1(630)802-8605 Ravi.das@bn-inc.net

I can’t believe that it only a week and a half, it will be almost Thanksgiving. Then from there, everybody will be thinking about Christmas, then the new year of 2019.  It’s even that much harder to think that 2019 is going to be almost around the corner.  But, in the world of Cybersecurity, time has really no numerical value.  The professionals in this field (even including us writers) have to constantly stay abreast of what is happening in the Cyber threat landscape.

So, with this in mind, the predictions of what the top 10 Cyber security threats will be in 2019 have already started to unfold.  Of course, many experts will have their own spin on things, but it all comes down to the same thing.  So, here we go:

*There will be a dramatic increase in the rise of the nation state threat actor:

With the lack of cooperation amongst the world so far when it comes to securing our lines defenses, it is quite likely that you will see countries like Russia, China, and North Korea engaging in even more types of covert and very sophisticated attacks.  But these won’t be the only nations, there will be others that will be involved, even those in Africa.  And, just don’t think that it will be the developing nations that will be launching Cyber-attacks.  It is also expected that home grown terrorism will be on the rise as well.

*The pains of recent Legislations and Mandates will only grow even further:

Given the wake of more sophisticated Cyber-attacks that have occurred this year, as well as the sheer number of information and data that has been hijacked and used maliciously, many new laws have been passed designed to penalize companies even further if they do not come into compliance with maintaining strictest levels of Security controls.  The best example of this is the GDPR, just recently passed. Stiff penalties can be imposed on a company if they are at fault for a Security breach:  It can be as high as 4% of net profits.  So far, nobody has been penalized to this extent, but companies are wondering who will be the first . . . more information about the GDPR can be seen here:

https://www.techradar.com/news/what-is-gdpr-everything-you-need-to-know

*Data Leakages from the Cloud:

Although the movement to the Cloud is still taking place at a neck breaking speed, and Cloud Providers are doing everything they can to secure this incoming flood of information and data, it is highly expected that more incidents of Data Leakages will occur, whether it is accidental or not. Businesses and corporations have to realize that they are ultimately responsible for the safety and security for whatever they upload to the Cloud, and for whatever purposes that they use it for.

*The Password will still be the growing nemesis:

Despite the availability of Two Factor Authentication (2FA), Password Managers, and Single Sign On (SSO) solutions made available by Biometrics, many companies are still disregarding all of these options and yet sill continue to use the password as their main source of secure logins.  Why is this so?  I guess people are just creatures of habit, and just don’t want to change their ways.  So, as a result of this, we will see many more password related breaches occur in 2019, as well as increasing costs of password resets.

*Malware threats will grow even worse:

Yes, malware has been around for a long time, but its newer variants will be even worse. This includes the likes of Ransomware, Business Email Compromise (BEC), Spear Phishing, etc.  Therefore, it is crucial that organizations check for network activity both inside and outside their lines of defense, in order to detect any suspicious activities or anomalies.  This is especially true for trying to detect Insider Attacks.

*The growth of the Internet of Things (IoT):

This is something I have written about before many times.  Essentially, the IoT is where we are connected on a daily basis to the objects that we interact with most on a daily basis, both in the virtual and the physical world.  The idea behind all of this is to make our lives totally automated.  But there is a huge cost to all of this – massive Cyber-attacks.  This is because with all of the interconnectivity that is happening around use, this only increase the attack surface to the Cyber attacker. IoT is being deployed without much regard to Security; thus, this will be one of the hot button topics for 2019.  More info about IoT can be seen here at this link:

https://www.techradar.com/news/what-is-the-iot-everything-you-need-to-know

*Growing use of Shadow IT Systems:

Simply put, this is when an employee of a business or a corporation uses non-approved IT systems to conduct their every day job tasks.  For example, if their organization has authorized the use of One Drive as the primary means of backing up data, and the employee instead chooses to use their personal Dropbox account for this, it is a clear violation of Security Policy.  It’s even like using your own, personal Smartphone to do work related activities when you are not supposed to. The reason for this?  Employees are simply impatient, and get tired of waiting for days on end to get approval from their IT department to get approval for a non-authorized tool.

*Distributed Denial of Service (DDoS) attacks:

These are the probably the oldest forms of Cyber security attacks that are known. Although their usage has greatly declined, there are new variants of this that pop up from time to time, and it is expected that even more variants that are more sophisticated and covert will escalate in 2019.  This is when the servers of a company are hit with a ton of malformed Data Packets all at once, thus bringing the processing power of the severs down to its knees, and eventually, its ultimate demise.

*The C-Suite:

Ah yes, who can forget this one? With all of the Cyber-attacks that have occurred in 2019, the C-Suite is now being put under the microscope by not just the public, but by the respective Board of Directors and shareholders as well. It is expected that in 2019, the C-Suite can no longer claim ignorance or the lack of awareness for what is going on at their organization. They will be made to be held accountable to the same standards as everybody else, even if it means losing their jobs.  They will for sure be in the hot seat in 2019.

Well, there you have it, the top 10 predicted trends in Cyber security for 2019.  I am quite sure that this list will grow and even change as we get closer to the end of the year.  But as I have said before, it all comes down to the same thing in the end:  The Cyber security threat landscape is changing on a daily basis, and is only expected to get worse in 2019.

But there is one threat that everybody needs to be aware of, both for individuals and organizations:  Cryptojacking.  This threat is still hard to detect, and thus will proliferate greatly in 2019.  Stay tuned for more about this from me, as I am expected to a write a whitepaper on this topic in the near future for a potential client of mine.