Contributed by Emma Megan
2018 has been a crazy year for technology as well as the Internet. It started with the announcement that Intel had substantial security flaws in their chip architecture. This was followed by GitHub being subject to a very vicious cyber-attack which completely shook the market. Furthermore, mobile phishing remained at an all-time high throughout the year as mobiles couldn’t provide the same level of security in comparison to other devices.
When we talk about anticipating the year ahead in terms of what is in store for cybersecurity we can take clues from the current year. The familiar forms of attack inflicted on businesses are likely to follow through in the next year as well. The largest potential breach occurred to the firm Exactis, the attack involved exposing around 340 million personal records
Beyond the all too common corporate attacks, 2018 also witnessed fast-paced activity across a range of victims and targets. In the world of social networking, Facebook admitted that cyber criminals stole information of 30 million users. Then there was the breach on Under Armour’s health tracker My Fitness Health which led to the information leak of 150 million people.
After the implementation of GDPR by EU a lot of businesses and large corporations have started to disclose breaches, revealing a list of vulnerabilities. Not only does it show that 2019 better be ready to make up for the shortage of skills in data protection from 2018, but that businesses will need effective measures that will help them keep up with this rapid change in technology again and again.
Regulation on Data Protection
It is predicted by experts that the European Union will punish a few companies that had violated the GDPR in order to make an example for others. With penalties overhead, corporations will take serious measures to protect their users and customers’ data.
It is believed that enforcement will be harsh in the first few months of 2019, in order to get everyone on the same page regarding cybersecurity. Hundreds of complaints have been filed against companies such as Google and Facebook, which demands not only a response but better cybersecurity operations. The coming year is all about the reactions to these compromises.
There is a rising concern about how companies protect or even use the users’ personal information. It is these users who are pushing every day to hold the companies with weak policies accountable. This number is growing day by day.
Microsoft Will Use ATP on All Mainstream Products
The Windows 10 Advanced Threat Protection is one service that lets anyone who has an E5 license to be able to see what an attacker does to the system. It relies heavily on telemetry. In 2019 the software company is expected to fortify its current efforts into building a security focused brand image. The company is using this method to strategize in getting more sales for the Windows products over its competitors by enhancing its security features.
Multi-Factor Authentication for Online Transactions
This may not be the perfect solution but websites will inevitably ditch the password access and go for the additional authentication process for users. It is possible that a lot of people will get frustrated from this lengthy process just to get access to the data or devices.
When you only use a password to authenticate you are still vulnerable to phishing. The unfortunate thing is if this does go into the implementation stage, every platform will be using a different authentication process and each one will just more tedious to use.
Targeted Spear Phishing
Attackers are aware that the more information they obtain from the user, the better they can build a phishing attempt against the user. In the coming year, this will only intensify, especially towards people who earnestly believe that since they have nothing to do with major tech in their work, nor do they keep client information they have nothing to fear.
Spear phishing is likely to rise on an all-time high. These are creepy tactics too, like lurking into your emails even your private ones. One place where this is most common is the mortgage wire scheme. This seems totally secure but it most certainly not. Most people wire their closing fees to the directions given by the mortgage agent’s email, hackers know this common practice and usually hack into the agent’s computers to get their client’s information. This is done so stealthily that even the agent is not aware that their information might be compromised. The hacker then sends the email to the client who unsuspectingly wires the whole amount.
Nations Will Attempt to Put into Place Cyber Warfare Rules
At the moment no such regulations are in place for a cyber-war and every year everyone in the tech industry expects this to change. Over the years it has been getting out of hand, making experts believe that the time is near when laws will be finally enacted. For example, North Korea hacked Sony Pictures, Russia hacked into industrial critical control systems and powerful nations play with the idea of malware to destroy nuclear equipment. Additionally, Nations will also increase their digital surveillance of their citizens to make sure that they have all the data required to protect the Governments main network.
With every attempt digital boundaries are pushed, there isn’t much time left when these lines are pushed back. The truth is that the resources for cyber criminals are increasing, even from the governments themselves, which will inevitably make the world notice the damage the attacks are inflicting on a global scale. This is exactly why national cybersecurity is now more important than ever.
Corporations will Require Masters in CSOs and CISOs
Cybersecurity training is continuously maturing every day. Mere certificates may no longer help professionals to become a fully qualified security expert as every emerging certification revolves around different IT aspects. Hence, people will start specializing in cybersecurity and will obtain the required qualifications and credentials.
Recently master’s degree in cybersecurity are being enlisted in disciplines around major schools like New York University and UC Berkeley. Soon more companies will need to hire CSOs and CISOs with good skills and a master’s degree to run their cybersecurity operations. Furthermore, this means that simply having a mere certificate will not suffice for the development of sound security networks.
It is safe to say that 2019 will be a monumental year in terms of how individuals, businesses and Governments approach cybersecurity. The past few years have induced a pivotal change in the perception of cyber-crimes and how important it is to take every security measure possible. Furthermore, 2019 will show the world how dedicated companies really are in protecting their user’s data and what kind measures they are taking to safeguard data. This outcry for cybersecurity will define the trajectory of 2019 in terms of cyber-crimes and data protection.
Emma Megan is a passionate tech and business blogger. She loves to get engaged with the readers who are seeking for technology and business related information on the internet. Currently, she is associated with a Virginia based Cybersecurity Company ‘Mars Technology’.
The opinions expressed within this article are the personal opinions of the author. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.