“Top Trends in Cyber Security Trends for the Year Ahead.” (From our Forums.)
Text originally published by Samuel Gichichi on the Cyber Secure Central Forums.
Cybersecurity is crucial to any organization, and the landscape is always evolving. Ensuring vigilance is usually a game of whack-a-mole or cat and mouse. You must know your enemy, but that is not an easy task in this fast-paced world. There was a number of high-profile ransomware attacks and data breaches that rocked the corporate world last year. The amount of data stolen by cybercriminals could rise over the next few years. Couple this with the uncertainties in the global economy and the year ahead seems challenging for cybersecurity professionals.
The following are the cybersecurity trends that I believe will impact organizations of all sizes and cybersecurity professionals:
GDPR (General Data Protection Regulation) requires all businesses operating in the EU to protect personal data and privacy of EU citizens. Non-compliance penalties are huge, and GDPR takes a broad view of what personal data is, making this a potentially burdensome activity. To ensure compliance most organizations will have to adapt their procedures. Most of the organizations are, however, likely to be caught up and hence fined for non-compliance. Enterprises operating solely in the U.S. should adopt a proactive approach to data privacy. Will 2019 be the year we witness the adoption of comprehensive federal privacy law in the United States?
User Access Rights
Managing user privileges effectively is one of the keystones of a strong security profile. Granting users unnecessary system privileges or data access rights can lead to deliberate or accidental data misuse exposing the system to external attacks. Identify and Access Management (IAM) systems lead the way in countering this risk. IAM systems enable administrators to monitor and assess access to ensure compliance with corporate protocols and government regulations. Many solutions in this area are still new but are already proving valuable. More are expected to join their ranks this year.
Migration of computing solutions and service to the cloud has had numerous benefits to the enterprise. This has, however, opened up new areas of risk. There is a global shortage of cybersecurity skills, and a rising generation of cybercriminals are excitedly probing cloud-based services for vulnerabilities. Most organizations remain uncertain of the extent they are responsible for securing data. A breach in the protocol can comprise even the best system. There is a need to redefine cloud security and get proactive. Also, the demand for cybersecurity skills will continue to rise.
Ransomware and Cryptojacking
Although ransomware is declining, it has been replaced by cryptojacking to some extent. Cryptojacking is the hijacking of a computer to mine cryptocurrency. It uses similar tactics to ransomware but requires low-level expertise. Estimating the actual scale of the problem may prove difficult since the malware works in the background without the knowledge of the user, but evidence suggests it is on the rise.
Although the random low-level ransomware attacks are on the decline, the high-profile attacks witnessed last year suggests that sophisticated targeted attacks will be a problem for a while. Expect increased targeted ransomware and cryptojacking in 2019.
The content of this article does not reflect the official opinion of Cyber Secure Central. Responsibility for the information and views expressed in the article lies entirely with the author(s).