Cybersecurity 2019: Predictions You Can’t Ignore

As we move forward to 2019, expect credit card and payment information theft to continue to rise. 

Yes, this isn’t a major surprise; however, if organisations can better address the reasons for the rise in cybercrime, they will be better prepared. 

Bolder Cyber Attacks against Digital Businesses

The good news: advanced security technologies are constantly being brought to market. The not-so-good news: threat actors are not letting that get in the way; witness more intensified and ever more sophisticated attacks.

Businesses remain vulnerable for the following reasons:

• Third-party components used by many businesses within their digital business environment – shopping carts, for example – present many vulnerabilities that cyber criminals exploit to breach security walls.

• More sophisticated tools, tactics, and procedures (TTP) enhance threat actors’ abilities, resulting in more organized campaigns and attacks of greater magnitude.

• Lack of real-time monitoring and response brings on greater frequency of attacks, which will continue ad infinitum until real-time monitoring and fast mitigation are instituted.

• More script-based malware (like in the British Airways attack), instead of executable malware, means that attackers can easily bypass existing protection mechanisms and not be blocked. The malware simply looks like normal code to the defense system.

• Lack of CISO empowerment reduces his/her critical role in fraud prevention, reputation protection, GDPR compliance, and enforcement – all necessary to ensure the standard of due care required to protect information, customers and employees.

• More legitimate infrastructure (e.g., real addresses and domains) being used as platforms for attacks allows attackers to obscure bad behavior and cover up their tracks. It makes it harder to detect and block attacks.

Getting around this problem requires more targeted threat intelligence and more sophisticated detection and response platforms and, if need be, outsourced, expert-based managed services.

A different look at the next-gen Security operations center

Experts looking at 2019s cyber security environment are predicting that the “next-gen” SOC will dominate. That is, security teams will start using more technologies to achieve detection and response versus simply relying on the SIEM alone. 

Deploying more and more technologies is not enough. In 2019, organisations will need to look at the SOC very differently.

Thanks to these pressing issues, convergence of brand protection with cyber security, CISO’s and CIO’s/CTO’s growing responsibilities (including preventing revenue loss due to fraud and brand infringement, detecting and mitigating attacks before they enter the companies’ perimeters), the critical need for real-time, automated, AI/ML-enabled solutions to detect and respond to attacks, companies will:

• Go over and beyond the SOC itself, appreciating more and more the point of view of a managed SOC that provides what a SIEM-based SOC by itself cannot in terms of effective detection and response.

• Move from the hyped-up AI and machine-learning technologies, which have yet to prove their value, and focus instead on collection capabilities, orchestration, and automation, which demonstrate ROI very quickly.

• Adopt Managed Detection and Response operations that are more focused on advanced threats and compliance than the SIEM.

Next step: Organisations who have reached “security maturity” don’t just need to monitor, they also need to detect, respond and, most of all, manage, i.e., orchestrate and automate all the threat alerts, intelligence, mitigation, and response. 

According to Enterprise Strategy Group research, just 19% of enterprises have now deployed security automation and orchestration technologies extensively. Has your organisation begun?

Help Net Security:

You Might Also Read:

The Symphonic Enterprise

« Fake Facebook Pages Account For 60% Of Social Network Phishing
What Makes Blockchain A New Security Standard? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

ESET

ESET

ESET provide security software for enterprises and consumers - Antivirus Software, Internet Security and Virus Protection.

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

Atomicorp

Atomicorp

Atomicorp, the leader in Secure Linux, is a developer of solutions for the protection and support of cloud, virtual, shared, and dedicated web hosting environments.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

Fenix24

Fenix24

Fenix24 is an industry leader in the incident-response space. We ensure the fastest response, leading to the full restoration of critical infrastructure, data, and systems.

Fullstack Academy

Fullstack Academy

A trailblazer in bootcamp education, Fullstack Academy prepares students for fulfilling careers in tech through our NYC campus, online learning, and university partnerships.

Vancord

Vancord

Vancord is an information and security technology company that works in collaboration with clients to support their infrastructure and data security needs for today and tomorrow.

Atlas VPN

Atlas VPN

Atlas VPN is a highly secure freemium VPN service with a goal to make safe and open internet accessible for everyone.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.