The year 2018 has seen lots of security vulnerabilities and cyber criminals who not only wants the control of the targeted system to steal files or extract a ransom, but also to make use of the computing power of the devices to mine cryptocurrency which results in the physical destruction of the targeted devices.
The Information Security Forum has published their Global Security Threat Outlook for 2019 last week that explains the security risks and obstructions to reduce such risks. Let us take a look at top four emerging security threats explained in the report.
Cybercrime and ransomware to become more sophisticated
Actually, there was a reduction in the frequency of ransomware attacks in the year 2018. This is mainly due to the fact that the attackers keep on changing their tactics. Instead of attacking any computer which can be infected, cryptojacking malware is being targeted toward enterprise networks. It is very difficult to calculate the damages that arise due to this. However, it claims a global loss of more than $5 billion from ransomware in 2017. Similarly, ransomware on mobile devices is an increasing threat.
Smart devices provide weak link in security
The smart devices come with more and more features added to them and the manufacturers add smart functions across product lines. The smart phones have personal assistants that are always listening to us, and there are internet-connected devices that includes smart TVs, conference phones, smart appliances etc. These devices are necessarily security black boxes as it will be difficult for organizations to know what information are passing through their networks or what is being secretly recorded and transferred by devices such as smartphones, smart watches or smart TVs. Whenever a security breach happens or transparency violations are disclosed the organizations are liable by regulators and customers for inadequate data protection.
Legislation does not keep up with security realities
Legislators do not have a strong background in technology. Legislation is usually either years behind the technological curve, or inappropriate to implement given the capabilities and limitations of available technology. Similarly, extensive changes are made without giving any prior warning or adequate time for enterprises to be compliance with statutory deadlines. Organizations must struggle to be alongside of such developments which may also impact business models which many have taken for granted. This is going to be a challenge to cloud implementations where it is impossible to understand the location of cloud data.
Supply chain security is a lost cause
The report states that in 2019, organizations will discover that assuring the security of their supply chain is a lost cause. Instead, it is time to refocus on managing their key data and understanding where and how it has been shared across multiple channels and boundaries, irrespective of supply chain provider. Categorizing access to data and fingerprinting data shared with third parties to detect leaks will be increasingly important strategies as once-trusted third parties require more scrutiny.