With the first $1m bug bounty launched, major cities and governments faced with ransomware and more than 4 billion records exposed in data breaches, 2019 wasn’t exactly a dull year for cybersecurity and digital risk.
In 2020, things are now even more complex, as attackers get more creative and companies struggle to keep up with evolving attack methodologies. So, what should you be looking out for in the next few months?
1. Understanding your digital footprint will be harder than ever
The way we work is getting more complicated. Whether it’s flexible working policies, infrastructure as a service, or IoT devices added to our corporate networks in huge volumes, most companies are speeding up the pace of upgrades to their technology investments as part of a wider digital transformation initiative. This is largely a good thing and has led to huge productivity and agility gains for many companies. Unfortunately, we are not doing enough to retire redundant services and domains as our infrastructure evolves and leaving these forgotten connections unattended makes it easy for hackers to exploit them.
Of course, you can’t protect what you can’t see, so it’s never been more important for our security processes to capture and visualise our organisation’s digital footprint as it expands over time. Without this visibility, it’s impossible to have confidence that you are protecting your attack surface (and your users!) against digital risks like typosquatting, phishing attempts and ransomware. Fortunately, regularly mapping your digital footprint is becoming easier overtime as automated digital risk tools become the norm for many businesses.
It’s also important to note that your digital footprint does not stop at your corporate network, but also includes the third-parties access and managing your sensitive data. One of the most pressing digital risks to understand this year will be the suppliers and partners who are not meeting your data protection or security standards. And speaking of suppliers…
2. Supply chain cyberattacks will dominate the headlines
As many sectors continue to face challenging economic conditions, companies are turning to suppliers to outsource their secondary business processes and reduce internal costs. The volatile geopolitical and climate landscape has accelerated this trend, as companies spread their supply chain geographically to maintain business as usual and reduce over-reliance on any one region. This highly dispersed supply chain introduces more third-party risk into the business, and makes it extremely challenging to visualise and monitor cyber threats posed by suppliers.
Attackers are making the most of this vulnerability, often using suppliers as low-hanging fruit to infiltrate the corporate networks of larger enterprises. The four major cyberattacks on Airbus in 2019 targeted smaller suppliers to steal data and sensitive technical documentation related to military transport planes.
In 2020, suppliers that are central to our interconnected way of working will be the biggest targets, with the legal and accounting sectors no longer able to hide in obscurity. Attackers are waking up to the large volumes of sensitive data aggregated by professional services firms, and they will likely see a sharp rise in cyberattacks making headlines throughout this year.
3. Cloud security errors will be the biggest source of data leaks
With Gartner expecting the global public cloud market to exceed $250 billion dollars in 2020, it’s never been more important for organisations to ensure their cloud services are implemented correctly. Unfortunately, the demand for cloud adoption is far exceeding the in-house skills needed to manage it, and many cloud services customers are still not adequately trained or resourced to maintain their cloud infrastructure correctly.
Cyber attackers are well aware of this vulnerability gap, as we saw in last year’s Capital One data breach that affected more than 106 million customers in North America and remains the largest data breach in the US financial sector to date. That attack was made possible by a misconfigured AWS application firewall that was exploited to download sensitive customer data including payment history, social security numbers and credit scores.
In 2020, organisations will need to take the security of cloud storage as seriously as risks to on-premise infrastructure and ensure that employees are adequately trained and resourced to minimise misconfigurations. Given the scale of the task, automating these processes will be a necessity, and remove the human error factor from monitoring complex networks of cloud services and infrastructure as deployments evolve over time.
4. False positives will continue to pose a threat
While it’s tough to deny the efficiency gains that AI and machine learning have brought to cybersecurity processes, some emerging technologies over-rely on event-response logic when it comes to threat detection.
Even back in 2015, the Ponemon Institute estimated that organisations received an average of 17,000 malware alerts a week, with just 19% considered reliable. The volume of cyberattacks has grown exponentially since then and security analysts can now find themselves sorting through millions of alerts to the point where they’re practically being DDoSed by their own tools. With this brute force approach to threat intelligence, it’s easy for credible cyber threats to get lost in the noise among false positives.
In 2020, it will be important than ever to validate and prioritise cyber threats as they emerge, in order to avoid ‘alert fatigue’ and meaningfully reduce the level of digital risk faced by your organisation.
5. Technological convergence will introduce a new set of security implications
As technological capabilities such as quantum, AI, 5G and edge computing increasingly mature, they will start to be integrated into business operations in 2020. Hopefully these enhancements will allow networks and systems to become more cognitive and make decisions based on business context, which will open up a host of benefits for companies looking to gain an advantage.
However, organisations must be aware that this technological convergence will make it harder than ever to define and monitor your attack surface as connections multiply between networks, devices, databases and applications.
This trend will likely have the largest impact on critical national infrastructure such as the energy and healthcare sectors, with state-sponsored attacks on industrial control systems looking to take advantage of this increasing complexity and exploit security blind spots to devastating effect.
Fortunately, with the right processes in place a lot of the risks driven by convergence can be accounted for and mitigated, especially if cyber threats are understood before they’re introduced into the network. Procurement and supply chain professionals will have a role in this early-stage due diligence. By embedding digital risk and cyber exposure metrics into the new technologies they are purchasing, procurement teams will be able to make buying decisions that align with the risk appetite of the wider organisation.
At the end of the day, managing digital risk and cyber threats in 2020 will definitely be a challenge for many organisations but it’s not all doom and gloom. At Darkbeam, we’re here to help share best practice advice and digital protection solutions that can simplify your threat reconnaissance and help you stay one step ahead of attackers.
Want to know more? Contact us via our website or info@darkbeam.com to start working on your risk mitigation plan.