Cyber security is rapidly changing game of cat and mouse, with IT professionals attempting to stay one step ahead of increasingly sophisticated attackers. That’s why it’s important to keep abreast of emerging attack vectors and other issues impacting the security climate. Here’s a look at some of the future trends in cyber security that security analysts are predicting for 2020, and what organizations can do to reduce their risk.
Phishing will remain the top attack vector.
Phishing attacks increased by 260 percent in 2019, according to Microsoft. Although phishing via voice calls (“vishing”) and text messages (“smishing”) is on the rise, email remains the No. 1 vector for these attacks. Analysts say that at least one in every 99 emails is a phishing attack, many of them spreading ransomware. Phishing is popular among hackers because it works, and attacks are becoming more sophisticated. Organizations should move beyond traditional antivirus and antispam tools and implement continuous monitoring solutions to detect and prevent phishing attacks.
Malicious use of AI is on the rise.
Hackers are using automated bots to carry out attacks. AI-powered automation can increase the scale and frequency of these attacks and make it possible for low-skill individuals to launch highly sophisticated exploits. In addition, AI enables cybercriminals to collect a wealth of information about potential victims, including contacts and favorite sites. They can then use automated tools to generate malicious emails and websites that are virtually impossible to detect. Organizations must counter these efforts with their own AI-enabled tools and leverage threat intelligence to understand emerging attack vectors.
More cyber attacks will target mobile devices.
As organizations increase their reliance on mobile devices, hackers will naturally put more effort into exploiting any vulnerabilities. A growing problem is rogue mobile apps that look like trusted brands but are designed to steal sensitive information. A recent report found that attacks leveraging rogue mobile apps increased 191 percent in the first half of 2019, and are now second only to phishing. Organizations should not assume that these attacks only harm consumers. It will be critical to implement tools that enforce endpoint security policies across the enterprise and prevent the download of unsanctioned apps.
Data stored in the public cloud will require stronger security.
Cloud misconfigurations and a lack of effective data security has resulted in a number of large-scale incidents, including the massive breach of Capital One customer data hosted with Amazon Web Services. Cloud providers are implementing stronger security controls but it’s still up to organizations to protect their data stored in the cloud. Organizations should look at implementing cloud access security brokers (CASBs) to enforce security policies. Integrating CASBs with firewalls and other on-premises security devices can further boost data security.
Increasingly interconnected supply chains will result in multi-party cyber security incidents.
A study of more than 90,000 security incidents by the Cyentia Institute found that multi-party data breaches have increased 20 percent annually over the past decade. On average, these “ripple effect” incidents involved 10 organizations, with financial losses that were 13 times larger than single-party attacks. Organizations should carefully vet business partners for security best practices and understand who they’re sharing data with downstream.
It’s important to keep abreast of emerging attack vectors
Managed Service Providers (MSP) Vs Cyber Security Attacks
In our next post, we’ll examine one of the most alarming trends for 2020 — the targeting of managed services providers (MSPs) as a means of attacking their customers. We’ll also explain how GDS uses state-of-the-art tools and follows industry best practices to prevent this kind of attack.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.