With the possibilities of the connected digital world, threat scenarios and risks are also increasing. Companies are facing a number of challenges when it comes to cyber, network and information security. From a legal point of view, too, guidelines and legal requirements will be tightened up further on.
1. Workforce gap demands different solutions
According to the (ISC)2 organisation, we have a shortage of three million cybersecurity professionals worldwide. Without the shortfall, the organisation’s 138,000 membership would be even larger. Europe alone has a workforce gap of 147,000. The shortfall calls for a different approach to meeting security needs, for example, through competence-sharing with other enterprises or security operations centres (SOC).
2. DDoS attacks become less common but more powerful
Distributed Denial of Service (DDoS) attacks are a major worry. Initially aimed at mere sabotage, DDoS hackers today are increasingly pursuing criminal targets and using attacks as a distraction: while employees are struggling with the obvious, hackers are busy exploring and infiltrating other areas of a company's IT. Often to blackmail victims or harm competitors. The trend among perpetrators is not to spread their efforts widely, but rather to focus the attacks more aggressively.
3. Cryptojacking less risky for attackers than DDoS
The downside for the bad guys of DDoS and many other cyberattacks is the risk of discovery. Because of this, many of them are turning to cryptojacking instead. Cryptojacking involves infiltrating a large number of computers in order to "mine" cryptocurrency. It is a quick way for cybercriminals to earn money, by getting thousands of computers to work for them for free. There’s no obvious damage done and many people are scarcely aware of the extra processing power and electricity used. If the victims discover the intrusion, they will often just be content to block access.
4. IoT causes increasing problems
The security issues linked to IoT are not new, but the trend is from bad to worse. This is caused, in simple terms, by a steep rise in sales of IoT gizmos. Not only are unit sales increasing, but more manufacturers are also trying to join in the fun. Not all of them take security as seriously as the established big brands. The key concerns here are configuration errors, default passwords and a lack of upgrade options.
5. NIS will be much stricter than GDPR
GDPR sets a deadline to notify impacted individuals of 72 hours from detection of a data breach. Looking the other way and detecting nothing is not a solution. Businesses therefore need to monitor infrastructure and logs using an in-house or external SIRT (Security Incident Response Team). In certain sectors, breach reporting needs to be done within 24 hours. Key aspects of the NIS Directive are applying since last November. A lot of businesses will need to get their heads round this.
6. Safer in an unlit back alley than online
According to the UK’s Office for National Statistics (ONC), you are 30 times more likely to be robbed online than in real life. With people’s purses and wallets containing little more than easily blocked credit cards, street robbery is going out of fashion. Money is moving over to cyberspace, with the thieves hot on its tail.
7. Decryption is sneaking up from down under
The Australian Anti-Encryption Bill has come into force early this year. Under the legislation, the law enforcement authorities can oblige the tech giants like Google, Facebook, WhatsApp, Amazon and Microsoft to grant them access to encrypted data. The measures include removing electronic protection, installing existing decryption software and developing new software. Serious financial penalties await non-compliant companies.
8. IT pros and white hats strike back
Some of the largest and best-known cyberhacks have been down to sloppy IT practices. The black hat hackers are becoming more sophisticated, but so too are the white hat hackers and other infosec professionals. Measures that go a long way to protecting enterprises include scanning applications and fixing detected vulnerabilities, two-factor/multifactor authentication, more user names and long passwords, patching/installation of security updates and controlling user curiosity about funny-looking emails
About the author: Fredrik Svantes is Senior Information Security Manager and Head of the Basefarm Security Operations department.
This might interest you, too:
What is a Security Operations Center and why do you need it?
Should you build your own SOC or use one as a service?
How do you find the right SOC provider for your company?