Last year brought us some of the largest and most complex data and security breaches ever seen. Quora’s data breach by a “malicious third party” exposed the personal data of nearly 100 million users. Marriott International revealed a data breach dating back to 2014 that compromised the personal information—and, perhaps, even credit card details—of as many as 500 million guests. Facebook made news when up to 90 million of their user accounts were exposed by a security breach in September 2018. And Reddit, the self-proclaimed ‘front page of the internet,’ was compromised when a hacker gained access to user data through their cloud and source code hosting providers. Can these past attacks help us identify security trends we might see this year?
In 2019, we expect to see a direct increase in security measures that better safeguard customer and company data. That’s important because, according to a 2018 study by Juniper, cybercriminals will steal an estimated 33 billion records in 2023, compared to the 12 billion records in 2018. Now is the time to shore things up and stop that staggering rise.
What will 2019 continue to bring us in regard to security trends? Conversations about Facebook privacy, GDPR and AI security tools will continue. However, this year, we’ll see more physical security measures put in place to protect individuals on all devices.
Ransomware Is Still Here—But Is Losing Power
According to a study by Kaspersky, the number of users who encountered ransomware in 2017 and 2018 fell by nearly 30 percent over the 2016 and 2017 time period. The decrease can be attributed to criminals moving on to new, more effective attacks, like cryptojacking.
Tools used for cryptojacking are readily available, making it easy for even non-technical users to download them and take advantage. As cryptojacking increases, ransomware will continue to decrease. However, it will still be a valid threat. Criminals are beginning to create more focused attacks, honing in on certain money-making niches, like the healthcare sector.
The Modern Day Spy
We can expect more nation-state attacks and surveillance on journalists, dissidents and politicians. Put simply, countries will begin using technology to “spy” on their citizens, as was the case of Saudi journalist, Jamal Khashoggi. Khashoggi was tracked while in Canada by the Saudi government through the use of Israeli cyberweapons. This is a scary reality but one of the security trends we need to be aware of.
Unfortunately, according to US Director of National Intelligence Daniel R. Coats, “The potential for surprise in the cyber realm will increase in the next year and beyond as billions more digital devices are connected—with relatively little built-in security—and both nation states and malign actors become more emboldened and better equipped in the use of increasingly widespread cyber toolkits.”
Safe Online Voting Practices Will Be a New Focus
In 32 states and several countries, online voting is the norm. This year, if voter fraud is confirmed to have occurred during the midterm elections, the online voting process will need to undergo an overhaul. This is a call for secure online voting practices for all. Unfortunately, there is a battle between accessibility and integrity which will continue to be debated.
According to a study compiled by Jeremy Epstein, vice chair of the U.S. Technology Policy Council, “It appears that, in some cases, it could be that there are enough votes being cast online that they could flip elections if they were manipulated.” Hackers can intercept data on its way to the polls, changing votes. Or, malware can alter what voters type into their ballots and infect the PDF or PEG files that voters email in.
All Online Transactions Will Require Multi-Factor Authentication
Websites and online services are already using multi-factor authentication instead of traditional password-only methods. According to experts in the tech field, antivirus software, firewalls and encryption technology can only go so far without true multi-factor authentication.
Hackers are notorious for using weak or stolen credentials to access information. In fact, this method is used in 95 percent of all web application attacks. If a hacker can gain access to an account by simply guessing or using software to decipher a password, other security measures won’t be enough.
AI Will Be a Weapon Against Threats
AI, or artificial intelligence, makes it possible for companies to view security analytics as a means to prevent cyber attacks and even secure them quickly when they occur. However, as of 2017, only 12 percent of enterprise organizations have deployed AI-based security analytics extensively. In 2019, more companies will begin using AI, if even on a limited basis. This is one of the security trends that shows the most promise.
According to ESG Research, companies are adopting AI for a variety of reasons. 29 percent are using AI to increase incident detection, improving how they curate and measure high-volume security alerts for incident detection across many different tools. Another 27 percent want to use AI to increase incident response, improve operations, prioritize incidents and automate remediation tasks after the incident.
Even though 2019 brings the promise of increased cybersecurity threats, it also brings the promise of developments, opportunities, and security trends to collectively tackle the issues every industry faces. For now, only time will tell if technologies like AI, multi-factor authentication and safer online voting practices become the norm.
The original version of this article was published on Inspired eLearning.