According to the Jefferies Identity Theft Resource Centre End of Year report, the number of breaches went down by 23 per cent in 2018 compared to the year before, while the number of records exposed rose 126 per cent from approximately 197 million to 446 million.
Hacking is still the most common form of data breach. The biggest breach in 2018 was at Marriot International, with 382 million people worldwide having their personal details stolen.
It is expected that these trends will continue in 2019, with new technologies emerging on defensive and offensive sides. Here are the top predictions for this year:
The buzzword is AI
Artificial Intelligence (AI) has already seen some great progress in the past few years.
As the rate of adoption continues to accelerate, its capabilities are also growing at an exponential rate. As a result, I foresee AI powered security tools seeing an uptake in adoption, both for defence and offensive use.
People are typically the weakest link in cyber security, so this year will see an uptake of rogue chat-bots that cyber criminals will use to coerce people into divulging sensitive files, click on links, download files, or share private data. As we’ll see the rise of text-based chat bots, these will soon evolve to speech-synthesised systems to social engineer targets over voice connections.
On the defensive side, machine learning will be leveraged to sift through the growing influx of signals from the information infrastructure in order to detect malicious use. AI is no silver bullet but it will, in part, address one of the biggest challenges.
Namely, of not enough manpower to process and thwart all the attacks. It is expected to aid security engineers by filtering out the noise so they can focus on the things that matter most.
This creates an interesting dichotomy between offensive and defensive sides. While the former cooperates and shares innovation, the latter does not, giving the offensive side the edge.
Once the defensive side begins to cooperate, it is expected the adoption of centralised Security Operations Centres will grow, leading to outsourcing of technical security entirely from organisations.
The Cloud changes everything
2019 is the year classic security perimeter thinking dies, since everything nowadays is inexplicably connected and vulnerable.
The exponential adoption of the Cloud has caught most cybersecurity departments off guard. This is because full development and test environments were erected outside the safe perimeter of company firewalls and security monitoring.
Development and test access have been given to resources all over the planet. And the test data, to ensure the new systems actually work, is often a copy of the production data.
As with most development projects, people move on and off. Administrative access is minimally managed, as is keeping the systems patched and up to date. If it’s not production, why should we care?
2019 will see the number of data breaches of these minimally managed environments rise, resulting in data leaks and code injections where attackers inject their backdoor code into development systems. The injected backdoor code will not change the systems business functionality, and instead will make its way to production and allow attackers to access the affected/infected systems.
GDPR was the beginning
Consumers will start to reclaim control of their data. As identity theft is rises rapidly, we’ll see a number of changes in the sphere of privacy.
New services will spawn that enable consumers to reclaim control of their data being held and collected. This will allow them to rent it back to organisations, effectively monetising on their own data.
Europe’s General Data Protection Regulation (GDPR) has changed the playing field, and this will play out in countries and organisations that prioritise privacy. The Privacy First approach will most likely affect development of new mobile and (Internet of Things) IoT applications significantly.
More countries will update and refresh their privacy laws, enabling alignment to GDPR and give teeth to government privacy watchdogs.
Hardware has security vulnerabilities too
The Intel chip bugs Spectre and Meltdown have shown that hardware, mainly the silicon, hasn’t been a security researcher’s favourite domain. With more researchers now starting to look into the subject, we can expect 2019 to have a lot more on-chip security flaws exposed.
The most interesting research targets are SOCs or “System on Chip”, which are single chip solutions containing a miniaturised computer, often forming the basis of IoT devices, network printers, routers, set-top boxes, DVRs, and smartphones. These devices are commonly used beyond their supported life, meaning security flaws won’t be fixed at all.
Unlike software, hardware security flaws cannot be fixed by replacing the flawed component. It’s financially not viable to do so for the manufacturer and the end-user (have you ever swapped out a chip in your phone?). The issues need to be remediated in software, and this is where the bugs bite. For example, the Spectre and Meltdown patches were done in the operating system, resulting in a considerable performance hit.
Securing your valuable corporate data is always a challenging task. There are many solutions and approaches, but no silver bullet when it comes down to securing the human factor.
Prevention is key, but if that fails, make sure you have detection and correction controls in place. Additionally, ensure your incident response is set up to remove any vulnerabilities and leaks as fast as possible.
In response to this threat environment, we have developed modular DevSecOps services to identify vulnerabilities and guard code and data integrity in dev/test environments deployed on premises and in the Cloud. It enables visibility and control for the DevOps teams and the security department, providing a right-sized approach to cover your risk from code and data to environment and infrastructure.
For the reasons listed above, one of our more popular security products is the Privacy Risk Assessment, which enables an organisation to grade the risk associated with the private information captured and processed on their systems. Contact us today to find out how we can support your digital transformation by enhancing your cybersecurity posture.