Story image

Two top execs’ predictions for cybersecurity in 2019

01 Jan 19

Executives from the local branches of major security vendors One Identity and Secureworks have released their predictions for some of the major enterprise technology trends for this year.

Unsurprisingly, security makes up the majority of these trends as the coming year is sure to bring new and possibly unexpected threats across the evolving IT landscape.

Staying protected

Data continues to take centre-stage in the efforts to remain safe, secure and compliant as the worldwide explosion of legislation.

“In 2018 Australian businesses saw the implementation of Mandatory Data Breach Notification legislation which has shed light on which industries are struggling to keep Australian’s data safe,” says One Identity APJ technology and strategy regional manager Serkan Cetin.

“In 2019 businesses will start to see organisations adopt more secure measures like multi-factor authorisation in order to prove they are taking security seriously.”

The old adage that knowing is half the battle rings true as organisations will need to make choices about where to focus their cybersecurity efforts.

“If Australia plans on effectively growing the cybersecurity sector in 2019, businesses must apply a risk-based approach to security,” says Secureworks senior security researcher Alex Tilley.

“IT teams must understand what data is of value to their business and evaluate threats and risks to that data, prevent what attacks can be prevented, detect what attacks cannot directly be prevented, predict hackers next moves, and be prepared to respond efficiently and effectively.”

Types of attacks

Government will continue to be an area of opportunity for those providing sales and services into the cybersecurity market as nations collect more and deeper data on their citizens.

“Crime and state-based attacks for intelligence or military aims have been staggeringly successful in 2018 and we expect the evolutionary growth in tools, techniques and procedures of all types of attackers to continue into 2019 as success breeds boldness. Over the next year, expect to see more nation-state attacks focused on disruption,” Tilley says.

However, organisations will certainly not be immune as that necessary evil, email continues to be a major area of vulnerability.

“In 2019, ‘business email compromise’ (BEC) tactics will continue to be successful against companies that don’t have fundamental security controls in place. Multi-factor authentication on internet-accessible email accounts, user awareness education on phishing, endpoint controls to detect malware running on machines, and log monitoring to detect anomalous login activity on accounts are all vital to creating a strong security platform,” Tilley adds.

And we haven’t yet seen the last of ransomware.

“Throughout the next year, ransomware tools will continue to gradually evolve. This will result in further criminal success and more mounted attacks involving compromise, long-term lateral movement and device discovery inside the victim network,” says Tilley.

Privileged Access Management

The sci-fi world of biometrics is well on its way to the mainstream as unique identifiers become more vital to keeping an organisation secure.

“Biometric authentication will become more widespread to secure access and satisfy multi-factor authentication needs,” says Cetin.

"Besides the physical biometric solutions, such as fingerprints and face detection, more emphasis will be put into analysing users behaviour for identification. Those enterprises that need to meet the highest security standards, for instance, the finance sector, complement their security analytics with behavioural biometrics capabilities that help analyse their privileged users' activities.

“How an individual types on a keyboard, their reaction time or how they use systems and consume the services provided will be a more prevalent part of the identification of the most important users to secure their access to sensitive data.”

Will we finally see the backside of those pesky, immemorable, eminently hackable words and phrases we rely on to secure our closest secrets?

“2019 will move us one step closer to a password-free future as technology companies lead the charge to develop new ways to securely authenticate individuals,” Cetin posits.

“More companies will embrace FIDO2, which has recently been approved for use. In 2019, expect more tokens, laptops and more websites to build FIDO2 capabilities into their authentication workflows. While the password may still be around in 2019, its days will be numbered.”

Cybersecurity skills

The cybersecurity skills shortage may finally be addressed, especially as the human aspect of security is becoming recognised as imperative to a secure organisation.

“In 2019 businesses will need to Identify talented staff in non-security roles and spend money on upskilling and training them for security roles,” says Tilley.

“Businesses will need to seek interested staff who can gain experience through mentorship programmes. This combined with “real world” activities given to security graduates can help to somewhat narrow the skill gap facing Australian businesses.”

Expert comment: Google fined US$57mil for GDPR breaches
The committee examining the breaches found two types of breaches of the GDPR.
McAfee customer choice for Cloud Access Security
“This is the second time that McAfee has been named... and we believe this demonstrates our ability to stay ahead of the pack.”
The message behind the Apple/Samsung iTunes partnership
Futuresource has released its perspective on what Samsung Smart TV’s new iTunes Movies and TV Show app means for Apple as a company.
Cost keeping Kiwi companies from making the most of IoT
"To move past the barriers inhibiting production scale IoT, organisations have to solve the broader security and upgrade issues."
Cybercrime could cost companies US$5.2tril over next five years – survey
New research from Accenture found that only 30% of organisations are very confident in internet security.
Achieving cyber resilience in the telco industry - Accenture
Whether hackers are motivated by greed, or a curiosity to assess a telco’s weaknesses; the interconnected nature of the industry places it in a position of increased threat
Three ways 5G will impact power management in 2019
Power failures or any network interruptions are not an option. Rolling out 5G is complex and presents a unique challenge for telco providers.
LogicMonitor launches container monitoring solutions
Kubernetes monitoring and LM Service Insight provide performance analytics and data retention for microservices and containerised applications.