Cyber Security Predictions 2019

As we move into 2019, cyber threats and attacks will continue on the same path and in some instances grow and expand as technology continues to become agile and expand on their capabilities. Security professionals will still continue to collaborate and partner with their business stakeholders, to balance business need vs. cyber risk but also keeping in mind all the other nuances we are faced with daily - security risks, organizational threats, compliance and regulatory changes, industry changes and certainly the specific cyber threats and attacks that as a company or organization you come face to face with. The following are my predictions for 2019:

Phishing / Social Engineering / Email Threats - Phishing has been around since as far back as I can remember, when the only phish that existed was the "AOL Phishing" looking for legitimate credentials. Nowadays phishing has developed into so much more, including all of its associated threats including ransomware, business email compromise and social engineering. Small and Medium sized Business (SMB's) will continue to be targeted this way; to obtain legitimate credentials, compromise systems and networks, install malicious code or software and continue to deliver extortion style demands.

Vulnerabilities - This threat will remain even past 2019. Many organizations are still not managing enterprise vulnerabilities within industry guidelines. Many cyber breach and data compromises are due to the underlying vulnerabilities that are not patched in a timely manner and therefore succumb to a breach. The ongoing push for cloud and the skyrocketing adoption of cloud infrastructure also includes many gaps when it comes to cyber security. The need for industry acceptance of standard guidelines is necessary. Organizations that do business with 3rd party vendors and cloud providers should implement a 3rd party risk program to ensure cyber security responsibilities are addressed timely and to your requirements through contracts and legal agreements. One area of cloud infrastructure that requires extra due diligence is with cloud containers (e.g. dockers, containers, etc.) are secured properly to limit unauthorized access, protection of data, etc.

People, Process and Policy - What i will call "security fundamentals" and many organizations are still missing all or pieces of these fundamentals within their information security programs. Technology is usually associated with "People and Process", but as experts have seen, companies are heavy on purchasing and implementing technology, applications and all sorts of solutions to address cyber security, but they also lack qualified people to manage the technology and inadequate process and policy as well. We all are aware of the staffing shortage that continues to grow across the globe, but it is a major fact that needs addressing.

Cyber Attacks and Threats - The typical cyber attack is usually termed DOS or DDOS (denial of service essentially) and while these types of attacks are certainly not subsiding anytime soon, there are a whole list of other types of attacks that have been moving to the forefront through 2018, and certainly into 2019. IOT attacks is one such type of attack that will continue to progress in 2019 - the IOT market of goods continues to expand; certainly within the wearable technology space and smart appliances. Botnets (like Mirai, Torii) will continue to wreak havoc on IOT products and networks alike; with Torii now deploying advanced, sophisticated and often attacks resistant to cyber prevention / detection technology. Cryptocurrency is certainly a market that has seen its fair share of attacks and hacks in past years, and 2019 won't be any different. Attacks are likely to continue against digital wallets, platforms and exchanges. Users should be weary of fake applications (especially mobile) and other software for mining, as many turn out infected with malware.

Advanced Technology Innovations and Attacks - We have all heard a vendor presentation about a product that utilizes Artificial Intelligence or Machine Learning, and the positive attributes for the technology and how it can help in business operations. This same advanced technology will help attackers and organized criminal groups (OCG's) utilize the technology against organizations by stealthier methods of attacks, speeding up searches for vulnerabilities and even launching sophisticated phishing attacks. As with any new software, or application release, attackers and OCG's are developing methods, tools and tactics to attack organizations, and this activity will continue.

Critical Infrastructure / OT - Nothing new with critical infrastructure and the attacks, hacks and breaches that have occurred over the last several years. These types of attacks will continue into 2019. More importantly, many of the power, energy, gas, electrical, etc. companies that are targeted, are so, because of the outdated technology still in use. Many ICS (industrial control systems) and SCADA systems are outdated, utilizing end of life operating systems and other technology. The emergence of these out of date systems coupled with new technology will also bring challenges to organizations, especially in preventing physical-cyber attacks that could result in loss of life, harm, building destruction, etc. Increased cyber detection, prevention and other monitoring tools will be important to these organizations.

It will be important for organizations to understand themselves where their information security program is lacking in areas that require improvement (Gap Assessment) so they are not exposed to adverse risk. Its a great time to choose a security framework (NIST, ISO, NIST CSF, etc.) and conduct a risk assessment on your organization, identify the necessary controls needed at your organization to help manage threats and risks of your organization. Also important to understand other compliance and regulatory requirements (PCI, HIPAA, HITRUST, GLBA, etc.) and how these requirements fit into your overall controls and program. At the same time understanding and assessing your cyber maturity and level of resilience both from a cyber and organizational perspective. All of these areas will help in the overall management of information security.