A robust cybersecurity plan has always been a moving target. Cyber defense professionals must adapt as the nature and scope of threats change -- what is effective today may not be sufficient in the future. When staggering breaches impacting the lives of millions become the new normal, it’s incumbent upon the industry to prepare for the challenges of the future.
In 2020 and the years to come, we see several developing tech trends that represent not only emerging cybersecurity threats, but emerging tools to combat them.
Inviting disaster with IoT
IT analyst forecast struggle to keep up with the dramatic rise in cybercrime from all fronts. In particular, the deployment of billions of under-protected Internet of Things (IoT) devices represents a continual, growing threat. While IoT has demonstrated the ability to augment supply chain networks and provide companies with valuable, real-time metrics, we’ve seen the same technology put to questionable use in domestic appliances like refrigerators, thermostats and even door locks. Each of these devices represents a potential vector of attack and must be rigorously accounted for by cyber professionals.
Malware on the move
The existence of malware as a threat solely confined to an organization’s PCs and laptops is over. We’ve seen the focus of malware shift to phones and other mobile devices. The sheer size of the app stores on the major mobile ecosystems makes it all but impossible to vet every mobile app for threats. Recently, cyber professionals have encountered malware that spreads through SMS text messages. These attacks will only become more sophisticated, demanding heightened vigilance.
Better tech for a pinpoint focus on cyber risk management
Based on available data, both annual cybercrime damage costs (which is measured in trillions) and cybersecurity spending (which are measured in hundreds of billions) are increasing year over year. One of the reasons that organizations keep spending more while losing more is due to a poor risk management. The ability to measure risk and organization performance has always been at the heart of effective management, underlying decisions about how to allocate resources, which practices to employ and whom to reward.
In 2020 and beyond, we’ll see a proliferation of artificial intelligence and machine learning technologies which help decision makers understand risks in dollar terms. These tools allow organizations to focus on the most significant losses, prioritize security investments based on a return on risk reduction, and enable both business and technical stakeholders to make well-informed decisions about cyber risk. These technologies will help in shifting from a compliance driven “shotgun” cybersecurity to a value driven “pinpoint” cybersecurity using technologies that help quantify cyber risk and identify optimal mitigation strategies.
While cybersecurity threats continue to evolve, cyber defense professionals are developing technology and processes to change the rules of engagement in their favor. Any business or organization would do well to familiarize themselves with these tools to prepare for the future.
Published on August 23, 2019