"MACHINE LEARNING WILL BE WEAPONISED"

7 cybersecurity trends to prepare for in 2019

Adam Bannister

Editor, IFSEC Global

Author Bio ▼

Adam Bannister is editor of IFSEC Global. A former managing editor at Dynamis Online Media Group, he has been at the helm of the UK's leading fire and security publication since 2014.
January 4, 2019

Sign up to free email newsletters

Download

Dorgard Pro: Holding fire doors open – until the alarm sounds

The digital world evolves at a pace that make all previous technological paradigms seem glacial by comparison.

Technologies that seemed impossibly futuristic just a few years ago – like AI, virtual reality and facial recognition – are now being deployed in the real world and fast-improving.

Nothing exemplifies the dizzying pace of change more starkly than the arms race between cybercriminals on the one hand and governments and business on the other.

New cyber threats emerge and mutate daily and those defending our data and critical infrastructure must innovate relentlessly to keep up.

So no subject is more suited to the ‘[insert number] trends for [insert year] format’ we see so much of at this time of year. Indeed, you could even prognosticate on a monthly basis given the rate at which trends emerge and evolve.

With this in mind, we welcome some near-term futurology from SecureAuth, which has developed an identity security automation platform that helps organisations prevent the misuse of digital credentials.

Here are SecureAuth’s seven predictions for the most consequential trends we can expect to see – and should prepare for – this year.

  1. Ancient breaches will increasingly come to light:  According to recent reports, cyber attackers accessed the Marriott International guest reservation database as early as 2014. In general, it takes roughly 100 days from the time a breach occurs to evidence of the attack being detected and the longer the breach, the more data that is stolen and the more users that are affected, the costlier it is.  As organisations adopt machine learning based advanced analytics and security orchestration and automation (SOAR) technology, the mean time to detection will fall and more breaches that are greater than 100 days old, perhaps even longer, coming to light. In 2019, organisations will get better at identifying them.
  2. Credential theft will continue to rise: Whether its due to highly targeted phishing campaigns, information being passed on to third parties, or machine learning and artificial intelligence being deployed as the next attacking vector, we’ll continue to see soaring figures of breaches in 2019, if advanced identity-security approaches are not taken.
  3. Privacy is dead when service is free: When there is a free online service or application, consumers often have a false assumption the information they share is private. Such free services monetise information and sell it for financial gain. It is a business after all. During the Facebook and Cambridge Analytica scandal this year, the public learned that enormous amounts of information from users and those they were connected to was being sold and made available to third parties. In 2019, organisations will need to draw a clear line on data sharing and protecting users.
  4. Concerns will rise in regards to consumer’s privacy rights, and legal ramifications: We’re seeing more court cases regarding access to personal devices without a warrant, and how much control the consumers have over their biometrics, passwords, and passcodes. Questions will need to be addressed on when and if citizens are legally obligated to provide this information, resulting in device access.
  5. Return of network threat detection: We’ll see the industry start to open its arms back up to network based threat detection. With the explosion of IoT and the increasing inteest and drive for BYOD amongst organisations, network-based threat detection will continue to be important, providing vital security and behaviour related data, to offer visibility that endpoint technology can’t.
  6. All verticals are fair game to attackers: All verticals are under attack. In fact, it is more about the attack surface than the vertical. Of course, the finance, healthcare and retail industries will see a slightly larger percentage of attacks but anyone with a portal presence or Office 365 deployed is a prime target and the impacts are the same: loss of revenue and damage to brand reputation.
  7. Machine Learning will be weaponised: Machine Learning is fast gaining traction and will become the next attack vector over the next few years. As these intelligence platforms are becoming increasingly relied upon to automate informed decision making based on information profiles, it would seem remiss for security experts and teams not to consider these platforms themselves becoming the next attack vector. If a sophisticated attacker could find methods to inject confusion or misleading indicators into the information pools used for decision making, it could make it possible to hide amongst the injected noise.

Free Download: Connected security for smart infrastructure

With the rise of the Internet of Things, people, homes and businesses are more connected than ever. Explore what this means for smart buildings, cities and infrastructure in this free eBook from Abloy UK.

Related Topics

Leave a Reply

avatar
  Subscribe  
Notify of
Topics:

Sign up to free email newsletters