Cybersecurity 2019: Predictions You Can’t Ignore

As we move forward to 2019, expect credit card and payment information theft to continue to rise. 

Yes, this isn’t a major surprise; however, if organisations can better address the reasons for the rise in cybercrime, they will be better prepared. 

Bolder Cyber Attacks against Digital Businesses

The good news: advanced security technologies are constantly being brought to market. The not-so-good news: threat actors are not letting that get in the way; witness more intensified and ever more sophisticated attacks.

Businesses remain vulnerable for the following reasons:

• Third-party components used by many businesses within their digital business environment – shopping carts, for example – present many vulnerabilities that cyber criminals exploit to breach security walls.

• More sophisticated tools, tactics, and procedures (TTP) enhance threat actors’ abilities, resulting in more organized campaigns and attacks of greater magnitude.

• Lack of real-time monitoring and response brings on greater frequency of attacks, which will continue ad infinitum until real-time monitoring and fast mitigation are instituted.

• More script-based malware (like in the British Airways attack), instead of executable malware, means that attackers can easily bypass existing protection mechanisms and not be blocked. The malware simply looks like normal code to the defense system.

• Lack of CISO empowerment reduces his/her critical role in fraud prevention, reputation protection, GDPR compliance, and enforcement – all necessary to ensure the standard of due care required to protect information, customers and employees.

• More legitimate infrastructure (e.g., real addresses and domains) being used as platforms for attacks allows attackers to obscure bad behavior and cover up their tracks. It makes it harder to detect and block attacks.

Getting around this problem requires more targeted threat intelligence and more sophisticated detection and response platforms and, if need be, outsourced, expert-based managed services.

A different look at the next-gen Security operations center

Experts looking at 2019s cyber security environment are predicting that the “next-gen” SOC will dominate. That is, security teams will start using more technologies to achieve detection and response versus simply relying on the SIEM alone. 

Deploying more and more technologies is not enough. In 2019, organisations will need to look at the SOC very differently.

Thanks to these pressing issues, convergence of brand protection with cyber security, CISO’s and CIO’s/CTO’s growing responsibilities (including preventing revenue loss due to fraud and brand infringement, detecting and mitigating attacks before they enter the companies’ perimeters), the critical need for real-time, automated, AI/ML-enabled solutions to detect and respond to attacks, companies will:

• Go over and beyond the SOC itself, appreciating more and more the point of view of a managed SOC that provides what a SIEM-based SOC by itself cannot in terms of effective detection and response.

• Move from the hyped-up AI and machine-learning technologies, which have yet to prove their value, and focus instead on collection capabilities, orchestration, and automation, which demonstrate ROI very quickly.

• Adopt Managed Detection and Response operations that are more focused on advanced threats and compliance than the SIEM.

Next step: Organisations who have reached “security maturity” don’t just need to monitor, they also need to detect, respond and, most of all, manage, i.e., orchestrate and automate all the threat alerts, intelligence, mitigation, and response. 

According to Enterprise Strategy Group research, just 19% of enterprises have now deployed security automation and orchestration technologies extensively. Has your organisation begun?

Help Net Security:

You Might Also Read:

The Symphonic Enterprise

« Fake Facebook Pages Account For 60% Of Social Network Phishing
What Makes Blockchain A New Security Standard? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

InAuth

InAuth

InAuth Security Platform delivers advanced device identification, risk detection, and analysis capabilities to help organizations limit risk and reduce fraud.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

Cybernetic Global Intelligence (CGI)

Cybernetic Global Intelligence (CGI)

CGI is a global IT Security firm that helps companies protect their data and minimize their vulnerability to cyber threats through a range of services such as Security Audits and Managed Services.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

InterVision

InterVision

InterVision is a leading Strategic Services Provider, assisting businesses in driving value and gaining a competitive edge by helping IT Leaders solve the most crucial challenges they face.

McIntyre Associates

McIntyre Associates

McIntyre Associates is an Executive Search boutique specialized in recruiting for the Cybersecurity industry. Our clients range from Venture Capital backed startups to Fortune 100 companies.

Lexsynergy

Lexsynergy

Lexsynergy is a global domain name management and online brand protection company.

Converge Technology Solutions

Converge Technology Solutions

Converge Technology Solutions Corp. is a North American IT solution provider delivering advanced analytics, cloud, cybersecurity, and managed services solutions.

BlackScore

BlackScore

BlackScore is a technology company seeking to disrupt risk assessment using AI-driven technology.

PricewaterhouseCoopers (PwC)

PricewaterhouseCoopers (PwC)

PricewaterhouseCoopers is a multinational professional services network of firms headquartered in London, United Kingdom and operating in 157 countries.

Valence Security

Valence Security

Valence manages and secures your Business Application Mesh by delivering visibility, reducing unauthorized access and preventing data loss.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

eMudhra

eMudhra

eMudhra is a leader in Identity and Transaction Management Solutions.