Every year, like some sort of ritual, pundits and egg-heads (like me) write down our very own predictions. Under a magnifying lens, the predictions are self-serving. However, looking at trends from last year, I think 2019 is going to be a defining year at the delicate intersection of physical and cyber security.
Now than ever, the Internet of things (IoT) coupled with advances in artificial intelligence (AI) are some of the forces fueling this evolution. Whatever happened in 2018 is really shaping the CyberSecurity talk going forward, including the massive data breaches that affected big names like Quora and Marriot Hotel.
The Biggest Cyber Security Stories of 2018
If we are to predict the future of Cyber Security in 2019, first we take a look at the biggest stories from 2018. By doing so, we can easily predict the future ahead.
- Kaspersky Loses Lawsuit to USA Feds
Kaspersky Labs, a popular Russian based anti-virus and cyber security company gets banned by the U.S. government in December 2017. Kaspersky’s woes were underlain by the U.S. officials’ worries that the company was vulnerable to influence (and perhaps, interference) from The Kremlin.
Kaspersky countered the ban with a legal suit against the Federal government and lost in May 2018. In November 2018, a federal appeal upheld the verdict.
- 3 Major Cyber Security Companies Bought by Tech Giants
It was a year that saw AlienVault, Duo Security and Cylance all purchased for large sums by tech giants in the world, namely: AT&T, Cisco, and BlackBerry, respectively.
Each of the buy-ins would have gone unnoticed, had they not ranged in the billions of dollars. What does that mean for cyber security? Well, for one, it means that the big names in tech and data sharing are a big part in the Cyber security conversation moving forward (see DNSstuff Reviews).
- EU’s General Data Protection Regulation (GDPR)
In May 2018, the European Union finally rolled out the GDPR, as a concerted effort to allow its citizens the ability to control their personal data. Many industry players have described these rules as being the toughest in the world, especially the accompanying fines of up to 20 million euros for any company caught violating these rules.
Based on the EU regulations, we can easily predict the security trends going into 2019, in the aftermath of the recent Facebook and Marriot data security threats.
- Marriot and Facebook Data Breaches
Perhaps the most notable cyber security new in 2018 came in the form of data breaches and personal information compromises, this time from Facebook and Marriot.
In September 2018, Facebook discovered a vulnerability that allowed hackers to control 50 million user accounts. In the months that followed, Facebook CEO/Founder Mark Zuckerberg was put to tasks to explain the existing security parameters.
Simply said, it was a hell of few months for one of Palo Alto’s youngest self-made billionaires.
While Zuckerberg was explaining himself to Congress, Starwood, a company owned by Marriot was struggling through November, with a data breach they found months earlier, that compromised the payment information of nearly 500 million guests.
So, what are we looking at dominating the cyber security conversation this year?
Evolving Cyber Security Regulation
If the domino effect caused by the European Union’s GDPR is anything to go by, then companies doing business in the region need to keep a sharp eye on how they manage personal data. Apparently, it has awakened regulators across the world as they scramble to review their own cybersecurity laws and regulation.
Given the size of the EU market, it’s not surprising that the GDPR is slowly morphing into a global standard. As such, expect various governments become strict over their laws in order to accommodate the changes that have occurred in the IT and Internet space. All of these are a consequence of the GDPR and the need to protect users on one hand, while not needlessly limiting business operations on the other.
Increased Demand for Cyber Risk Insurance
One of the widely discussed clauses in the GDPR provisions is the hefty fine for breach of terms. To be exact, any organization that violates the laid rules risks fines of as much as 4 percent of their global revenues. For big corporation like Apple, Facebook, Huawei etc., this translates to billions or hundreds o million dollars, an amount that would be applied to boost operations.
Cyber Risk insurance has been around for years, but new stringent laws like GDPR are bound to drive more companies into taking insurance policies. For existing policies, expect revisions to ensure they cover not just the cost of reputation, but also loss of revenue and the cost of regulatory fines.
Data Manipulation to Replace Data Theft
Traditionally, hackers were interested in obtain large volumes of sensitive data from targeted systems. Such data would include passwords, credit card numbers, and social security numbers, which would be used to perpetrate frauds.
In 2019, goal-posts are going to shift, with data manipulation becoming the primary concern for the hackers. Unlike data theft, data manipulation is mostly about malice than financial benefit. As such, hackers will be targeting inflicting persistent reputation damage on the target individual or organization by getting users and customers to doubt the integrity the brand or organization.
Moving forward, Cyber Security will be a hot topic in the technology arena, and the role of cyber security professionals is likely to significantly exceed the available talent in 2019. Similarly, with more people taking up online markets, the volume of data being generated and collected is likely to increase.
Similarly, the need to analyze and secure the data becomes a necessity in 2019. That holds true as companies like Amazon, Google and Microsoft work towards bringing AI and ML tool to their respective cloud offerings, thus, bringing technology to a much wider audience.
For now, we can only predict that 2019 is guaranteed to be an exciting year between machine learning cloud security, and new vulnerabilities on the horizon.
And, with the emergence of Intelligent Internet of Things (IIoT), many organizations will find themselves having to combine human expertise with technology capabilities.