Forcepoint launched its 2019 Forcepoint Cyber Security Predictions 2019 report. It provides guidance on the sophisticated cyber threats facing organizations in the months to come.
The cyber security predictions 2019 report is a collection of macro industry trends and threats impacting organizations in the new year. The report is made with contributions from Forcepoint’s cyber security research and intelligence teams, including global Security Labs, Innovation Labs, CTO, and CISO teams.
The report examines seven areas where risks will increase in 2019, with Forcepoint experts taking a deep dive into technology trends and the motivation behind cyber-attacks, so that business and government leaders and their cyber security teams can better prepare to face the new wave of threats. Enterprises and governments are facing a hyper-converged world where connected systems put not only critical data and intellectual property but also physical safety at risk. The report explores these areas and concludes that when people can collaborate in a trusted manner, leveraging data creatively and freely through technology, businesses can securely innovate to create value.
“The cybersecurity industry and attackers expend efforts in a never-ending cycle of the breach, react, and circumvent—a true cat-and-mouse game,” said Raffael Marty, vice president of research and intelligence, Forcepoint. “We need to escape this game. Researching these predictions forces us to step back and see the overall forest among the millions of trees. Cyber Security professionals and business leaders need to adapt to changes based on the risk they represent, allowing them to free the good while still stopping the bad.”
Grappling with Digital Transformation and Trust
The 2019 Forcepoint Cybersecurity Predictions report explores the impact of businesses putting their trust in cloud providers on faith, the impact of end-user trust in securing personal data using biometrics and the potential impact of cascading of trust throughout a supply chain.
In a survey of Forcepoint customers, 94 percent identified security when moving to the cloud as an important issue. Fifty-eight percent are actively looking for trustworthy providers with a strong reputation for cloud security and 31 percent are limiting the amount of data placed in the cloud due to security concerns.
“One way to increase trust and gain control is through behavioural modelling of users or, more specifically, their digital identities, to understand the reasons behind their activity,” Marty continued. “Understanding how a user acts on the network and within applications can identify behavioural anomalies that help inform risk-adaptive responses.”
Forcepoint 2019 Cyber Security Predictions: Seven Areas of Risk
Highlights of this year’s Forcepoint Cyber Security Predictions 2019 report include:
- Driven to the Edge
Consumers exhausted by breaches and abuse of their personal data have led organizations to introduce new privacy safeguards in the services they provide. Edge computing offers consumers more control of their data by keeping it on their smartphone or laptop. But solutions today must overcome a lack of consumer trust that data will not be leaked to the cloud if they are to succeed.
- A Collision Course to Cyber Cold War
Espionage has always presented a way for nation-states to acquire new technology but as opportunities for legitimate access dwindle because of the increase in trade protections, people on the other side of embargoes will have a real incentive to acquire it by nefarious means. How will organizations keep intellectual property out of the hands of nation-state-sponsored hackers?
- The Winter of AI
If AI is about reproducing cognition, does Cyber Security AI really exist? How will attackers capitalize on a slowdown of AI funding? When we trust in algorithms and analytics to successfully pilot automobiles, provide insight into healthcare decisions and alert security professionals to potential data loss incidents, how far should that trust go? Will vendor claims around AI effectiveness hold up against the reality of sophisticated cyberattacks?
- A Counterfeit Reflection
As phishing attacks persist, hacker tricks such as “SIM Swaps” undermine the effectiveness of some two-factor authentication (2FA) methods such as text messaging. Biometrics offers additional security by using data more unique to each end-user, but newfound vulnerabilities in facial recognition software lead experts to put faith in behavioural biometrics.
- Industrial IoT Disruption at Scale.
Attacks on consumer IoT are prevalent, but the possibility of disruption in manufacturing and similar industries makes the threat all the more serious. Meltdown and Spectre have given attackers a way to target hardware vulnerabilities—cloud infrastructure may be next.
- Courtroom Face-Off.
What happens when an employer sues an employee on grounds they purposefully stole data or caused a breach? Several cases have now found their way to high-level courts—including one very public incident at Tesla— publicly highlighting deficient cybersecurity measures. How might workplace monitoring help establish intent and motive?
- Cyber Security Cultures That Don't Adapt Will Fail.
No partnership ever takes place without due diligence, which until now, has not taken a partner’s Cyber Security programs into account. The introduction of “security trust ratings” will indicate to potential partners how safe it is to permit suppliers to handle PII or other critical data. How would Cyber Security culture play a part in these ratings? How would they affect supply chains?