Despite a considerable strengthening of cyber defenses undertaken in the recent past, vulnerabilities do exist and need to be promptly addressed, especially those of legacy IT systems and access control loopholes.
2020 Cybersecurity Predictions
Cybersecurity predictions include the upcoming elections in the USA, more targeted ransomware,, new attack vectors, more ways to attack the cloud, and an explosion of problems related to online shopping.
Artificial Intelligence / Machine Learning
In 2020 it is expected to see an increasing number of cybercriminals use AI to scale their attacks. On the other hand at least one company will come forward announcing a detection made by AI/ML. We will see the most significant implementation of AI/ML to date, not only to proactively monitor and fight advanced threats, but also to secure users in zero trust environments.
Ransomware attacks, which carried a price tag of over $10 billion this year, will continue to invade state and municipal agencies lacking appropriate skills, controls, and countermeasures. In US alone we can expect at least few States to declare states of emergency due to ransomware in 2020. Data is more valuable today than anything else including gold. Malicious cybercriminals are realizing this too, organizations will have to put more effort on discovering where do they have their sensitive data and finding better ways to secure it. New compliance standards like the California Consumer Privacy Act (CCPA) are creating an opportunity for organizations to develop better data management policies. In addition to an increase in ransomware and business email compromise, in 2020 we will also begin to witness an increase in API extortion. As security professionals, we need to continue to actively working to become more resilient by putting concrete practices in place as we see APIs start to come under attack.
As our cars are getting smarter, and better connected new trends like the concept of CASE, ACES or SAEV or Connected-Autonomous-Shared-Electric cars are emerging. Technologies such as 5G lead to increased connectivity we can expect to see targets move beyond the vehicle. We will see new attack vectors in backend systems, mobile apps, services and infrastructure of automotive technologies. With the continued move to deploy smart technology throughout our cities with traffic control, lighting, fire and safety operations, smart cities will become an even bigger target in 2020. as we also expect to see more ransomware and malware attacks.
As businesses continue to adopt cloud services across multiple cloud service providers we are seeing a large numbers of data breaches caused by incorrect configuration. The answer may be continuous integration and continuous delivery whereby moving faster and testing smaller, one end up building a much better, higher quality solution.
And finally, with online shopping showing no signs of slowing down, attackers are focused on card-not-present (CNP) fraud—which is expected to grow at a annual rate of almost 15% in the next 4 years, costing retailers hundreds of billions. In 2020, we will also see attacks related to multichannel shopping, as merchants now need to manage fraud across a growing number of devices, and it’s easier than ever for criminals to extend stolen credentials across channels.
As the backup of personal data is becoming the largest area of privacy risk large enterprises are more focused on cybersecurity risk than ever before. How these changes will impact the world are yet to be seen.