Cybersecurity Trends for 2020

Posted on Thursday, March 12 2020 @ 17:01 CET by Thomas De Maesschalck
Cybersecurity has become one of the most pressing concerns in modern times. It is a domain where even the slightest mistake can translate into huge losses for organizations and individuals alike. Data privacy regulators and cybersecurity experts have been hard at work trying to pinpoint the source of all major attacks. From what they’ve been able to tell so far, failed cybersecurity protocols are the root cause of most cyberattacks including malware infection, data breaches and general system hacks.

Cybercriminals are evolving continuously with new forms and tactics being reported around the world. From large corporations to small businesses, entities from diverse fields are coming under attack through reformed attacks which is causing extensive losses which are not just financial. Organizations at all levels are deploying elaborate cybersecurity measures to protect against regularly changing threats which are emerging from simple malware. VPN for Windows and its integration is becoming a part of the cybersecurity equation too.

Trends header image

In light of these developments, here are 5 cybersecurity trends to watch in 2020:

  • 1. Integration of cybersecurity and data science
    Data has become one of the most valuable assets for organizations. It helps them gain a competitive advantage over competitors by programming AI models to process information. The effective functioning of an AI model relies on quality data and scalable computing.

    In the quest for data collection and processing, companies are leaving behind ethical considerations and any concerns for user privacy. The concept of privacy itself is becoming quite ambiguous due to the presence of data lakes and increased DE anonymity thanks to channels like social media.

    In the future therefore, data scientists have to incorporate robust cybersecurity mechanisms because they hold the keys to treasure chests that can do all kinds of harm in the wrong hands.

  • 2. The rise of ransomware
    2018 was the year of ransomware when numerous attacks saw multinational corporations and smaller entities, even government and healthcare institutions lose hoards of data to these malware. Now, McAfee has predicted that this threat is only going to evolve into a more extreme threat. Experts believe that the “longevity of this threat is dependent on its profitability.”

    Hackers are now threatening to publicly disclose or sell information unless ransom demands are met. Each year the sophistication of ransomware increases as we’ve seen with GandCrab first and then REvil. The players behind these attacks though are now leveraging exfiltrated data to extort and guarantee that their ransom demands are met.

  • 3. The Growing use of machine learning
    Humans are prone to error but they are imperative to the whole operational and cybersecurity process of many industries. As a result, organizations are not replacing humans but incorporating machine learning into traditional systems to make tasks relatively easier.

    However, with the increased use of machine learning, privacy breaches are becoming a risk too because an algorithm or process doesn’t have any limits unless they are defined by the programmer. Vendors have to make sure that they integrate specific limitations into the program and this is something that will likely be seen as time passes.

  • 4. Managed Service Providers (MSPs) are at larger risk
    2019 saw the remote monitoring and management software used by several MSPs come under attack. One case saw more than 400 customers affected by a single attack. MSP CyprusOne came under attack in December and 13 more cloud-based service providers were attacked by ransomware.

    The use of data exfiltration techniques and other elements like remote monitoring enabled by MSPs allow hackers to attack several companies or users at one time. Cyberattacks against MSPs are controllable through the use of patched remote access solutions that are protected by two or multi-factor authentication.

    MSPs also need to ensure that their respective service providers are abiding by cybersecurity best practices.

  • 5. The continued use of security tools as privacy protection mechanisms
    While there is a lack of any specific tools that protect user privacy, their abundance of those that safeguard consumer data. This means that companies will continue to rely on security tools to minimize the risk of attacks that compromise user data, for instance, installation of a VPN for chrome extension among others. This is relevant because as a consequence of data breaches, cybersecurity and privacy are implicated equally.

    Capital One is a classic example. It suffered a massive hack due to the exploitation of a flaw in its web application firewall (WAF). WAF works in protecting the perimeters of cybersecurity strategies and not the data itself. Despite this, companies are not looking for effective solutions with 95% C-suite executives allocating just 20% or less to identifying appropriate solutions. The widening cybersecurity gap plays an important role in lack of development of more robust solutions and this is leading to the use of alternative methods like implementation of IDaas model for centralizing customers as well as corporate data that is linked to business partners.