2018 hasn’t been as dramatic a cyber-security year as 2017, in that we haven’t seen as many global pandemics like WannaCry. Still, Ransomware, zero-day exploits, and phishing attacks, were among the biggest threats facing IT security teams this year. Meanwhile, the data breaches hit parade continues.
The cycle of exploit to discovery to weaponization has become shorter, and unfortunately, it has become more difficult to protect the enterprise network and the various devices connected to it.
In 2017, roughly 63% of organizations experienced an attempted ransomware attack, with 22% reporting these incidents occurred on a weekly basis (*ESG Master Survey Results, 2018 IT Spending Intentions Survey, December 2017). We expect to wind up with similar statistics for 2018.
Here are five trends we believe will dominate cyber security in 2019.
Security and Privacy Merge
Despite the fact that everyone is still trying to understand the new privacy landscape and perhaps because they haven’t fully grasped the new realities, everyone is paying attention. Perhaps because of our increasing focus on privacy in general and GDPR specifically, or because more organizations will be working to meet compliance mandates for privacy, we won’t see a major lawsuit against a company. All we know is that we have seen an increase in companies seeking to implement network access control to meet new compliance regulations.
AI + ML = forensics and investigations
Artificial Intelligence (AI) and Machine Learning (ML) are going to become mainstream in day-to-day cyber security applications- mainly for forensics and post incident identification of adversaries. Investigating security events is costly both in terms of time and the expertise required. We believe that AI and ML are well positioned to help with investigations using computing power and specialized programs that know what to look for and have the ability to learn. AI and ML enable the clustering and analysis of massive volumes of data that is manually impossible within reasonable time frames even with the best trained minds working on an investigation.
Ransomware – more targeted attacks against wealthy and famous individuals
Social networks offer a world of insights and information on almost anyone who has an account. Unfortunately, they also provide a lot of details that assist fraudsters in monetization attacks (due to bitcoin) and carrying out spear phishing attacks – all will be combined for a more targeted approach.
Increased debate on the role of Gov in cyber security
Attacks on large businesses that have national implications will raise the issue of government involvement in cyber security. Should States and the federal government play a more active role in defending private sector organizations?
Published in vmblog.com