In this increasingly critical picture, companies try to understand how to best protect themselves from the increasing volume and complexity of cyber attacks. Let’s see together the 7 trends on cybersecurity to keep an eye on with regard to computer security this year.
Cybersecurity experts from around the world have predicted that the devastating effect of cybercrime costs will reach $6 trillion by 2021, unless appropriate measures are taken. In this increasingly critical situation, governments and above all companies try to understand how best to protect themselves from the increasing volume and complexity of cyber attacks.
Following are 7 trends to keep an eye on for computer security this year.
1) GDPR and privacy
Data protection is a critical concern in an increasingly digital world and May 25, 2018 is a turning point for data protection in all over the world. It marks the end of the transitional period for the EU General Data Protection Regulation (GDPR) as it becomes applicable by law. Failure to comply could result in fines of up to 4% of global business turnover, a significant amount that requires attention.
2) Internet of Things and botnets
In 2016, Mirai demonstrated that Internet of Things (IoT) devices can actually be used as botnets. Today, product development, time to market considerations and technical power constraints leave IoT devices exposed to critical vulnerabilities. The impact of data breaches now also extends to these systems as they are directly connected to the network. It is widely accepted that the state of IoT security is poor. A real risk given the forecasts that provide over 500 devices connected in our homes by 2022.
3) Industry 4.0, new sector susceptible to cyber attacks
Industry 4.0 is already transforming industry and global infrastructure, promising greater efficiency, productivity and security. Competing means moving process equipment online, often exposing component vulnerabilities to computer attacks unintentionally. Production facilities are containers that are rich in intellectual property, trade secrets and engineering information. The attacks on public infrastructure are motivated by financial gain and hacktivism.
4) Time the worst enemy of security
Recent cyber attacks on high-profile organizations are proving that, against sophisticated cybercriminals, preventative controls alone are not enough. Today, an average of 191 days is required to detect a data breach. The longer it takes to detect and respond to threats, the greater the financial and reputational damage done to the organization by the accident. Due to the tremendous growth of data from security registries, technology limitations, the ineffective use of threat intelligence, the inability to monitor IoT devices and the lack of IT security talent, organizations are exposed to expensive parking times.
5) The role of Artificial Intelligence
As organizations undergo a digital transformation, there is a growing volume of increasingly sophisticated and persistent cyber attacks. Malware is becoming increasingly intelligent, able to adapt “intelligently” and circumvent traditional detection measures. With a global shortage of IT security talent, organizations are losing the cyber-powered race. The volume of security data far exceeds our legacy capacity to use it effectively, leading to an increasing number of use cases of computer security enabled by Artificial Intelligence, as this technology allows us to:
- accelerate the detection and response of incidents;
- better identification and communication of risks for the company;
- provide a unified view of the state of security within the organization.
6) Password replaced by biometric authentication
Our digital lives are governed by a complex network of online apps, each of which requires a username and password to control access. To protect the data behind these apps, select dark and complex passwords and change them often is a good practice, but also quite rare. With exponential improvements in computing power and easy access to many of them in the cloud, the time it takes to hack passwords is rapidly shrinking. What took almost 4 years in 2000 now takes only 2 months. As a result, it is increasingly common to meet biometric authentication (facial, fingerprint, diaphragm and voice) included in mobile devices, tablets and laptops everyday, as well as physical access and online services.
7) The industries most affected: health and energy
Most cyber attacks undertaken by criminal organizations are motivated by money. The value of the information on the deep web varies according to demand, availability, completeness and the ability to reuse. As a result, personal health and financial information is highly sought after. Medical records can yield up to $1,000, depending on how complete they are. Other cyber attacks have political and national motives, here the breakdown of critical services through attacks on the energy sector is a key risk in 2018; as evidenced by the recent news of the Russian hacker campaign against the US power grid, which is suspected has been going on for several years.