cl-nz logo
Story image

Forecast: Ecosystm’s top 6 cybersecurity trends for 2020

12 Dec 2019

Article by Ecosytm report co-author and analyst Carl Woerndle 

Amid constant reports of breaches and data thefts, cybersecurity topped the list of concerns for Australian IT professionals throughout 2019.

In 2020, these concerns will become even greater.

Increasing use of cloud platforms and mobile devices, coupled with data sharing and a rise in online commerce, means businesses and their customers have never been more exposed to cyber threats. At the same time, cybercriminals are becoming more sophisticated and targeting their victims using new tools and techniques.

In 2020, there are six trends that will shape the cybersecurity sector and have flow-on effects for companies, governments and citizens.

Those trends are:

An increase in state-sponsored cyberattacks

Already a concerning trend in international hostilities, state-sponsored cyberattacks will grow in both number and intensity during 2020, causing significant problems for companies and governments around the globe.

Faced with this growing threat, many countries will have little alternative but to retaliate, sending these online battles to new heights.

Cybercriminals are likely to target anything from national electricity grids and transport networks to financial institutions, hospitals and universities.

API attacks on the rise

Application Programming Interfaces (APIs) have become a vital component in modern IT infrastructures.

They allow data to be readily shared between applications as well as opening access to external parties.

While they offer significant benefits, they also create vulnerabilities that can be exploited by cybercriminals and incidents are set to rise during 2020.

APIs are inherently insecure and offer an enticing entry point into an organisation’s IT infrastructure.

The problem is particularly relevant in supply chains where data is shared between multiple parties. When access is provided to core systems via APIs, it becomes difficult – if not impossible – to ensure all links are secure at all times.

Operational Technology security lagging

Operational Technology (OT) is the hardware and software that manages devices within an organisation’s infrastructure.

Most OT was designed years ago and was never intended to be networked or linked to the public internet.

Fast forward to 2020 and OT is increasingly being connected to IT networks to allow remote monitoring and management.

Unfortunately, this trend has also opened OT devices and infrastructures up to malicious actors looking to cause disruption and loss.

With the rise of the Internet of Things, this trend will become even more widespread in the coming 12 months.

Questions about AI and privacy

As the capabilities of artificial intelligence platforms grow, AI-powered tools and devices are becoming increasing entwined in our daily lives.

As well as platforms within companies, AI devices are also being embraced by consumers in record numbers.

To make the tools more accurate, technology companies such as Google and Amazon are using natural language processing techniques to improve their AI.

Often this involves the use of recordings of users interacting with the platforms.

During 2020, questions around the privacy implications of this work, and AI, in general, will come into focus.

Governments will need to carefully examine the area and ensure that suitable regulations to safeguard user privacy are put in place.

The volume of GDPR-related prosecutions to rise

Despite having been the law for more than 12 months, the European Union’s GDPR regulations are yet to result in significant numbers of prosecutions and the issue of fines.

This situation will change during the coming year.

While only two fines were issued in 2018, more than 29 were levied during 2019.

In 2020, this number will climb, along with the size of the penalties themselves.

While this trend is unlikely to directly affect companies outside the EU, the increasingly global scope of GDPR will make it harder for companies to ignore the regulations.

Ongoing mergers and acquisitions

While mergers and acquisitions are nothing new within the cybersecurity industry, the pace of activity will increase further during 2020.

Rapid growth in the sector is creating opportunities for cashed-up vendors and private equity funds, which means the currently fragmented market will consolidate further in coming months.

In many cases, a ‘fear of missing out’ (FOMO) will put even greater attention on new entrants and promising start-ups offering unique approaches and technologies.

It’s clear that 2020 will be a period of both significant challenges and change across the cybersecurity landscape.

Organisations that pay close attention to these trends will be best positioned to reduce their levels of risk and prosper in the year ahead.