Cybersecurity in 2018
The year 2017 was plagued by cybersecurity disasters, from Verizon accidently leaking the names, phone numbers and PIN codes of as many as 14 million customers to Equifax exposing sensitive personal information of nearly half the U.S. population. The year 2018 isn’t shaping up to be much better with Dell reporting in January a security flaw potentially impacting almost all of its processors stretching back a decade. As cybersecurity incidents continue to make news headlines throughout the year, here are a list of trends to keep an eye out for.
A.I. and M.L.
Many IT security professionals are looking to leverage artificial intelligence (A.I.) and machine learning (M.L.) to advance cybersecurity. Though still a developing technology, emerging A.I. and M.L. software have the capacity to “learn” from previous events as well as predict and deter cyber instances in real-time. In a global survey by cybersecurity company Webroot, approximately 99% of U.S. cybersecurity professionals said they believed A.I. overall could improve their organization’s cybersecurity. Consequently, expect to see more cybersecurity products touting their A.I. and M.A. capabilities.
Blockchain is making headways in a variety of realms, including cybersecurity. The technology enables online transactions to be conducted in a distributed, decentralized way using a public ledger. With respect to cybersecurity, the blockchain ledger can be used to recognize suspicious online behavior, spotting cases of fraud and error in the act. Moreover, a company’s security system can use a distributed public key infrastructure to authenticate devices and users.
A shortage of skilled cybersecurity professionals is exacerbating data security threats as well. In a survey published last November by Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) consisting of 343 IT and information security professionals and ISSA members, 70% of respondents said a shortage in cybersecurity skills had an impact on their organization. More specifically, 31% of respondents cited a shortage of security analysis and investigation, 31% cited a shortage in application security, while 29% cited a lack of cloud computing security. Therefore, don’t be surprised to see more companies outsourcing cybersecurity in addressing the shortage.
Ransomware attacks have become increasingly problematic over the past few years. The technology acts as a kind of malicious malware that encrypts a user’s files and prevents them from accessing their computer system. Hackers use ransomware to hold a user’s system hostage until they pay a ransom. A ransomware attack to receive significant coverage occurred last May when the malicious malware WannaCry impacted approximately 200,000 people across 150 countries. Among the most heavily hit countries included Russia, Taiwan, Ukraine and India. It is unsure to what extent organizations have learned from previous malware attacks. These sorts of threats can be significantly reduced by abiding by security protocols, such as regularly applying patches and updating systems.
IoT and botnets
The growth of the internet of things (IoT) industry has produced novel ways for web-connected devices to interact and exchange data. At the same time, it has also produced novel opportunities for hackers to take advantage of. Since many web-connected devices often do not have basic security features, it isn’t very difficult for hackers to gain access to them. As a result, botnets have been on the rise, which involve a collection of web-connected devices infected with a kind of malware. They are used by hackers to deploy Distributed-Denial-of-Service (DDoS) attacks, steal data, send span, among other malicious purposes. Botnets are one of the biggest challenges currently facing security systems and will continue to plague web-connected devices in the absence of effective cybersecurity measures.