Top 10 Cyber Security Trends of 2018
Last year, cybersecurity became the center of attention many times as a result of multiple massive and costly cyber attacks, such as the Equifax hack, which compromised the sensitive information of more than 143 Million customers. WannaCry attacks are other examples of attacks that targeted a number of industries and made companies reconsider their cybersecurity techniques.
We can only expect more of the same this year, if not more, as big companies still need to catch up with new technologies, security of cloud computing, and sophisticated and smart hackers. Cybersecurity is a dynamic field with an ever-changing nature and here are the top 10 cyber security trends expected in 2018.
- Increasing number of cyber attacks against IoT devices
IoT devices are appearing everywhere, from keyless entry to offices and homes, to printers, and medical devices. Many of these devices still lack security features to prevent potential cyber attacks. Lack of proper authentication and authorization methods make these devices an attractive target for hackers that can take advantage of these devices as a point of entry to hack into enterprise networks. While manufacturers of IoT devices should offer already built-in security, it is also important for the authorization method to be frictionless and painless for the user, especially as the number of IoT devices each individual uses on daily basis increases.
- Increasing number of cyber attacks on healthcare industry
Health data is highly valuable on the dark web and hacking into the healthcare industry continues to grow. Here are some of the 2017 healthcare data breaches and it is expected to increase as there are many dispersed vulnerable points of entries and the healthcare industry has failed to keep up with advancing technologies and devices to protect themselves against various sophisticated cyber attacks. We can expect more ransomware attacks and hacking of medical devices such as MRI machine and even printers.
- More ransomware attacks
Ransomware is becoming one of the most attractive attacks amongst cybercriminals and last year WannaCry (find the link to WannaCry) attacks highlight the seriousness of these attacks. Many industries have been and will continue to be a target for these cyber attacks, especially in the medical, financial, government, and insurance industries due to the nature of the information and monetary value. It is only fair to expect more extensive ransomware attacks in 2018. It is important for large enterprises, in all industries, to take all the necessary steps to protect themselves against these attacks and train and educate employees against suspicious emails and links.
- Increasing hacks in smart manufacturing
Smart manufacturing is revolutionizing production process in various industries but most manufacturing environments are designed without considering the cybersecurity of commercial IoT devices. Unprotected points of entries such as the widespread use of wireless networks and sensors make smart manufacturing vulnerable to a range of cyber attacks. These attacks may include take over of production line and altering production, as a result damaging the brand or loss of sensitive information. Cyber attacks targeting manufacturing is increasing and enhancing cybersecurity of smart manufacturing has become the latest trend in cybersecurity.
- Increasing attacks on cryptocurrencies
The market capital of cryptocurrencies such as Bitcoin has been on the rise and these currencies become more widespread amongst consumers, including mom and dad investors. There are limited guidelines helping the public with the security of their cryptocurrency and given the high value and high vulnerability of cryptocurrency, it becomes a very attractive target for hackers. There already have been multiple cryptocurrencies hacks and we can expect more to come in 2018 if the industry doesn’t take action.
- More regulation concerning privacy and data protection
Multiple massive hacks in 2017, including the Equifax hack, has led to increasing concerns regarding data privacy. As a result of many large organizations failing to protect the privacy and data of their customers, regulators around the world are taking action to enhance and enforce the consumer’s right to private information. An example of these regulations is the European Union’s General Data Protection (GDPR) coming to effect May 2018. It is expected to see more similar regulations in the US and around the world.
- Data minimization and rethinking PII
It is fair to assume that there is rarely someone out there that their sensitive information and credentials haven’t been compromised already as a result of a recent data breach. Relying on Personally Identifiable Information (PII) for authentication is proven problematic since the big pool of information is a hacker’s treasure chest. Customer’s PII is extremely valuable and extremely hard to protect. While many companies rely on compliance, threat protection, encryption, and data-loss prevention methods to secure PII, past hacks have proven that these methods are still ineffective. Protecting PII comes down to data minimization. A “Less is more” approach of data minimization is going to be the next trend of cybersecurity.
- Leveraging Artificial Intelligence (AI)
AI and machine learning can offer an effective weapon to protect against complicated cyber attacks. Using AI-based behavioral authentication and machine learning algorithms, authentication solutions can build a user profile and identify any unusual pattern of user and deny access from an unauthorized user. AI technology can prevent potential attacks before user notices and detect a potential attack. At the age of big data, using AI and machine learning to analyze data and detect potential threats is the next big step to stop cybercriminals.
- Biometric Authentication
While there are many biometric methods in the market, Apple’s introduction of FaceID has brought biometric authentication to attention. The frictionless nature of FaceID and biometric authentication make it attractive to users. Furthermore, biometric authentication enhances security because it is not easy to mimic. It uses “something you are” rather than “something you know” (i.e. a password). As long as the biometric info is not stored in a big database on the cloud, biometric authentication remains the most secure and most user-friendly method to login to devices, accounts, and applications.
- Moving away from passwords and two way verification
In the past few years, cybersecurity experts have been recommending to move away from password authentication yet this outdated method of authentication has stubbornly stayed in place for far too long. Weak passwords and ineffective complicated password policies have cost companies and customers too much. At the same time, two way verification has failed to deliver the level of expected security as it has been subject of many cyber attacks and users dislike the trouble of the extra step. It is time to finally say goodbye to passwords for good!