In a world that is increasingly getting connected digitally, where wristwatches to heart pacemakers tell the condition of the heart, refrigerators that order vegetables from shopping centers, the Internet is connecting everything, simply referred to as the Internet of Things (IoT). As more humans and things get caught in the web, there is an enormous flow of data zooming around every second. With data being the new gold, can thieves be far behind? Cybercrime is as old as the net. With the increasing usage of digital data, cybercrime is fast evolving by developing far more sophisticated means of attacks. Cyberwarfare has been described as the Fourth Generation Warfare. This brings a greater challenge for companies and the state to develop advanced tools for cybersecurity, and be one step ahead of the cybercriminals.
As we roll over to 2020 in a few months, based on the current vulnerabilities, and the pattern of attacks, here are a few trends to look out for in cybersecurity:
AI will play a major role in helping companies defend against cyber attacks. AI software can automatically detect and neutralize cyber threats before any harm is done. Attacks can be simulated on the network to detect vulnerabilities and fix them before they are exploited by hackers. Many companies are found to take at least 6 months to detect even major security breaches. Login details, credit card details, social security numbers are few of the sensitive data that are found to be compromised. A survey by IBM shows that most companies are unprepared for a cyber attack. To detect cyber breaches, companies will have to go in for more robust automated detectors using AI.
Enterprise Immune System developed by Darktrace, an AI company started in 2013, uses AI methodologies and status rules based on unsupervised machine learning. It treats any unusual occurrence in network traffic as a threat. Check Point, an Israeli cybersecurity company has developed three AI-based platforms to manage cyber threats. Symantec, a known anti-virus and firewall provider, has progressed to provide cybersecurity based on AI, with its Targeted Attack Analytics (TAA) tool. Absolute, Centrify, Cylance are few of the big players who are investing heavily in artificial intelligence to strengthen cybersecurity.
Some of the advantages of using AI are:
There are drawbacks of AI technology, as well.
An increase in Common Vulnerabilities and Exposures or CVEs is predicted in the coming years. CVE is a catalog of security threats. Vulnerability is a weak point in the software that can provide access to the entire network or system to an unauthorized person. Exposure is an issue that gives indirect access to an unauthorized person into the system. Human error accounts for 95% of cyber breaches.
Pankit Desai, Co-founder, and CEO of Sequretek, a leading cybersecurity firm, says the three legs of security are people, process and technology, out of which, people are the most critical element and that humans are the biggest malware.
Global giant IBM has identified automation as the next big step in cybersecurity. “Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident,” says Ted Julian, VP of product management and co-founder, IBM Resilient.
With growing threats to digital systems, there is an ever-growing demand for cybersecurity staff. By 2021, there will be 3.5 million vacant cybersecurity jobs worldwide. This is where automation can pitch in to reduce this pressure on human staff. A recent survey of more than 1400 IT security specialists by Ponemon Institute shows that 79% of respondents use automation tools, or plan to use within the next few years. The Ponemon report says that data breach by insiders is increasing in frequency and cost.
Automation helps in doing things such as:
As in the case of AI, the downside of implementing automation is the higher expenditure and training to the staff.
Forbes shows that while spending on cybersecurity was 11% in 2018, it is expected to rise to 59% by the end of 2019.
A report from International Data Corporation (IDC), a premier global provider of market intelligence, shows that investment in cybersecurity infrastructure is expected to be above $103 billion in 2019 alone, which is an increase of 9.4% of the 2018 spending. This rate of growth is anticipated to grow in the coming years to at least $6 trillion by 2021.
The March 2019 report of IDC says, “The three industries that will spend the most on security solutions in 2019 – banking, discrete manufacturing, and federal/central government – will invest more than $30 billion combined”.
Gartner, a leading research and advisory company, says that security is a crucial factor in cloud, IoT devices, and Software as a Service (SaaS) platform. Gartner predicts that subscription and managed services will represent 50% of security software by 2020.
One of the recent big attacks was in May 2017 by WannaCry ransomware. This affected about 100000 organizations in 150 countries in one day. Media reports say that ransom of more than $100,000 was paid by many companies to get their data released.
Ransomware is the digital equivalent of a kidnapper. It blocks access to our own data and demands a ransom to be paid in exchange for the release of the data. Ransomware attacks are declining in numbers since 2018, but they are expected to increase in their intensity, as they target specific businesses in the coming years, leading to higher financial losses. It has been estimated that there will be roughly 200 million connected devices by 2020. With the increase in usage of 4G and 5G devices and the rise of IoT, the number of consumers getting affected by ransomware attacks will increase in the coming years.
While ransomware locks the data from its user, Spywares infiltrate the system and steal data to be sent over outside the system. The recent attack in November by spyware, Pegasus, created by Israeli company NSO Group created a stir worldwide. On clicking a link, the spyware installs itself and gathers information from social networking applications such as Whatsapp, Telegram, Facebook, to name a few. The spyware is said to have snooped on activists and journalists, and the controversy over who how the leak happened continues.
Cloud computing cybersecurity risks are increasing with the adoption of cloud technology in many businesses. Cloud technology uses containers such as Dockers or Kubernetes, that can be replicated easily, expanding the attack footprint. A major concern of cloud security is data loss and leakage. These are due to the misuse of employee information, weak access control, unsecured interfaces, and misconfiguration of the cloud platform. To prevent the breaking of passwords and impersonation, biometric identification is gaining more interest. Ant Allan, Vice President Analyst, Gartner says, “By 2022, Gartner predicts that 60% of large and global enterprises, and 90% of midsize enterprises, will implement passwordless methods in more than 50% of use cases — up from 5% in 2018.”
Cloud security is a way of preventing attacks of data in the cloud. Some of the leading cloud security services are Symantec, Fortinet, Cisco Cloud, Hytrust, ScienceSoft, and Sophos.
The use of AI and automation tools, combined with increased awareness of accessing cloud securely, has to be emphasized in companies due to such weak areas, which are likely to be exploited more in the coming years.
2020 will see an increase in hackers using more sophisticated means of attack on software and hardware supply chain. Implanting malware in legitimate software, firmware, and hardware at vulnerable points such as third party locations, generating, packaging and distribution zones are the areas the hackers look for. These are the places where enterprises have to safeguard to block any threats from cyber attacks. The 2018 survey by Ponemon Institute points to the fact that 56% of organizations faced a breach due to one of their vendors. The risk is high due to the lack of awareness in this area. Peter Galvin, VP of strategy and marketing at Thales e-Security, warns about an increase in breaches as many companies do not understand the risks.
Artificial Intelligence + Automation = Cybersecurity
According to Gartner, by 2022, 50% of all Security Operations Centers (SOC) will transform into modern SOCs with integrated incident response, threat intelligence and threat hunting capabilities, up from less than 10% in 2015.
To summarize, Artificial Intelligence, automation, and stricter cyber laws are the major areas where organizations and the government have an eye for. India is working on a cybersecurity strategy policy, to be released in January 2020. State laws along with advanced technological tools will be the mechanisms that help guard against cyberattacks, in a world that is increasingly digital and data-driven by the day.