10 Cyber Security Trends To Look Out For In 2019

2018 was an interesting year for all things cyber.

It was the year that brought major breaches pretty much every week. Most recently, the Marriott Hotel group suffered a significant data breach, while Quora fell foul to some cyber criminals.

Cyber security is still the issue on every business leaders mind.

This year, organisations have had to get their house in order with GDPR, amongst others, coming into force on 25 May. The stakes for protecting your organisation from cyber threats have never been higher.

So, what can we expect to see in 2019 then? Here are some things to consider.

Cyber security regulations improvement

We need to see a continuing improvement in the relevant regulations as apply to cyber security.

The dynamic and fast-moving nature of cyber security outpaces regulation which is far too slow and clumsy to be of any benefit and might actually hinder security by building a culture of compliance with regulations and a false sense of security against enemies who are agile, motivated, and clever.

Data theft turning into data manipulation

We can expect to see attackers changing their methodology from pure data theft and website hacking to attacking data integrity itself.

This type of attack, in comparison to a straightforward theft of data, will serve to cause long-term, reputational damage to individuals or groups by getting people to question the integrity of the data in question.

Demand will continue to rise for security skills

A global shortage of cyber security skills in the workplace arguably makes organisations more desirable targets for hacking.

Demand for expertise will rise as companies realise that their current IS strategy is not sufficient.

Also, with companies increasingly insourcing their security needs, internal training and skills growth has to continue to accelerate. Tailored training programmes are crucial.

Cyber security and Internet of Things (IoT)

‘Secure by design’ will garner much copy, but probably will not deliver until 2019 or beyond. We’ll have to wait and see with this, as connected devices are increasing in circulation by the day, and perhaps it is only a matter of time before the security vulnerabilities are exposed — could there be a repeat of the Mirai Botnet in 2019?

Indeed, the next generation of AI-powered attacks will be crafty enough to emulate the behaviours of specific users to fool even skilled security personnel.

This might include the ability to craft complex and bespoke phishing campaigns that will successfully fool even the most threat-conscious among us.

Attackers will continue to target consumer devices

Ransomware is a recognised problem for companies of all shapes and sizes, epitomised by the large scale WannaCry attack that decimated the UK’s NHS and organisations around the world.

In 2019 and beyond, will we start to see consumers being targeted across a range of connected objects? This is a likely scenario, with examples coming out of child predators targeting IoT devices in toys (designed for children).

Attackers might even target the smart TV in your house via a ransomware attack that would require you to pay a fee to unlock it.

Attackers will become bolder, more commercial less traceable

Hackers will look to become more organised and more commercialised, perhaps even having their own call centres – something already seen with fraudulent dating sites.

They will look to base themselves in countries where cybercrime is barely regarded as a crime and thereby placing themselves outside their victims’ police jurisdictions.

Attackers will get smarter

Attackers capability to write bespoke targeted code will continue to improve faster than the defender’s ability to counter or get ahead of it.

They will continue to exploit the Dark Web, a small portion of the Deep Web, in order to successfully hide and to communicate with other criminals.

Breaches will get more complicated and harder to beat

Cybercriminals will look to grow their malicious activities using malicious code in ever more devious ways.

Such a ransomware variant has already been discovered using an innovative system to increase infections: the software turns victims into attackers by offering a pyramid scheme-style discount.

If the victim passes on a link to the malware and two or more people install this file and pay, the original victim has their files decrypted for free.

Cyber risk insurance will become more common

This type of insurance will increasingly become part of operational risk strategy however, the insurance industry needs to tailor products specific to client needs and not just provide blanket cover as extensions to existing risks.

As the industry evolves we might see cyber insurance covering for loss of reputation and trust with their customers, loss of future revenue from negative media or other exposure, and improvement costs for security infrastructure or system upgrades.

New job titles appearing – CCO (Chief Cybercrime Officer)

In the aftermath of the TalkTalk data breach, MPs recommended appointing an officer with day-to-day responsibility for protecting computer systems from attack.

Will 2019 see organisations looking to appoint a Chief Cybercrime Officer?

The CCO would be responsible for ensuring that an organisation is cyber-ready, would bear the responsibility for preventing breaches, would take the lead if a breach did occur and provide a robust connection between the Board and the rest of the company.

Information Age:

You Might Also Read:

Cybersecurity 2019: Predictions You Can’t Ignore!

« South African Cybercrime Is Advancing Fast
Behind The White House’s Plan To Be More Aggressive In Cyberspace »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

it-sa 365

it-sa 365

it-sa 365 is a digital platform for connecting IT security vendors and experts with those who bear responsibility for IT security in management and technology.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

AirCUVE

AirCUVE

AirCUVE provide authentication and access control solutions for networks and mobile security.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Business Continuity

Business Continuity

Business Continuity delivers integrated IT solutions for cybersecurity, virtualization, cloud platforms and operational security solutions.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cloud Managed Networks

Cloud Managed Networks

Cloud Managed Networks provides enterprise grade IT network solutions for cloud-based and on premise network security, Wi-Fi, data switching, collaboration, device management and more.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Pentest Limited

Pentest Limited

Pentest Limited provide information security consultation, penetration testing & red teaming services to companies across the globe.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

Memcyco

Memcyco

Memcyco is a provider of cutting-edge digital trust technologies to empower brands in combating online brand impersonation fraud, and preventing fraud damages to businesses and their clients.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

Board of Cyber

Board of Cyber

Board of Cyber offers Security Rating: a fast, non-intrusive, continuous, 100% automated solution to evaluate the cyber performance of an organization.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.