Corporate Cybersecurity Now: 10 Things to Know in the Next 10 Months—and Beyond
January 31, 2019
Corporate Cybersecurity Now: 10 Things to Know in the Next 10 Months—and BeyondDownloads
In the fast-moving world of cybersecurity, predicting the full threat landscape is near impossible. But it is possible to extrapolate major risks in the coming months based on trends and events of last year. Here’s what organizations must be aware of to be prepared.
In 2018, cyber-related data breaches cost affected organizations an average of $7.5 million per incident—up from $4.9 million in 2017, according to the U.S. Securities and Exchange Commission. The impact of that loss is great enough to put some companies out of business.
As remarkable as that figure is, associated monetary costs do not include the potentially catastrophic effects a cyberattack can have on an organization’s reputation. An international hotel chain, a prominent athletic apparel company and a national ticket distributor were just three of several organizations that experienced data breaches in 2018 affecting millions of their online users—incidents sure to cause public distrust. It’s no coincidence that these companies were targeted—all store valuable user data that is coveted by hackers for nefarious use.
These events and trends should serve as eye openers for what’s ahead this year, as malicious actors are becoming more sophisticated and focused with their attacks. Consider these 10 predictions over the next 10 months:
1. With more data moving to the cloud, cloud services will become a prime target for hackers
Organizations are rapidly migrating to the cloud to take advantage of its organizational benefits such as cost savings, increased productivity, etc., and to store sensitive data. However, this migration is happening at a speed that often surpasses the security controls required to secure that data. Additionally, organizations often make the fatal flaw of blindly agreeing to the cloud provider’s terms without doing their due diligence to determine if proper security protocols are in place, which they often are not. This combination of risky practices means that attacks on the cloud can be expected to increase.
2. Artificial intelligence will help and hurt
Both attackers and defenders will increasingly leverage artificial intelligence (AI) to fuel their purposes. Hackers can use advancements in AI to scan networks for vulnerabilities, automate phishing attacks and conduct large-scale social engineering attacks to propagate the spread of "fake news." Conversely, AI can be used to prevent potential breaches by automating the detection process. Humans can only handle so many alerts at once. AI can make the threat detection process more efficient, helping combat the nonstop barrage of threats that organizations face.
3. Cryptocurrency mining will continue to be a threat
As long as attackers can make quick cash from cryptocurrency mining, infections that support this theft will continue. According to McAfee Labs, in 2018 the number of devices infected with a cryptocurrency miner increased by 4,000 percent. Criminals have been targeting those who use vulnerable routers or Internet of Things (IoT) devices, such as IP cameras or video recorders because they often lack robust security. This trend is expected to continue upward as more devices come online. There were an estimated 23 billion IoT connected devices worldwide in 2018; that number is expected to reach nearly 31 billion by 2020.
4. 5G will make the existing IoT problem worse
With the escalating rollout of the 5G network this year, the attack surface the hackers can target is expected to expand. A new network means new architectures, which creates new vulnerabilities for malicious actors to exploit via IoT devices that were not built with security in mind.
5. State-sponsored espionage will increase, with continued impacts across the supply chain
Compromises in the supply chain will lead to more state-sponsored spying, which in turn will lead to increased concerns for businesses responsible for technology development and manufacturing. These threats may force companies to change their production strategies or reduce outsourcing in order to shrink their supply chain and thus reduce risk exposure.
6. Cyber risk insurance will become more necessary
Cyber insurance coverage will grow considerably as companies rely on it as a necessary risk management tool in the face of increased, large-scale breaches. However, policies are evolving to require organizations to first implement certain controls prior to insurers underwriting their risk. The days of being insured with low premiums despite a weak security posture may soon be numbered. Growing data privacy regulations (see 7 below) that are coming into full force will also drive organizations to purchase cyber insurance plans.
7. Increased potential for new legislation, regulation and oversight
Growing data privacy and cybersecurity concerns may lead to more legislation, regulation and oversight this year. With the implementation of the General Data Protection Regulation (GDPR) in the European Union, other countries have started to follow suit, leading to an expanded need for companies to bolster their cybersecurity infrastructure and policy. Combined with individual states enacting legislation (e.g., the California Consumer Privacy Act of 2018), this has created a sense of urgency in the U.S. to advance data privacy legislation. It’s likely no new controls will be enacted in 2019, but discussion of data privacy at the national level is sure to continue.
8. Two-factor authentication will begin to evolve to multi-factor
Malicious actors are increasingly figuring out how to exploit vulnerabilities in the two-factor authentication process. As a result, two-factor will evolve to multi-factor authentication, which will be a significantly more common solution for most online services. Various other methods of user verification may also expand.
9. Hacktivism will rise
Due to increased global political and economic discord, activity from hacktivists will increase. In the past, hacktivists relied mostly on disruptive-style attacks, such as distributed denial-of-service (DDoS) attacks to send messages during times of political and economic upheaval. However, over the past few years sophisticated tools and techniques have made their way into commodity-grade ransomware attacks. The commoditization of weapon-grade cyber tools and techniques, combined with the effects of rising political tensions and economic downturn, will open the door for cyber-activists and disgruntled citizens to leverage destructive attacks.
10. “Deepfake” video and audio editing will increase
This style of deceptive media has the potential to create serious harm by portraying people of significance doing or saying things they didn’t actually do or say. The realistic nature makes it difficult to detect reality and it can be even harder to prove its illegitimacy. Whether the intention is for financial gain like blackmail or to alter society’s view with fake political messages, the use of “deepfake” media is expected to cause turmoil in 2019.
Malicious actors are always looking for new ways to infiltrate networks, steal data, further their political cause or simply make money. As a result, defenders cannot assume that last year’s threats will remain static. Focusing on known vulnerabilities will leave an organization susceptible to an unexpected attack. Cybersecurity is an ongoing process that will never be perfect, but taking a proactive approach to ensure that holistic, intelligence-led programs are in place is an effective cyber risk mitigation practice that will bolster a resilient 2019 and beyond.
© Copyright 2019. The views expressed herein are those of the author and do not necessarily represent the views of FTI Consulting, Inc. or its other professionals.
About The Journal
The FTI Journal publication offers deep and engaging insights to contextualize the issues that matter, and explores topics that will impact the risks your business faces and its reputation.
January 31, 2019
Senior Managing Director, Global Head of Cybersecurity