It is that time of year again where we look forward to what cyber goodies the New Year brings. 2019 brought new records in data breaches, a rash of ransomware attacks, and a rise in state-sponsored cyber-attacks. Below is a quick list of what me may expect in the 2020.
- Cybersecurity will become even more of a strategic priority for companies as the cost, sophistication, and lethality of breaches continue to rise.
- The advent of emerging and fused technologies 5G, IoT (and Industrial IoT) will pose significant operational and regulatory challenges. Companies and agencies will look to automation and orchestration technologies such as machine learning, deep learning, artificial intelligence, and other analytic tools to mitigate gaps on ubiquitous platforms.
- Threat actors, especially state-sponsored, and criminal enterprises will take advantage of the expanding cyber-attack surface by sing their resources to employ more sophisticated means for discovering target vulnerabilities, automating their phishing attacks, and finding new deceptive paths for infiltrating malware.
- For CISOs, enterprise tools such as predictive analytics, machine learning and artificial intelligence will be more readily adapted to expand the effectiveness of mitigation and analysis of threats. The role of the CISO will grow in importance as cybersecurity is not just an IT issue, but a survival and ROI imperative for companies.
- Cybersecurity concerns will also continue to be a growing priority for government with strategy, investment, and procurement. This is already evident in the restructuring of government roles and assets. The Department of Defense (DOD), the US Cyber Command, The Army Futures Command, and the Navy and Air Force are already investing in acquisition of new technologies and training of cybersecurity components. Similarly, on the civilian side, the Department of Homeland Security (DHS) has created Cybersecurity Infrastructure Security Agency (CISA) to focus on primarily cybersecurity threats to the critical infrastructure. Look for bigger budgets for agencies t acquire expertise and needed cybersecurity tools.
- Protecting the supply chain will continue to be a major area of focus. Supply chain security has been identified both by industry and government as a key vulnerability. A new White House Presidential Executive order was recently issued to help secure the supply chain (both public and commercial) from undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology or services.
- Public Private Partnerships (PPP) will expand throughout the cybersecurity ecosystem. Open collaboration, threat sharing, and cooperative research and development with catalyze innovation and facilitate solutions. PPP will be perceived good news for both industry and government
- In 2020, a qualified cybersecurity worker shortage will continue to pose major challenges for both the public and private sectors. The problem grows and automation will be only a partial remedy.
- Compliance and digital privacy policy requirements will continue to broaden across industry sectors propelled by government legislation. It will be both policy and consumer privacy driven. GDPR was only a start and is setting the table for others to follow.
2020 also will be the dawn of a new decade that will bring technological transformation that will permeate all aspects of our lives, including cybersecurity. The future has arrived, and we need to be prepared for the uncertainty of what lies ahead in our emerging digital world.
