Cybersecurity in 2019: Expectation Vs Reality
- In 2019, 32 percent of breaches and 78 percent of cyber-espionage incidents were carried out through phishing attacks.
- Automation gained grounds in security operations across many organizations this year.
To make growth in the right direction, it’s important to learn from history and carve the future strategies accordingly. The year 2019 saw cybersecurity technology advancing and evolving new tools and techniques to meet the challenges posed by the latest cyber threats. In fact, many also predicted last year about how the attack tactics of adversaries would grow, what technologies would play a critical role in shaping the future of cybersecurity, and more.
Here we review those predictions and expectations to see what actually unfolded this year.
Expectation: Increased number of attacks
Reality: Phishing emerged as the top cybersecurity threat. The latest Data Breach Investigations Report (DBIR) revealed that 32 percent of breaches and 78 percent of cyber-espionage incidents were carried out through phishing attacks.
The phishing landscape has evidently widened this year with email phishing still leading the way. Organizations can’t afford to go easy on two important things: general cybersecurity awareness across the departments and more clever phishing attacks.
Expectation: AI and Machine Learning Will Drive Most Cyber Security Efforts
Reality: Though not widespread yet, AI and ML managed to make its way into security through automation. It has certainly gained its foothold in the industry to address operational challenges in security and is continuining to grow further. As per a 2019 Ponemon survey, nearly 30 percent of respondents were already using automation tools and almost 50 percent were planning to move to automation platforms in the next six months to three years.
Automation tools and platforms help in collecting and analyzing data from different sources, checking for unusual activities, tracking assets of an organization, keeping software updated without additional human effort, and much more.
Expectation: Cybercriminals Will Expand Attack Vectors
Reality: There has been increased attacks through IoT devices in homes and in organizations. However, mobile phones also became a new dominant attack channel. The convenience to perform personal and professional activities, with a few clicks, has lured attackers to find multiple ways to exploit phones. Symantec exposed 25 Android applications that were acting maliciously, with more than 2.1 million downloads. Also, Wandera researchers reported two strange malware applications that had over 1.5 million installs. These are just some of the malicious applications discovered this year.
Expectation: Europe’s GDPR Will Create a Data Protection Opportunity
Reality: After the European Union rolled out its General Data Protection Regulation (GDPR) in 2018 for data protection and privacy, organizations began efforts to comply to data privacy-related standards and laws. The regulation has pushed companies to be more transparent and increase information sharing efforts, especially in case of security or privacy incidents.
It remains to be seen what the next year brings for the cybersecurity landscape. What do you think 2020 will be like?