Here are some predictions for the new year.
Happy New Year! As we finish singing “Auld Lang Syne” with a champagne toast to close out 2018, it is time to look to 2019 with excitement. But, before you make a few New Year’s resolutions, it would be best if you took a step back to analyze a few predictions and trends that may impact your cybersecurity strategy in the year to come.
A New Year, A New Set of Cybersecurity Challenges
We have talked extensively about how cyber criminals don’t take time off for the holidays, but in fact redouble their efforts to wreak havoc and make a few million dollars in the process. If 2018 was any indication, then in all likelihood, 2019 will bring even more creative and potentially damaging malicious attacks.
Get articles like this delivered to your inbox every week. Subscribe to Cyber Resilience Insights today.
The staff at CSO Magazine agree and offered “9 cyber security predictions for 2019” for you to ponder:
- “Ransomware tapers off, but still wreaks havoc
- Regulation and public sentiment on privacy will drive data protection policies
- Expect more nation-state attacks on and surveillance of individuals
- Microsoft will move Advanced Threat Protection (ATP) to all its mainstream products
- We will determine that voter fraud occurred in the mid-term elections
- Multi-factor authentication will become the standard for all online transactions
- Spear phishing becomes even more targeted
- Nations will make an effort to establish cyberwarfare rules
- More organizations will require masters degrees in cybersecurity for CSOs/CISOs”
Four Other Trends to Watch in 2019
We would offer our own observations on four significant cybersecurity trends to watch for which include:
- We expect a large volume of attacks for credentials harvesting phishing campaigns. This still seems to be the easiest most efficient way for attackers to get value quickly and easily.
With the increasing amount of phishing kits available on the wild, even for free, and the easily available certificates and new TLDs, this even makes it easier.
On the other side, security vendors seems to struggle with traditional solutions such as domain blacklisting and we don’t see many innovations or ideas for better efficacy, especially not in real time.
- Vulnerabilities becomes harder to find, especially the traditional memory-based exploits. Attackers seems to look for more logical techniques, including file-less attacks and non-memory related vulnerabilities in logical design.
- On the web front, we believe that crypto-mining attacks will increase to even larger volume, and their grasp would be among the fortune 500 companies.
- IoT security seems to grab a lot of attention. While no big notable attacks were seen lately, organizations seem to still lack visibility and protection across devices connected to the corporate networks and roaming ones.
Prevent, Don’t Remediate
Given these nine CSO predictions and my four other trends to watch, it is probably time to pause and reflect on the vision for your IT security strategy. Is it based on “protecting your information assets from malicious code and cyber terrorists," or is it “preventing any bad people from doing bad things?”
It seems like you should be able to answer yes to both, but the reality is that a primary value of protection versus prevention will have dramatic implications when it comes to dealing with the aftermath of malicious code attempting to enter your environment. Will you have to remediate damage done or just revel in the knowledge that your strategy prevented what others were infected by? At Mimecast, we suggest prevention over remediation every day.
Check out how Mimecast can provide you the means to prevent phishing and ransomware damage. Give us 20 minutes and we can show you how. Register for a demo today.
Want more great articles like this?Subscribe to our blog.
Get all the latest news, tips and articles delivered right to your inbox
You will receive an email shortly