Information security / Will 2019 be any different to 2018?
Will 2019 be any different to 2018?
30 November 2018
Jake Moore, cyber security specialist at ESET, outlines his cyber security predictions for 2019.
It’s that time of year when we start to think about the New Year will bring and, in the ever-changing threat landscape, predicting what 2019 will have in store for cyber-security can be quite a challenging task.
However, just by looking back over the key events and trends that occurred in 2018, I think we can start to form a clearer understanding of what the big trends will be over the next 12 months.
Here are my cyber security predictions for 2019:
1. GDPR bounty hunters will be on the rise
I don’t think we’ve even seen the tip of the iceberg yet when it comes to hackers targeting big firms with this type of extortion. When cyber criminals take on a targeted organisation, they will be incredibly clued up on GDPR and the financial implications imposed by the Information Commissioners Office (ICO).
The attackers can extort an organisation, proving the company’s data has been breached and then informing the victim that they now have two choices – 1) pay the ICO fine of up to €20m / 4% of their annual global turnover or 2) pay the hackers’ fee. This fee could be far less and, by doing so, companies may not have to deal with reputation damage of the breach being made public.
According to a recent survey, some 47% of businesses would ‘definitely’ be willing to hand over a ransom if it meant avoiding reporting the breach to authorities. Likewise, another 30% said that they would consider paying off the cyber criminals.
We all know that the boardroom wants to get back on track in the aftermath of an attack and, paying the ransom may seem like the quickest way to resolve the issue. While ethically wrong, it keeps production moving and the C suite staff feels trapped. Considering that the cyber criminals are very much aware of this, it won’t take long before the hackers take advantage.
Also of interest: GDPR - myths, realities and how not to be a git!
2. Multi Factor Authentication will hit the SME market
Multi Factor Authentication, MFA, has taken a slow start to large organisations over the past few years but it slowly getting there and, in 2019, it will finally hit the mainstream in the small and medium business market too. Single factor log ins with overused passwords have been a nightmare for CISOs for years and the boards are finally waking up to this new technology such as personal security keys.
Right now, security keys are one of the most secure and efficient ways to use two factor authentication. A security key is a physical USB device you can use to authenticate into your account. Security keys are fairly resistant to phishing attacks, making them one of the best options available. Unlike code-based multiple factor authentication, phishing sites don’t have a great way to intercept information from security keys which helps protect the end point.
Also of interest: Can new authentication methods change business?
3. Machine Learning continues to make waves
Machine learning, (note not Artificial Intelligence) will continue to rise and become better at identifying cyber threats. Intelligence threat detection software continually improves due to the genuine nature of machine learning. In the next year, there will be multiple new uses for machine learning in all industries available for the taking.
Machine learning is allowing us to predict the future by using the past. As far as predictions go, I'm sure we will be reading more about companies that have discovered how to use these technologies to read and interpret data.
For example, ransomware presents a challenge to CISOs because the attacks often leave little forensic evidence in network activity logs. Machine learning technology, however, can help security analysts track micro-behaviors linked to ransomware, such as processes that interact with the entire file system in question which are continually progressing.
Although machine learning is becoming a commodity technology for cyber security providers, it does still come with some challenges for now and we can’t only rely on machine learning alone because it doesn’t catch everything - yet. Moreover, machine learning still deals with a hefty amount of false positives so it can only serve as a tool in the defence toolkit for now.
It’s also worth noting that, in amongst the term ‘Machine Learning’, ‘Artificial Intelligence’ (AI) sneaks in close behind. However, true AI is still science fiction for now and will continue to be misunderstood throughout 2019 – until it is finally here.
Also of interest: Advancing Machine Learning beyond the hype
4. Cyber insurance will be at front of mind
Cyber insurance will be a pertinent conversation topic amongst peers in 2019. I was recently chatting with the Head of Cyber Growth & Innovation for the Department of Digital, Culture, Media and Sport who agreed this will be a particular interesting topic of 2019 and possible changes are on the way.
Cyber insurance is still a grey area, however, it seems one thing is very well known amongst some companies and that is cyber insurers are paying criminals the ransoms to get them out of the sticky situation.
The market is currently booming and many insurers are offering varying levels of protection to customers who (personally) seem in the dark about a lot when it comes to cybersecurity. We all know that scaring tactics aren’t the best way to go about selling a product yet increasing hacking stories in the media are certainly making CEOs a bit twitchy.
But is insurance better than prevention? Does the C-suite think insurance is prevention? Even forgetting ethics for a moment, paying a criminal to receive your data back could be just as catastrophic should malware be transmitted along with the backup – along with your premium increasing in the next year with your insurer.
There is a general feeling that this insurance is being misused and will need intervention and redirection. The route of which it will go in is still unknown but general consensus is that organisations should be preventing cyber-attacks rather than relying on insurance.