Cybersecurity is a fast-evolving game of wits where hackers and defenders continue to outmanoeuvre one another. Staying up to date with the latest trends in cybersecurity is not only beneficial; it’s imperative for everyone involved.
Large-scale data breaches always make it to the headlines – like this year’s Facebook, Toyota, Microsoft, and American Medical Collection Agency attacks. But the attacks are becoming less discriminatory – with hackers targeting more small businesses and consumers directly. This year saw a 50% jump from four years ago in the number of data breaches. Tech Republic notes that over 3,800 data breaches have hit organizations this year alone.
Attacks are not only rising in numbers, but also in quality. With technology becoming more sophisticated and disruption coming at every turn, cyber attacks are becoming more persistent and complex.
In 2020, you should be aware of the following trends in cybersecurity:
Cybersecurity spending will continue to rise
Global security spending is predicted to reach $128 billion by 2020. However, Absolute’s 2019 Global Endpoint Security Trends Report reveals that increased spending alone can’t guarantee better security. The report notes that despite 24% of overall cybersecurity spending going to endpoint security, 70% of breaches came from it. The false sense of security and complacency in endpoint device protocols led to more gaps and vulnerabilities.
What you can do
Focus instead on organizational and upskilling your organization. The cybersecurity skills gap remains as it was 3 years ago. Dark Reading highlights that around three quarters of organizations have a shortage of cybersecurity workers. In fact, a report from Burning Glass Technologies states that the growth in job postings targeting cybersecurity related skills have far outpaced the growth in the number of graduates. This is despite a large number of people studying the many forms of cyber security. Udemy has over 926,000 students currently studying cybersecurity courses, which is a clear indication of the demand for knowledge. Organizations have to invest more in risk management frameworks that focus on knowledge transfer and skills acquisition.
Phishing will still be the top vulnerability
While the threat environment continues to evolve, phishing remains the most effective attack vector this year. At least one in every 99 emails is a phishing attack. Ransomware and DDoS targeting databases and sites continue to be the top threat for 2020. SQL injection and query string manipulation are also projected to become more popular for website attacks next year.
What you can do
A multi-pronged approach in increasing authentication and credential management is your best bet. This can include deploying defensive software and increasing organizational security awareness. In addition, a frequent or automated website security audit can go a long way against web vulnerabilities like SQL injection attacks.
Mobile vectors will become more common
As more businesses and consumers rely heavily on their mobile phones, hackers are increasingly attacking devices to exploit this vulnerability. Fraudulent mobile transactions and sham mobile apps will continue to increase next year. Additionally, as the Internet of Things becomes integral to industries, attacks on multiple endpoints will become more common in 2020.
What you can do
Security awareness will remain key in patching up the vulnerabilities in organizations. Developing a security focused culture and empowering employees against attacks can significantly drive innovation against cyber attacks.