As companies adopt emerging technologies, the cyber risk landscape is set to grow larger in the new year, according to a Forcepoint report.
Connected systems are putting critical data and intellectual property at a security risk, according to Forcepoint's Cybersecurity Predictions Report, released Wednesday. By examining technology trends and the motivation behind cyberattacks, the report determined seven major areas of cybersecurity risk for 2019.
This past year saw several large-scale breaches, which greatly impacted user privacy, said the report. But in 2019, businesses can expect a number of advanced cybersecurity technologies to hit the market, offering new options for protection, according to the report.
SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)
"The cybersecurity industry and attackers expend efforts in a never-ending cycle of breach, react, and circumvent—a true cat-and-mouse game," Raffael Marty, vice president of Forcepoint's research and intelligence, said in a press release. "We need to escape this game. Researching these predictions forces us to step back and see the overall forest among the millions of trees. Cybersecurity professionals and business leaders need to adapt to changes based on the risk they represent, allowing them to free the good while still stopping the bad."
Here are the seven areas of cybersecurity risk for 2019, according to Forcepoint:
1. The Winter of AI? Promises of machine learning and artificial intelligence enthrall marketers and media alike. If AI is about reproducing cognition, does cybersecurity AI really exist? How will attackers capitalize on a slowdown of AI funding?
2. Industrial IoT Disruption at Scale. Attacks on consumer IoT are prevalent, but the possibility of disruption in manufacturing and similar industries makes the threat all the more serious. Meltdown and Spectre have given attackers a way to target hardware vulnerabilities—cloud infrastructure may be next.
3. A Counterfeit Reflection. As phishing attacks persist, "SIM Swaps" undermine the effectiveness of two-factor authentication (2FA). Biometrics offer additional security by using data more unique to each end-user, but newfound vulnerabilities in facial recognition software lead experts to put faith into behavioral biometrics.
4. Courtroom Face-Off. What happens when an employer sues an employee on grounds they purposefully stole data or caused a breach? Several cases have now found their way to high-level courts—including one very public incident at Tesla—publicly highlighting deficient cybersecurity measures. How might workplace monitoring help establish intent and motive?
5. A Collision Course to Cyber Cold War. A result of fracturing trust between world powers, trade embargos have dominated the media in 2018. Industrial espionage presents a way for nation-states to acquire new technology they would have otherwise purchased legitimately. How will organizations keep intellectual property out of the hands of nation-state-sponsored hackers?
6. Driven to the Edge. Consumers exhausted by breaches and abuse of their personal data have led organizations to introduce new user privacy needs inside of the services they provide. Edge computing offers customers more control of their data, but a lack of consumer trust may prevent any such benefit.
7. Cybersecurity Cultures That Don't Adapt Will Fail. No partnership ever takes place without due diligence, which until now, has not taken a partner's cybersecurity programs into account. The introduction of "security trust ratings" will indicate to potential partners how safe it is to permit suppliers to handle PII or other critical data. How would cybersecurity culture play a part in these ratings? How would they affect supply chains?
The big takeaways for tech leaders:
- 2018 saw many large-scale data breaches, but 2019 will shift to more widespread, integrated cybersecurity concerns. — Forcepoint, 2018
- Industrial IoT disruption, phishing attacks, and edge computing present some of the largest areas of cybersecurity risks. — Forcepoint, 2018
- Phishing attacks: A guide for IT pros (free PDF) TechRepublic)
- Digital risk protection in 2018: New vendors, new leaders, new wave (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Survey: How does your company handle cyberwarfare and cybersecurity? (ZDNet)
- Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy (TechRepublic)