Cyber security has been a huge talking point in 2019, and indeed a constantly evolving threat for businesses and users alike in the last decade. Commercial businesses around the world have fallen victim to high-profile cyber breaches. In March 2019, US-based bank Capital One suffered one of the largest data breaches in history, with over 106 million records breached including credit card information from consumers and small businesses. According to CNN, the breach cost Capital One $100 t- $150 million due to legal action and upgrading its technology to fix the vulnerability. Attacks like these are far from uncommon and are set to increase in the coming years with the launch of 5G
As 2019 draws to a close, the team at Cyber Essentials review and predict the cyber security trends in the road ahead so your business can be prepared, come what may.
Organisations need to implement management for the cloud
Adoption of the cloud has fundamentally changed the IT landscape and will continue to do so as we move into 2020. Cloud computing systems have long been a concern for cyber security, as we noted in our predictions article at the end of 2018 – ‘cloud computing systems open a door for cyber criminals to take advantage of the vulnerabilities within the system.’ Although the cloud is more secure than it has ever been, with cloud providers making significant investments in security capabilities, cloud customers are now operating on multiple clouds that need protection. As cloud customers, businesses may no longer manage many of their core infrastructures, applications or services, so it is crucial to understand the contract terms that define and isolate the platform vendors’ responsibilities versus those of their customers. To combat this moving into 2020, organisations should ensure that they separate duties across different cloud accounts, so it is clear how to manage data on each platform.
Businesses which run cloud systems are still responsible for ensuring their security and safety requirements are up to scratch and follow best practices. This means businesses should make a conscious effort to review their cyber security strategies and collectively work to improve them in fresh and innovative ways.
Artificial Intelligence continues to be a gaping vulnerability
Detection of most cyber threats requires trawling though massive amounts of data, looking for anomalies or indicators for a possible attack. Artificial Intelligence makes up a large subcategory of cyber security, with the development of machines that can automatically detect strange patterns of behaviour more quickly and efficiently than humans can, and often without fault. Large-scale data analysis and threat detection are ideal areas for the use of AI, and it is becoming increasingly common for business operations to implement AI technology into their daily processes. However, attackers are catching on to this, and we predict they will begin to use AI technology themselves to probe networks and search for vulnerabilities. This will be happening more and more in 2020 and the years beyond.
Cyber breaches surging through supply chains
No matter how small your organisation is, you are likely connected to a possible target of a cyber attack. Suppliers, third-party vendors and larger organisations are all part of wider ecosystems which are interconnected with each other. The impact of a cyber security breach will be felt all the way down the supply chain to SMEs and micro-businesses. Therefore, organisations need to ensure they are not the weakest link in the supply chain by evaluating their threat profile and implementing strategies and employee training in cyber security. This can be difficult for organisations that are just starting out. Cyber Essentials is a great resource for inexperienced organisations, as it provides simple steps to achieve protection from the most basic of cyber security breaches.
The risks of 5G deployment
5G is a brand-new radio technology whose implementation is expected to accelerate across the UK in 2020 and beyond. 5G promises increased bandwidth, higher internet speeds, lower latency – and a wide array of cyber security risks. The network will guarantee wider coverage and more devices connected, as well as paving the way towards autonomous vehicles being able to communicate with each other.
Instead of connecting to the internet through a wi-fi router as is the case with 4G, 5G devices will connect directly to the network, opening up a whole range of rich opportunities for attackers. Data-in-transit compromises are expected to grow. Hackers will be able to embed malicious scripts onto targeted websites directly or through third-party suppliers used by said site to capture data as people go through the site, for example when a consumer pays for a product.
Get Cyber Essentials Certified
Cyber Essentials provides organisations with clarity on what essential security controls they need to have in place to reduce the risk posed by threats on the internet with low levels of technical capability.
Defend your business by getting Cyber Essentials certification.