Cybersecurity is on the minds of leaders at almost every company. Regardless of the industry, all companies have data, much of which needs to be protected as it contains personally identifiable information, trade secrets, and other proprietary content. The thing about cybersecurity is that it is always evolving. What worked well to protect data yesterday, may fail today. Since this is a quickly changing field, it is critical to check the pulse on a regular basis. Everyone wants to know what keeps the cybersecurity experts up at night.
Shifting Perspective: Prevention, Detection, and Response
Brian Krebs of Krebs On Security—a respected thought leader in this space—spends his time breaking down breaches and security issues, expressing what it really means to the future of secured data. In a recent post, he wrote about the Marriott breach, which exposed the personal information of over 500 million guests.
He mentioned that companies may have to face the fact that they cannot keep all criminals out of their system, even if they do everything right. The key, however, to gaining the upper hand is by attracting and retaining more cybersecurity talent, Krebs said. This means that the sole focus cannot be on prevention. There must be equal attention on intrusion detection and response.
Other 2019 Cybersecurity Trends
This is just one trend that will have much influence over what happens in cybersecurity in the next year.
Regulations and Consumer Worries About Privacy
With the introduction of the European Union’s General Data Protection Regulation (GDPR) in 2018, there is a new focus on what the consumer can control about his or her personal data. The GDPR is supposed to hand out fines for any breaches, but as of yet the European Union has not made an example of anyone. However, it is important to note how unique the GDPR is and how it discerns regulation based on consumer sentiment.
More regulations like these are on the way with the California Consumer Privacy Act going into effect in 2020. Also, the Consumer Data Protection Act, a bill that includes stiff penalties for noncompliance has also been introduced.
MFA Will Become the Gold Standard
Multi-factor authentication (MFA) has been around for some time as a tool to use to authenticate users. This means that platforms that only use a password will roll out additional measures to ensure it is really the correct person. While this may at first seem like more hoops to jump through, it’s the best way to protect against phishing campaigns.
Spear Phishing Will Become More Sophisticated
Cybercriminals are getting better and better at phishing. The more they know about their target, the better their phishing attempts are. A hacker could breach someone’s email first to “learn” about you so that when they release their phishing scheme, it will be even harder to detect that it is not from a trusted party. One specific way this is being used is for the wiring of monies for mortgage closings. The hacker knows when the closing is and all the details from their snooping, so they send an email before the actual closing agent does with wiring information.
From an overall perspective what is really critical in the world of cybersecurity is vigilance. Companies can never let their guard down on any front when it comes to a breach. Now that the world is so inundated with breach information, that means companies have to prove that they are trustworthy enough to have the data of both businesses and consumers. They can do this by understanding trending threats and how to be ready for them.
Any business that manages and stores data must not be complacent in their cybersecurity strategies. It is time for every business to protect data just as they would any other asset.
For the latest news, videos, and podcasts in the IoT Industry, be sure to subscribe to our industry publication.