Cylance 2019 Predictions
Terrorist Related-Groups Will Attack Population Centers With Crimeware as a Service
While terrorist-related groups have been tormenting organizations and individuals for years, we anticipate more potentially destructive attacks in 2019. Instead of breaking systems with ransomware, adversaries will leverage new tools to conduct harmful assaults on targeted subjects and organizations. From attacks on data integrity that essentially kill computers to the point of mandatory hardware replacements, to leveraging new technology for physical assaults such as the recent drone attack in Venezuela, attack surfaces are growing and enemies will take advantage. To combat this, organizations must take inventory of their attack landscape to identify and mitigate potential threats before they are exploited.
There Will Be a Revolt From Security Buyers on the Rising Cost of Controls
As the security industry grows, the cost of controls and the number of breaches grow with it. In fact, the 2018 Verizon DBIR report identified over 53,000 security incidents this year, including 2,216 confirmed data breaches. As the endless cycle of cyber attacks continues, the security industry will come under assault from its customers for perpetuating a growing burden of cost that’s not productive to the mission of an organization. Better technology should allow customers to better manage their costs, and organizations who do not understand this will face waves of backlash in the in the new year.
AI-Based Technology Will Distinguish Sensitive From Non-Sensitive Data
Currently, parsing through data to determine what is sensitive versus non-sensitive is a manual process. Users have to classify data themselves, but users are lazy. In 2019, AI-based technology will gain the ability to learn what’s sensitive and automatically classify it. This development will necessitate increased consideration of how to manage this data, and furthermore how to control it.
Companies are also beginning to automate penetration testing, allowing pen testers to work on more unique or advanced red team/pentests. Additionally, these automated processes allow for control validation, which lowers costs and provides researchers with a higher degree of assurance. In order to keep up with this rapid growth, traditional companies will need to accommodate automation by further developing their solutions or seeking integrations with new automation-focused industry vendors.
Current Biometric Methods Will Actually Increase Privacy Penalties and Risk
While some organizations are currently adopting end-user behavioural analytics in their networks, these technologies can be costly and increase privacy risks. Data is being collected then processed on the endpoint, leaving it susceptible to attack. In 2019, organizations must begin to adopt continuous authentication to protect crucial identifying information. With this technology, end users’ biometric footprints will be able to determine identity without incurring the privacy penalty, risks and costs that traditional biometrics or central-based behavioural analytics typically face.