If there’s one thing we learnt in 2019, it’s that attacks are not only rising in numbers, but also in complexity and persistence.
Thanks to increasingly sophisticated technology, cyber security is quickly becoming a fast- evolving game of wits — one where defenders will need to dramatically step up their security game if they are to outmanoeuvre hackers at every turn.
So, what should you be looking out for in 2020? We asked around the Pro Drive office for some predictions on the top cyber security trends for next year.
Flexible and remote working really took off this year — presenting a whole host of new security challenges. More and more businesses are now relying on mobile phones and allowing staff to use personal devices for work. But if these devices are not managed properly, companies will be left vulnerable to data leaks and malware infection.
Next year, we are likely to see malware attacks on mobile phones become increasingly common — particularly on Android devices. This could be through fake apps or other ‘hidden’ malware, which ‘scrapes’ personal details such as passwords.
As such, businesses will need to start thinking seriously about creating a security-focused culture, whereby all employees have the appropriate software on their devices and are diligent about installing the necessary updates.
2019 saw a number of large-scale attacks on governments and various critical infrastructure. Suck attacks put a real strain on budgets and resources, crippling these organisations and civic entities.
In 2020, there will likely be an even bigger surge in hacks of large public organisations and government bodies — to either steal data or cause political unrest. So, it is vital that governments and public amenities invest in cyber security with the same urgent approach we are now seeing in the private sector.
Phishing is nothing new. But the ways hackers are carrying out attacks are. Although email still dominates, mobile phishing attacks are on the rise — with hackers using SMS (smishing) and live calls (vishing) to pose as familiar individuals or reputable companies and trick users into parting with valuable data.
Despite extensive awareness campaigns, these attacks are only going to increase in frequency throughout 2020. A multi-pronged approach which focuses on improving organisational security awareness and credential management is your best bet at tackling this.
AI and machine learning
We’ve already had a glimpse of what artificial intelligence (AI) can do for cyber security. Next year, we’ll increasingly see it step in to lend a hand.
Threat identification systems using the latest machine learning will be able to identify and flag completely new threats, whilst AI-based technology could be used to uncover vulnerabilities by simulating attacks on systems.
However, AI is a double-edged sword. Just as businesses can leverage it to bolster their defences, hackers can use it to bypass security measures and manipulate systems.
Through AI, hackers could make phishing and other social engineering attacks considerably more advanced. Automated systems controlled by AI could also be used by attackers to scan networks and system for vulnerabilities that could be exploited.
As such, the AI battle will continue well into 2020 as hackers and defenders try to find new ways to outsmart one another.
In 2020, organisations will find themselves under immense pressure, as they and their employees are held increasingly accountable for their security practices and response to threats.
With many companies looking to beef up their cyber security measures in the coming year, we will likely see more and more businesses look toward some form of security assessment. For example, becoming Cyber Essentials certified will demonstrate they are compliant with security and protecting their clients’ data to a government standard.
By Bruce Penson, Managing Director of Pro Drive IT
If you want to upgrade your cyber security or IT systems in 2020, contact one of the friendly team at Pro Drive IT today to get started!
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/