As 2019 comes to an end, cybersecurity experts are preparing for a new year—and a new decade—and all the cyber scams, breaches, attacks and privacy concerns that threaten consumers and businesses.
CyberScout, an industry leader in cyber insurance, data security, and identity theft protection, continues to strengthen defenses against the constantly evolving cyber threats that will shape the 2020 security landscape, encouraging consumers and business owners to stay informed and aware.
"While consumers and business leaders are more aware of cybersecurity and privacy than ever before, cybercriminals continue to innovate," said CyberScout Founder and Chairman Adam Levin. "As defenses improve, the attack vectors become more nuanced and technically impressive. You are your best guardian when it comes to your privacy and personal cybersecurity."
The following is Levin's first series of predictions for 2020:
Cybersecurity workforce shortages. There will be a shortage of experts, adding pressure on CISO's charged with tackling an increasing issue environment. With the demand for cybersecurity professionals far exceeding supply, the market will have to start filling openings with less qualified people.
The disinformation blob will grow. With the success of weaponized misinformation campaigns in the 2016 and 2018 U.S. elections, expect to see more of them in the private sector, with businesses adopting troll farm tricks to hurt the competition.
Ransomware will continue to thrive. Phishing attacks will continue to lead to ransomware infecting more and more networks. Businesses, municipalities and other organizations will continue to pay whatever they must in order to regain control of their data and systems. We will also see better backup practices that will help minimize or neutralize the threat of these attacks.
IoT botnets will make dystopian paranoia seem normal. IoT will continue to grow exponentially. In 2020, there will be somewhere around 20 billion IoT devices in use around the world. Unfortunately, many are not secure because they are protected by nothing more than manufacturer default passwords readily available online. They will be weaponized (like in years' past), but with increasing skill and computing power.
The integrity of the U.S. elections will be questioned—for good reason. There are still voting machines in use that are far from secure and would not pass the simplest of audits. Some states continue to use machines that leave no paper trail. Look forward to questions regarding election security all year.
Cryptocurrency miners will continue to get rich off stolen electricity. Related to the botnet craze, we will see an increase in computing power theft used to mine cryptocurrency. With bots becoming exponentially more effective as the result of AI and cloud computing, we will see a renaissance of Wild West behavior in the world's blockchain digital ledger.
Zero-trust environments will be talked about. A few may exist. The assumption that one can trust the home team—people within one's organization—has been replaced with zero-trust policies. Zero-trust simply means that no one can be trusted, in or outside the organization. With this assumption foremost, new systems make breaches and compromises harder to happen.
More people will know what "protect surface" means. Protect surface is part of the zero-trust environment. An organization's attackable surface includes every error-prone human in its employ as well as the mistakes in configuration they may have committed along the way and any number of other issues. The protect surface is much smaller and must be kept out of harm's way. The more we talk about subjects like protect surface, the stronger our cybersecurity will be.
Cars will be frozen. Driverless cars are going to hit things as well as get hit by hackers. Cars that talk to satellites are toast. It's going to happen. (Or not. But it totally could.)
5G will make the cyber smash grab a thing. 5G is going to make everything move fast, as will the new generation USB4 devices. With quicker speed, it will take much less time to transfer data. Coincidentally, criminals appreciate this as much as the rest of us.
Social media will no longer need to be private. Social media companies will probably become a bit more responsible when it comes to the way they gather, store, crunch, analyze and sell our data to marketing companies and small to medium sized businesses looking to connect directly with consumers.
State-sponsored traffic jams will be a thing. Hackers are going to target operational systems with an array of tactics that include ransomware and more DDoS attacks that will snarl things up in ways we've not yet seen. The targets will be financial institutions, the power grid, elections, proprietary business information, city services and infrastructure like traffic lights and much more that can wreak havoc on our day to day lives.
You're going to have personal cyber insurance. Insurance companies will be writing more comprehensive cyber liability policies for businesses and offering innovative personal cyber coverage for consumers.
HR will save money by spending some. More employers will offer their employees identity protection products and services as part of their paid or voluntary benefits programs. An employee who has their identity stolen is not very productive and if, as part of that identity theft, their user ID or passwords are exposed, a thief might have what he or she needs to access an employer's network and sensitive databases.
The cloud will leak. The parade of stories about misconfigured cloud clients and data stored without any password protection on cloud services will continue apace, perhaps in part because of the CISO and cybersecurity workforce shortage discussed in the first prediction.
AI will gladly take your job. AI is here and it's willing to work. The CISO shortage as well as many of the innovations discussed in this list of predictions will be increasingly addressed and powered by Artificial Intelligence.
"Disinformation efforts, election security and continued attacks on local governments and major metropolitan hubs are escalating concerns of how disruptive and dangerous cybercrimes are becoming," continued Levin. "2020 promises to be an interesting ride. Be smart and stay safe by staying informed and seeking cyber insurance protection for you, your family and your business."