Predictions for Cyber Security in 2020

The dynamic world of cyber security is prompting a new shift in focus for security execs and frontline defenders as we head into a new year in 2020. Given the rapid pace by which enterprises have adopted Cloud computing services to improve operations, the frequency of threats and attack methods, and the widening skills gap facing many industries, we expect 2020 will finally be the Year of Preparedness & Cyber Proactivity—from the CISO, to the Director of Risk Management, to the Network Analyst professional—and we’ll tell you why.

A recent report from ICS2 noted that the cyber security industry now faces an estimated shortfall of 4.07 million cyber professionals. In the U.S. alone, the industry is expected to have more than 490,000 unfilled cyber positions in the coming years. While the great debate continues as to whether we really have a “skills gap” problem or if we need to loosen the reins on job requirements and lower candidate qualification expectations, one thing is for sure—today’s (and tomorrow’s) cyber professionals will need help in combatting imminent threats to harden cyber security in 2020. To facilitate their preparedness strategy, we envision proactive tools and resources will become more mainstream to help professionals do their jobs with greater efficiency leveraging automation, to support expanding security provisions, compliance requirements, and minimize the widening attack surfaces.

Automation will become the preferred way to support security operations

Whether a security manager has 1,000 defenders on their cyber team or one, automating certain administrative tasks for these individuals will be a goal focus in 2020. Directors, managers and cyber team leads understand that threats are getting so sophisticated that network defenders and security analysts need as much help as possible.

Our own Battle Room Design Team Lead Matt Suprenant anticipates enterprises will be finding ways to “automate responses to detections” observing at the Microsoft Ignite event in Nov. 2019 that Microsoft toolsets on display were designed with automation in mind.

“As we think about the future of cyber, we will see a combination of things start working together as we learn more about AI, SOAR, and other mechanisms by which we can augment today’s workforce.” ~ Battle Room Design Team Lead, Matt Suprenant

Cloud adoption will be growing across all security sectors

In 2019, we predicted more enterprises would shift to the cloud for a more seamless and elastic security experience. Reports indicate that about 90% of businesses today are using the cloud to conduct operations from simple file storage to sales transactions in the cloud. So what’s next? Security divisions will be leveraging the cloud to train their professionals on the latest cyber threats and attacks in 2020. Cyber training in the cloud will likely become one of the new ways Cloud computing will be leveraged in 2020 since teams need persistent and always-on access to training (moving away from the one-and-done on-site classroom-based training offerings of today). The future of cyber training will occur in the cloud.

Don’t believe us? Hear the benefits of training in the Cloud in our webinar.

Renewed focus on security awareness training for all employees

Human resource managers and risk and compliance managers will work more closely together to design their own security training programs to nurture incoming talent and existing staff. Another cyber security prediction in 2020 will indeed be around this topic, as HR managers and Risk and Compliance managers identify new ways to educate all employees (not just the IT staff) on cyber risks, attack methods, and how to spot suspicious emails (phishing attacks), links, website, and other digital assets related to endpoint security.

“I hope the prioritization of training and education continues to increase; I hope the prioritization of security as a pillar of someone’s organization continues to get recognition. I think we’re coming out of a phase where organization’s felt that could just ignore the elephant that’s stomping around their data center. I’m hopeful we’re moving into this position that people are being more generally aware [of their digital activity online], not just on paper, but that [cyber security readiness and training] needs funding and collaboration…The industry is moving toward recognition that this is where priorities lie.” ~ Megan Daudelin, Team Lead, Curriculum Development

Election Security will dominate discussions

Years ago, ballot fidelity was the issue to solve but now, election security is the hot ticket item to address in cyber security in 2020. The breadth and diversity of counties means election security isn’t managed the same way, putting all elections at greater risk of interference. Russian cyber criminals have been able to gain access to voting systems around the country, most notably in the 2016 election. As we head into an election year, election security pros will be understanding vulnerabilities in voting machines and (ideally) replacing such machines using congressional funds, which granted $380 million to upgrade old voting systems.

We also anticipate both election volunteers and frontline election security tally monitors and processors will desire more cyber training and education to ensure they’re doing their part to stay vigilant against any suspicious activity that comes in their purview.

Increased Attacks on IT/OT automated systems, state local governments

Municipal ransomware attacks on cities was a big occurrence in 2019 and we don’t envision it’s going to stop in 2020. A CNN news article reported that over 140 local governments, police stations and hospitals were held hostage by ransomware attacks in 2019. As more entities run by and are funded/informed by state and local government organizations, automated operations of network security will be more prevalent to streamline workforces and workloads, thus, increasing the chances of cyber attacks occurring on those systems. To prevent data breaches and make cyber readiness a top priority, live fire cyber exercises will be leveraged to bring together cyber security experts across departments and teams, divisions and functional areas of critical infrastructure and government operations.

We will continue to see a rise in targeted ransomware attacks, especially against small to medium size public entities like utilities, governments, and hospitals. Too many are just paying the ransom because it is far cheaper to do that than fix it, even if you have backups. ~ Paul Ellis, Senior Product Manager

What do we do to harden cyber security in 2020?

Educate, educate, educate. Train. Train. Train.

That is our recommendation for security leaders, managers, and frontline defenders who are heading into 2020 trying their best to anticipate the next threat vector or patch a vulnerability.

The more companies can educate their non-technical staff about cyber issues and suspicious activity while IT teams and security divisions regularly train/upskill their defenders the better off enterprises will be.

It’s important to remember that cyber security in 2020 and beyond is not a “do this thing and you’re secure” effort. Cyber security and hardening posture is a JOURNEY, not to be taken lightly or without concern.

For enterprise security teams who want to understand more about how Project Ares can support cyber learning in mission scenarios that address election security, ICS/SCADA systems, and experience learning against automated adversaries in the Cloud, schedule a demonstration of Project Ares today.

For HR managers and Risk and Compliance directors seeking ways to implement a company-wide security awareness training program using gamification, check out our inCyt platform (Available soon).

 

Photo by Ramón Salinero on Unsplash
Photo by Shahadat Rahman on Unsplash

Good Bots and Bad Bots: How to Tell the Difference to Stay Cyber Safe

You may have heard or read the term “bot” in the context of cyber security. Normally we hear this word in the wake of a cyberattack and relate it to breaches in computer or network security. While there are certainly bad bots, there are good bots too! So what exactly is a bot, how can you differentiate, and how do they work?

What are bots?

The term bot is short for robot and is a type of software application created by a user (or hacker) that performs automated tasks on command. There are so many variations, from chatbots to spider bots to imposter bots. Good bots are able to assist in automating day to day activities, such as providing up to the minute information on weather, traffic, and news. They can also perform tasks like searching the web for plagiarized content and illegal uploads, producing progressively intelligent query results by scouring the internet content, or helping find the best purchase deals online.

While we encounter bots like these in our everyday activities without really thinking about them, being aware of bad bots is important. Bad bots, used by adversaries, perform malicious tasks and allow an attacker to remotely take control over an infected computer. From there, hackers can infiltrate the network and create “zombie computers,” which can all be controlled at once to perform large-scale malicious acts. This is known as a “botnet”.

How do bots work?

Cybercriminals often use botnets to perform DoS and DDoS attacks (denial of service and distributed denial of service, respectively). These attacks flood target URLs with more requests than they can handle, making regular traffic on a web site almost impossible. Hackers use this as a way to extort money from companies that rely on their website’s accessibility for key business functions and can send out phishing e-mails to direct customers to a fake emergency site.

Protect yourself from bad bots

Don’t let this information scare you though! Awareness is a great first step to recognizing any potential harmful activity, whether on your own computer or on a site you visit online. Preventing bad bots from causing attacks before they start is easy with these tips:

  • Ensure your antivirus software is up to date by setting it to automatically update.
  • Routinely check the security options available to you for your iOS, web hosting platform, or internet service provider.
  • Only click on links and open emails from trusted sources. Avoid accepting friend or connect requests, responding to messages, or clicking on links from unknown persons on social media.

Bots can be incredibly helpful, and we use them every day. Knowing how to differentiate the good from the bad while taking the necessary precautions to protect yourself against malicious bots will ensure that you only need to deal with bots when they are telling you about blue skies or saving you money on that great shirt you’ve been wanting!

Photo by Su San Lee on Unsplash