The IT security trends to look for in 2019
The cyber security landscape is a constantly evolving one; not only do threats change but so does the technology to fight them, together with the regulatory landscape surrounding the protection of data. So, what are some of the trends that will impact how businesses secure their systems in 2019?
Focus on compliance
We’ve already seen the introduction of new legislation such as GDPR, governing the protection of data and the handling of data breaches. Over the next few years, we can expect to see even more new laws and rules coming into play. The adoption of a national data privacy standard in the United States is on the horizon, for example, and in an increasingly globalised world this matters even to companies based elsewhere.
Given the number of high profile data breaches recently, it’s also likely that we will start to see stronger enforcement of existing rules. Data breach notification requirements will be strictly enforced and it can only be a matter of time before we see firms facing large fines.
We will undoubtedly start to see more fallout from past data breaches too. The volume of personal information being stolen as a result of breaches is growing rapidly. This raises the possibility of this data being leveraged by cybercriminals. Among possible uses of this data are attempts at blackmail, extortion and identity theft. In 2018 we’ve already seen an email extortion attempt that quoted passwords exposed in an old breach [1] to enhance its credibility.
Focus on data
In the past, IT security has been all about protecting the perimeter, ensuring that networks and endpoint systems were secure against intruders. Tougher regulation and increased focus on breaches mean that over the coming year, we are likely to see a much greater focus on the protection of data. This means knowing where the data resides and having a discovery solution to locate data and keep track of it on an ongoing basis is going to become essential for many companies.
The move to the cloud is showing no signs of slowing down and this, of course, opens up new security issues. Protecting data in the cloud can’t be left to the service provider. Businesses will need to look towards new technologies such as machine learning to understand atypical behaviour that could indicate unauthorised access. Where development is taking place in the cloud, we will see a shift to the use of DevSecOps methodologies to build in security from the design stage.
Focus on Technology
While new technology represents new threats, it also offers new solutions to security problems. There are increasing moves towards analytics and artificial intelligence to automate security tasks, prevent alert overloads and help to address the shortage of skilled information security professionals.
Information security is going to increasingly see the use of blockchain technology too. While it’s an area that is still developing and probably won’t become mainstream in 2019, it is being increasingly adopted as a way of securing transactions. IT managers need to become familiar with the technology and what it can offer.
We’ve seen a dramatic rise in Internet of Things connected devices over the last two years. These devices are often poorly secured or left in their default settings, offering an attractive attack surface. We’re likely to see further attacks where IoT devices are recruited into botnets or used as a backdoor into networks. There needs to be greater education as to the risks of these devices, both for users installing and configuring them and to encourage manufacturers to design security into their products.
Cloudworks are experts in Cloud Technologies and security. We have supported numerous companies with just 10 users to over 30,000 users on using Microsoft cloud products and security. If you’d like to know more – please call us on 0115 824 8244 or email us at hello@cloudworks.co.uk
[1] https://betanews.com/2018/10/31/sextortion-this-time-personal