Cybersecurity 2019: Predictions You Can’t Ignore

Uploaded on 2018-12-27 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

As we move forward to 2019, expect credit card and payment information theft to continue to rise. 

Yes, this isn’t a major surprise; however, if organisations can better address the reasons for the rise in cybercrime, they will be better prepared. 

Bolder Cyber Attacks against Digital Businesses

The good news: advanced security technologies are constantly being brought to market. The not-so-good news: threat actors are not letting that get in the way; witness more intensified and ever more sophisticated attacks.

Businesses remain vulnerable for the following reasons:

• Third-party components used by many businesses within their digital business environment – shopping carts, for example – present many vulnerabilities that cyber criminals exploit to breach security walls.

• More sophisticated tools, tactics, and procedures (TTP) enhance threat actors’ abilities, resulting in more organized campaigns and attacks of greater magnitude.

• Lack of real-time monitoring and response brings on greater frequency of attacks, which will continue ad infinitum until real-time monitoring and fast mitigation are instituted.

• More script-based malware (like in the British Airways attack), instead of executable malware, means that attackers can easily bypass existing protection mechanisms and not be blocked. The malware simply looks like normal code to the defense system.

• Lack of CISO empowerment reduces his/her critical role in fraud prevention, reputation protection, GDPR compliance, and enforcement – all necessary to ensure the standard of due care required to protect information, customers and employees.

• More legitimate infrastructure (e.g., real addresses and domains) being used as platforms for attacks allows attackers to obscure bad behavior and cover up their tracks. It makes it harder to detect and block attacks.

Getting around this problem requires more targeted threat intelligence and more sophisticated detection and response platforms and, if need be, outsourced, expert-based managed services.

A different look at the next-gen Security operations center

Experts looking at 2019s cyber security environment are predicting that the “next-gen” SOC will dominate. That is, security teams will start using more technologies to achieve detection and response versus simply relying on the SIEM alone. 

Deploying more and more technologies is not enough. In 2019, organisations will need to look at the SOC very differently.

Thanks to these pressing issues, convergence of brand protection with cyber security, CISO’s and CIO’s/CTO’s growing responsibilities (including preventing revenue loss due to fraud and brand infringement, detecting and mitigating attacks before they enter the companies’ perimeters), the critical need for real-time, automated, AI/ML-enabled solutions to detect and respond to attacks, companies will:

• Go over and beyond the SOC itself, appreciating more and more the point of view of a managed SOC that provides what a SIEM-based SOC by itself cannot in terms of effective detection and response.

• Move from the hyped-up AI and machine-learning technologies, which have yet to prove their value, and focus instead on collection capabilities, orchestration, and automation, which demonstrate ROI very quickly.

• Adopt Managed Detection and Response operations that are more focused on advanced threats and compliance than the SIEM.

Next step: Organisations who have reached “security maturity” don’t just need to monitor, they also need to detect, respond and, most of all, manage, i.e., orchestrate and automate all the threat alerts, intelligence, mitigation, and response. 

According to Enterprise Strategy Group research, just 19% of enterprises have now deployed security automation and orchestration technologies extensively. Has your organisation begun?

Help Net Security:

You Might Also Read:

The Symphonic Enterprise

« Fake Facebook Pages Account For 60% Of Social Network Phishing
What Makes Blockchain A New Security Standard? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Social-Engineer

Social-Engineer

Social-Engineer is a team of outside–the–box thinkers that share a common focus on human-to-human social engineering.

Cleo

Cleo

Cleo is a leader in secure information integration, enabling both ease and excellence in business data movement and orchestration.

Cigniti Technologies

Cigniti Technologies

Cigniti Technologies provides Independent Software Testing (IST) Services including software security testing.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

Arete

Arete

Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime.

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

Mindsight

Mindsight

Mindsight is a technology consulting firm with expertise from cybersecurity to cloud, disaster recovery to infrastructure, and collaboration to contact center.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

OptimEyes.ai

OptimEyes.ai

OptimEyes.ai is a unique AI-powered, on-demand SaaS solution for cyber-security, data privacy and compliance risk modeling.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.

Velotix

Velotix

Velotix empowers organizations to maximize the value of their data while ensuring security and compliance in a rapidly evolving regulatory landscape.

Sansec Technology

Sansec Technology

Sansec Technology is dedicated to the research and development of cryptographic products and solutions for cyber security.