Encryption

2019 Cybersecurity Predictions

Stan Lowe, CISO, Zscaler

There will be an increased focus on cyber risk versus spending by governments and corporations. Cybersecurity practitioners continue to spend vast amounts of money to mitigate all risk to the extent that we are approaching, or even reached, the point where businesses can no longer sustain it. We’ll begin to see corporations and governments ask “How much is enough,” when the spending continues but the organization remains vulnerable. As a result, boards will begin to pressure CISOs and CSOs to cut budgets and find new, more efficient ways to protect against cyber-attacks.

Phil Dunkelberger, CEO, Nok Nok Labs

Zero trust will have zero value without strong authentication: The buzz behind zero trust is great, but in order to achieve full data protection, you need strong encryption. In the same sense, if you want to confirm identity, you need authentication. The use of “behavioral biometrics” will surge beyond expectations: While we’ve grown more comfortable using traditional fingerprint/voice/facial biometrics, major brands like Bank of America, Google, T-Mobile, etc. are now beginning to allow a “biometric gesture” to be used to securely access online services and eliminating the use of passwords.

 Bob Flores, cybersecurity advisor, Fidelis

Quantum Computing – the underestimated tech that’s about to see explosive growth.In 2019, we’re going to see advancements in quantum computing in the cybersecurity industry. Firms need to start preparing now, as this technology can, and will, destroy current security mechanisms, particularly encryption. While quantum computers of today are not nearly as powerful as they will eventually become, they are already capable of rendering encryption security meaningless. Bad actors can build them too. We could see a sharp increase in attacks leveraging quantum computing as early as later next year. If enterprises aren’t prepared, this could lead to breaches with the potential to damage numerous businesses, and lives.

James Willett, VP of technology, Neustar

Across almost every vertical, increasing network bandwidth and speed while lowering latency, can improve efficiencies at nearly every department level. But while businesses can be near certain about how they can effectively apply 5G to improve operations, predicting what security threats will come is going to present a significant challenge for IT. With IoT growth posing huge unknown risks to enterprises with the introduction of 5G, businesses will increasingly need to invest in both technology and employee training in order to prepare for the next generation threat landscape. What’s more is that 5G will not only give rise to new threats, but it will also provide cyber criminals with new opportunities to carry out attacks that we have seen grow in popularity over the years with greater force and impact. With this in mind, even an organization that “does everything right” to combat threats posed by 5G could still be impacted just as easily as those that are less security savvy.

Crowdstrike 2019 Predictions

  • North Korea’s will continue their financially-motivated attacks on banking institutions and, as their charm offensive is likely to end next year, they may resume destructive attacks inSouth Korea.
  • Iran will launch attacks on the US in retaliation for sanctions.
  • China will continue to ramp up commercial cyberespionage efforts as trade war escalates.
  • Containers will be a rising focus of attacks next year.
  • Attackers will start to leverage adversarial machine learning in their attacks to bypass security products reliant exclusively on machine learning for detection of malware.
  • Cyber insurance rates will go up because of the increased payouts and risk.
  • Iran will launch attacks on the US in retaliation for sanctions.

Malcolm Harkins, chief security and trust officer, Cylance

Terrorist Related-Groups Will Attack Population Centers With Crimeware as a Service.  While terrorist-related groups have been tormenting organizations and individuals for years, we anticipate more potentially destructive attacks in 2019. Instead of breaking systems with ransomware, adversaries will leverage new tools to conduct harmful assaults on targeted subjects and organizations. From attacks on data integrity that essentially kill computers to the point of mandatory hardware replacements, to leveraging new technology for physical assaults such as the recent drone attack in Venezuela, attack surfaces are growing and enemies will take advantage. 

WatchGuard Threat Lab Research Team

Attackers Hold the Internet Hostage. A hacktivist collective or nation-state will launch a coordinated attack against the infrastructure of the internet in 2019. The protocol that controls the internet (BGP) operates largely on the honor system, and a 2016 DDoS attack against hosting provider Dyn showed that a single attack against a hosting provider or registrar could take down major websites. The bottom line? The internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points underpinning the internet or abuse the underlying protocols themselves.

Malwarebytes Labs Team

New, high-profile breaches will push the security industry to finally solve the username/password problem. The ineffective username/password conundrum has plagued consumers and businesses for years. There are many solutions out there—asymmetric cryptography, biometrics, blockchain, hardware solutions, etc.—but so far, the security industry has not been able to settle on a standard to fix the problem. In 2019, we will see a more concerted effort to replace the password solution all together.

prestitial ad