Top cybersecurity predictions and trends for 2019

Several technology companies have revealed cybersecurity predictions for 2019 indicating that CIOs need to step up their efforts to protect their business.
Cyber security spending forecastWorldwide spending on information security products and services will touch $114 billion (+12.4 percent) in 2018 and $124 billion (+8.7 percent) in 2019, according to the latest forecast from Gartner.

A new report from Navigant Research said the proliferation of IoT-enabled devices and third-party entities has widened the surface area for attack, compounding the security issue by making threat detection less straightforward and more difficult to remedy.

A report from ABI Research from forecasts machine learning in cybersecurity will boost big data, intelligence, and analytics spending to $96 billion by 2021.

“This will drive machine learning solutions to emerge as the new norm beyond Security Information and Event Management, or SIEM, and ultimately displace a large portion of traditional AV, heuristics, and signature-based systems,” Dimitrios Pavlakis, industry analyst at ABI Research, said.

AI implementation within organizations will continue in the future causing breakthroughs in domains like healthcare especially in terms of precision medicines, surgery etc., said Sukanya Mandal, IEEE Member and Data Science Professional.

Cybersecurity firm Symantec said attackers will exploit Artificial Intelligence (AI) systems and use AI to aid assaults. The fragility of some AI technologies will become a growing concern in 2019.

AI could be used to launch realistic disinformation campaigns.  For example, imagine a fake AI-created, realistic video of a company CEO announcing a large financial loss, a major security breach, or other major news.

IoT-based events will move beyond massive DDoS assaults to new, more dangerous forms of attack, Symantec said.

Analyst firm Ovum’s ICT Enterprise Insights Survey expects that 60 percent of organizations will have an enterprise-wide strategy for AI in 2019.

A recent Oracle survey of international senior decision makers showed 42 percent are already looking to AI technology to improve efficiency within their organization.

Security teams will need more development and engineering skills. Organisations will up their focus on software supply chains. Threat Hunting will be driven by ML, said Sophos CISO Ross McKercher.

More business customers have critical infrastructure and workloads on platforms like AWS and Microsoft Azure. They’re realizing they need purpose-built cloud security solutions to help them protect workloads moving to these platforms, Tim Jefferson, VP, Public Cloud, Barracuda Networks, said.

Research firm Gartner predicts that 80 percent of cloud breaches will be due to customer misconfiguration, mismanaged credentials, or insider theft, not cloud provider vulnerabilities by 2020.

The IT industry would see enterprises move towards Industry 4.0, the convergence of Internet of Things (IoT), cloud computing among others will enable them to be future-ready, said Padmanabhan Iyer, global CEO of 3i Infotech.

McAfee Labs noticed 480 new threats per minute in Q3 2018. The McAfee report said new IoT device malware grew 73 percent in Q3 and total IoT malware up 203 percent in last four quarters.

Enterprises will need to view regulations like the GDPR as an opportunity to encapsulate their solutions and processes in a secure IT layer. Further, companies must also focus on placing the needs of consumers before anything else and treat data with respect, Makarand Joshi, country head, India Subcontinent, Citrix, said.

In 2019, the global IT industry will see widespread security breaches stemming from lax security across IoT devices. Smart security investments and re-engineered devices should be prioritized over ease of access, said Sundar Iyer, director of Riverbed India.

Operators will extend passive security monitoring with decades-old IT security techniques of active querying for deeper visibility into threats than simply listening to network traffic, said Mille Gandelsman, CTO of Indegy.

Adversarial machine learning will gain traction in sectors such as healthcare and advertising, where protection of huge amounts and types of sensitive data is a high priority, says Juniper Research.

The social engineering aspect of cybercrime will become increasingly prevalent in 2019. Fraud efforts will continue to move to the phone channel. There will be an increase in health care organization hacks, TRUSTID, a provider of pre-answer caller authentication, said.

Since 2015, the number of phishing URLs blocked by Trend Micro has increased by nearly 3,800 percent. Attackers will continue to rely on known vulnerabilities that remain unpatched in corporate networks for 99.99 percent of exploits, Trend Micro said.

Trend Micro predicts attackers will leverage proven methods against growing cloud adoption. More vulnerabilities will be found in cloud infrastructure, such as containers, and weak cloud security measures will allow greater exploitation of accounts for cryptocurrency mining. This will lead to more damaging breaches due to misconfigured systems.

The Equifax breach shows that social security numbers and consumer history are no longer effective methods to authenticate applicants for credit cards and bank loans.

“In 2019, class action lawsuits may test these now lax practices since they no longer represent security due diligence for protecting consumers–who bear much of the pain and clean-up costs of identity theft,” Ray Watson, VP of Global Technology at Masergy, said.