Cyber futures in 2020

1 February 2020 Cyber Security

The best way to polish up the old crystal ball and see into the future is to use the exact science of hindsight – especially when it comes to cybersecurity and risk predictions. However, looking backwards and then pronouncing what should have happened is far easier than getting predictions for 2020’s cyber risks right.

Having said that, trends of recent years do have a pattern. One thing is for certain, threats are more sophisticated by the day and increasing in intensity.

Utilities will continue to be a target

In July of this year City Power, owned by the City of Johannesburg, announced a major ransomware attack* that shut down its IT systems, encrypted its databases, applications and network, leaving an estimated quarter of a million people affected.


MJ Strydom.

One global example of an attack on a utility is that of the cyberattack reported on the US grid that created blind spots at a grid control centre and several small power generation sites in the western United States**. It is worthy of note because a report posted by the North American Electric Reliability Corporation (NERC) advised: “Have as few Internet facing devices as possible.” This is no mean feat in the age of IoT.

It should be noted that in many cases, critical power and water distribution infrastructure use older technologies that are vulnerable to remote exploitation because upgrading them can mean service interruptions and downtime. SA utilities will need to look at radically strengthening cyber defences around critical infrastructure.

IoT; exponential data volumes

The US NERC warning might not seem possible to heed in the midst of technology advances and the attractions of Internet facing devices, but the fact of the matter is that the more IoT devices there are, the greater the risks.

As 5G networks roll out, the use of connected IoT devices will accelerate dramatically and will massively increase networks’ vulnerability to large-scale, multi-vector Gen V cyberattacks. IoT devices and their connections to networks and clouds are still a weak link in security. It’s hard to get visibility of devices, and they have complex security requirements.

We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors. The new generation of security will be based on nano security agents such as micro-plugins that can work with any device or operating system in any environment, controlling all data that flows to and from the device, and delivering always-on security.

The bandwidth that 5 G enables will drive an explosion in the numbers of connected devices and sensors. eHealth applications will collect data about users’ wellbeing, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This ever-growing volume of personal data will need to be protected against breaches and theft.

Artificial intelligence (AI)

AI will accelerate security responses – most security solutions are based on detection engines built on human logic, but keeping this up to date against the latest threats and across new technologies and devices is impossible to do manually. AI dramatically accelerates identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities and develop ever more evasive malware.

Security at the speed of DevOps

The commercial world is already running the majority of its workloads in the cloud, but the level of understanding about securing the cloud remains low, and security is often an afterthought with cloud deployments because traditional security measures can inhibit business agility. Security solutions need to evolve to a new paradigm of flexible, cloud-based, resilient architectures that deliver scalable security services at the speed of DevOps (DevOps is a set of practices that combines software development (Dev) and information-technology operations (Ops) which aims to shorten the systems development life cycle and provide continuous delivery with high software quality – Wikipedia.).

A rethink on cloud is required

Enterprises need to rethink the approach to cloud. Increasing reliance on public cloud infrastructure increases exposure to the risk of outages, such as the Google Cloud outage in March this year. This will drive companies to look at their existing data centre and cloud deployments and consider hybrid environments comprising both private and public clouds.

Today’s hyper-connected world creates growing opportunities for both businesses and cyber criminals, and every IT environment is a potential target: on-premise networks, cloud, mobile, and IoT devices. However, forewarned is forearmed: using advanced threat intelligence to power unified security architectures, businesses of all sizes can do much to protect themselves.

For more information contact MJ Strydom, DRS, mj@drs.co.za, www.drs.co.za

* www.bbc.com/news/technology-49125853

** http://https://www.eenews.net/stories/1061111289




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cyber Talent: It is more about Talent than Cyber
Issue 7 2020 , Cyber Security
Four million trained workers are needed to fully bridge the skills gap in the cybersecurity field around the world and properly defend organisations against threat actors.

Read more...
Liquid Telecom unveils Cybersecurity unit
Issue 8 2020 , News, Cyber Security
Liquid Telecom has unveiled its Cybersecurity unit, which offers end-to-end managed services for digital security solutions.

Read more...
Increased cloud visibility and security
Issue 7 2020 , Cyber Security
Sophos adds cloud visibility features from Cloud Optix to Intercept X Advanced for Server with EDR.

Read more...
Ransomware and customer loyalty
Issue 7 2020 , Cyber Security
Arcserve research uncovers links between ransomware, consumer purchasing behaviour and brand loyalty.

Read more...
IoT will transform industrial security
Issue 7 2020 , Cyber Security
55% of organisations globally are confident the Internet of Things will change the state of security in industrial control systems (ICS).

Read more...
BYOD: bring your own danger
Issue 7 2020 , Cyber Security
Five cybersecurity threats that jeopardise the security of mobile devices and the keys to optimising their protection in a connected world.

Read more...
Nclose moves to secure Microsoft 365 environment
Issue 8 2020 , News, Cyber Security
Nclose has launched dedicated Microsoft 365 managed security services within its Managed Security Services division, to help enterprises with newly-remote workforces close gaps in their security environment.

Read more...
Detect dangerous insider activity
Issue 8 2020, J2 Software , Cyber Security, Products
Offering unique ‘Indicators of Intent’ capabilities, Intercept 6.0 empowers cybersecurity teams with contextual awareness of workforce activities without invading personal privacy.

Read more...
The arms race of AI in cybersecurity
CCTV Handbook 2020, Axis Communications SA , Cyber Security
Cybersecurity goes further than network video and audio, but these are as likely to be targeted as much as any network-connected device.

Read more...
Exploiting the global pandemic
Issue 7 2020 , Cyber Security
Cyber criminals targeting remote work to gain access to enterprise networks and critical data reports FortiGuard Labs.

Read more...