Get ready for consolidation risk, microbreaches, and other cybersecurity hazards, warn experts from Mimecast, the Cyber Resilience Think Tank.
Cyberthreats have become increasingly sophisticated –– the top threats predicted in 2020 include weaponized email attachments and links, ransomware, and banking trojans and other browser-based password hijackers –– as well as greater in scope. According to TechRepublic's Jack Wallen, businesses should be prepared for "an inordinate rise of security breaches, attacks, and incidents" in 2020 –– and guarding against them should be a top priority for the enterprise as the new decade begins.
Drawing from their collective insight as cybersecurity experts over the past decade, the Cyber Resilience Think Tank has published a new ebook, Commencing a New Decade: 2020 Predictions, which highlights areas of cybersecurity risks, as well as solutions, for 2020 and beyond. These trends include transformations of the SaaS, InfoSec and Application Security industries. The experts also address the particular challenges, and solutions, for enterprises that have not woven cybersecurity into their structure from the start.
Here are four major trends that are predicted to impact the cybersecurity industry, and why your business should pay attention:
1. DevOps and security efforts team up to fight threats
Although DevSecOps are often treated as an add-on, it is critical to integrate security into the push to release fast and reliable software. In 2020, the Cyber Resilience Think Tank reiterates the importance of strengthening this area. "Because of the constant iterations and improvements, security can no longer be an afterthought," the report reads. "DevOps teams are dependent on cloud deployments, which means that security must be top of mind at every stage of the application development process." The automation of security standards, however, presents a potential solution, however, according to Malcolm Harkins, chief trust and security officer at Cymatic.
2. Consolidation presents an increased risk of breach
In 2019, as the bigger players in security solutions absorbed smaller ones--resulting in a cohort of new players that have reached high positions. As the diversity of security technologies increases, so does the risk of a breach. A key solution is to plan ahead and build up defenses in the early stages--mergers and acquisitions--to prepare for future security risks.
"Most companies use M&A to buy growth and revenue, but traditional financial due diligence is no longer enough to ensure success," said Christina Van Houten, chief strategy officer at Mimecast. "Achieving a deep understanding of the technology and how it will function inside the broader ecosystem is critical."
SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic Premium)
3. Traditional pen testing will become obsolete
Traditional pen testing--which employs a multistep and multi-vector attack models to infiltrate applications and infrastructure--has been a reliable way to make vulnerabilities visible, and a critical element of cybersecurity plans. But it just won't cut it in 2020.
Attack simulation technology, on the other hand, can achieve the same results at a lower cost--especially as there is a lack of cybersecurity professionals available.
4. As technologies converge, the risk of microbreaches will spike
Microbreaches, or the tweaking of data that "can cascade throughout distributed IT environments" will also increase, due to the market consolidation in security. They are often elusive, since today's tools can monitor and create alerts--such as SIEMs, packet capture, netflows--but aren't sufficient to fight microbreaches in a distributed IT system. And since consolidation means increased complexity and a lack of integration, and increased vulnerabilities, expect that a spike in microbreaches will follow.
- Combating the coronavirus with Twitter, data mining, and machine learning (TechRepublic)
- How to track the coronavirus: Dashboard delivers real-time view of the deadly virus (ZDNet)
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- All the VPN terms you need to know (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)