal – and manipulate – sensitive information.
Goldman Sachs recently predicted that businesses will spend more than US$ 17 billion (£12.8 billion) in the next five years on drone functionality. With an emphasis on innovation and development, these devices need to be treated as any other IoT device, with software that gathers and stores sensitive information that needs to be protected.
Organisations need to consider who has the ability to control the drone’s activities, what information the drone is storing, how access to that information is being managed and monitored, and ultimately who owns responsibility for securing it. These questions will need to be addressed by the creation of a security framework that can help mitigate emerging security risks and potential regulatory and compliance challenges.
2. The butterfly effect of ransomware:
In the first nine months of 2019, reports indicate there were between 600 to 700 ransomware attacks on government agencies, healthcare providers and schools in the US alone. Cities and public sector organisations around the world have faced a steady barrage of ransomware attacks, with momentum continuing to build heading into 2020. With the goal of these attacks aimed at disruption and destabilising systems, cities and towns in particular will need to elevate their approach to cyber-resiliency.
The constant bombardment will have a butterfly effect; its impact will reach far beyond what we’ve seen to date.
* Attacker Innovation shifts to the cloud:
The absence of spectacular ransomware attacks like Petya doesn’t mean attackers have stopped investing in malware. They’re just shifting their focus. In many ways attackers subscribe to the "if it ain’t broke don’t fix it" mentality. The malware families that have been around for years still work, and are effective for many reasons, mostly because many organisations still neglect to adhere to basic patching practices.
That said, attackers keep looking for new ways to monetise their assaults. If they’ve got malware that is steadily performing in Windows environments, what’s the next target? Wanting access to a greater diversity of systems, including cloud environments and containers, we’ll begin to see innovation in ransomware that focuses more on Linux to take broader advantage of digital transformation trends.
* Cyber-insurance gold rush fuels ransomware attacks:
Despite government warnings not to pay the ransom in ransomware attacks, more organisations are turning to cyber-insurance to protect their assets and uptime. CyberArk expects to see a significant increase in the number of entities buying cyber-insurance, making it one of the fastest-growing markets related to cyber-security. In fact, cybe- insurance is projected to be a US$7 billion (£5.3 billion) market in the US alone. However, this investment in "protection" is having a contrary effect – and will drive even greater waves of attacks.
Attackers will target organisations with cyber-insurance because of the high likelihood of getting paid. This is because insurance companies weighing the cost benefits of a payout will often choose to do so if the cost of the ransom is less than the cost of downtime needed to rebuild a network. Ultimately, this gold rush will benefit attackers – tilting the power in their direction, fueling resources and spurring the need for policy changes and disruption across the insurance industry.
3. Election security: Cyber-attacks as a disenfranchisement mechanism:
Election security is a hot topic for democracies everywhere. While much of the discussion tends to focus on disinformation campaigns, including the use of deep fake technology to influence opinion, attacks will evolve to have a broader disruption theme that goes beyond media. Beyond ballot box tampering, it’s important to consider the broader impact of disruption and disenfranchisement.
Attackers have repeatedly demonstrated skill at causing disruption – when it comes to impacting democracy, we could see disruption come in many – even seemingly disconnected – forms. We’ve considered the impact of stalling major transportation systems – like buses and trains – in major metropolitan areas that could keep citizens from safely getting to the polls. A sequencing of these attacks that impact core infrastructure – halting transportation, shutting down the electrical grid or launching an attack on voter registration databases – can have a domino effect and impact the ability for the voting system to operate consistently with trust and reliability.
4. Biometrics creating a false sense of security in the enterprise:
With biometric authentication becoming increasingly popular, we’ll begin to see a level of unfounded complacency when it comes to security. While it’s true that biometric authentication is more secure than traditional, key-based authentication methods, attackers typically aren’t after fingerprints, facial data or retinal scans. Today, they want access that lies behind secure authentication methods.
So, while biometric authentication is a very good way to authenticate a user to a device, organisations must be aware that every time that happens, that biometric data must be encrypted and the assets behind the authentication are secure. Even more importantly, the network authentication token that’s generated must be protected. That token, if compromised by attackers, can allow them to blaze a trail across the network, potentially gaining administrative access and privileged credentials to accomplish their goals – all while masquerading as a legitimate, authenticated employee.
Industry: Cyber Security News
- DevSecOpp- Security design / review consultant. SC Clearance. London
CH7838 London £70,000 DevSecOpp- Security design / review consultant. DevSecOpp- Security design / review consultant will ensure that newly created, public facing apps are secure by design and by default by aligning them to current / best practice security policies and standards into the design phases. The individual must have a technical software / application development background with specalist experinece in secure architecture design. (Frameworks, processes, best practice etc) Practical experience translating and ensuring that the OWASP top 10, ISO27001, HMG frameworks requirements are reviewed and embedded into project designs which are implemented is essential. Experience working projects through a full development lifecycle is key. You will work along side the design and project teams to idenitfy and mitigate risks throughout the design phases. This is a permanent role. SC clearance is essential as is the ability to get to the London office. (When appropiate #covid) Security DevSecOps consultant. To arrange a discreet call book via https://calendly.com/chris-holt/devsecopp--security-design-review-consultant
- SPLUNK SOC Analyst level 3, London.
SPLUNK SOC Analyst level 3, Must be able to commute to the City of London. Onsite role. Security clearance needed. The SPLUNK SOC Analyst level 3 must have current experience working within a SOC environment with specific experience using a range of tools and techniques to investigate security incidents. Current experience with Splunk is essential. any additional experience Individuals with Elastic Security SIEM are highly desirable. Any of the following certifications are desirable Splunk Phantom certified admin, Splunk Core Certified Power User / Advanced, Splunk Certified Enterprise Security Admin, etc The role will include, but not be limited to working with sophisticated information security tools, investigating security incidents, incident management, technical escalation, process improvement, research into the latest threats, reporting etc The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt https://calendly.com/chris-holt/arranged-call-with-chris-holt-elastic-siem-engineer-soc Chris.Holt@dclsearch.com
- ISO 27001 & Business Continuity Security Specialist, End User
- United Kingdom
CH7828 ISO 27001 & Business Continuity Security Specialist, End User, £70,000 United Kingdom ISO 27001 & Business Continuity Security Specialist needed to join a Cyber team within an end user. The ISO 27001 & Business Continuity Security Specialist will have end to end responsibility for the information security and Business Continuity management system. ISMS/BCMS. Both from an information security and technical security perspective working alongside the CISO. Experience must include, but not be limited to; a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance. ISO 22301, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. Experience taking a company through accreditation is highly desirable Experience managing internal stakeholders, technical teams and external third parties essential Flexible working, very occasional travel to London office This is an exclusive role to DCL Search & Selection. Looking to interview immediately. https://calendly.com/chris-holt/iso-27001-business-continuity-security-specialis
- PCI- DSS Security Consultant, End User
PCI- DSS Security Consultant needed to join a Cyber team within an end user. The PCI- DSS Security Consultant will have end to end responsibility for PCI - DSS and its continuing certification. Both from an information security and technical security perspective working alongside the CISO. Experience must include, but not be limited to; a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance. PCI objectives / 12 key requirements, OWASP top 10, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. PCI Cloud compliance, specifically someone with experience taking PCI-DSS from on premise into the cloud is HIGHLY desired. However, someone with Solid PCI experience with a strong technical background which include Cyber / Secure by design etc would be considered. Experience managing internal stakeholders and external third parties essential. Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection. 1st stage interviews to happen the week of the 14th September Arrange a call with Chris on https://calendly.com/chris-holt/arrange-a-call-chris-dcl-pci-compliance