The future of Cybersecurity challenges in six issues
Cybersecurity has erupted as a prominent issue for industry sectors, including Healthcare as well. Based on the experience from the last decade and the continuous evolution of cyber challenges, there are certain issues that constitute the most crucial challenges for the future of cybersecurity, to which attention should be focused in the upcoming years.
1. Insider cyber security threats and inadequate security strategies
Historically, cyber security has placed emphasis on data, data processes, services, servers and networks. However, the user is the weakest link in the cyber security chain, with thousands of privileged account misuse episodes. Thus, it is of the outmost importance to enforce adequate security strategies and place an increased focus on user behaviour analytics over cyber assets, including identity and access management, encryption and the use of artificial intelligence (AI)-based analysis of behavioural biometric data.
2. Organised hacking efforts
It is widely acknowledged that one of the most significant cyber security threats are organised hacking efforts. More attacks from organised hackers will take place, including large-scale nation state social attacks trying to influence political or modern events, bolstered by the evolution of increasingly more advanced hacking technologies. Nation state attacks have made many cybersecurity news over the past twelve months, raising interesting points around the role and the tasking of nation state hackers.
3. Ransomware and zero-day attacks
Ransomware and zero-day attacks are considered top-ranking cyber threats. Past attacks have proven that these threats work and are very profitable, therefore there is no reason why they should not increase. More importantly, the level of sophistication in ransomware and zero-day attacks is bound to make these attacks more difficult to detect. In response, cyber security should emphasise endpoint security (AI-based malware prevention should be the de facto standard on all endpoints) and also data protection.
4. New technologies create new loopholes
With the advent of the Internet of Things, the use of smart devices for malicious activities, such as DDoS, will become more commonplace. Similarly, the widespread use of cloud services continues to be threatening, as organisations forsake that the attack surface enlarges and continue to display blind trust on cloud companies’ security and relax their cloud services’ access controls and settings. Emphasis will also be placed on tracking and managing how users access data across each of their devices, using advanced search and analytic tools able to deliver actionable intelligence.
With the rise of Bitcoin, Ethereum, and other cryptocurrencies, many businesses started exploring blockchain technology, focused in building the right security infrastructure to protect themselves from hackers who are taking advantage of the vulnerability of the blockchain technology at this early stage. 2019 has been dubbed the year of Kubernetes and Containers in production, so it can be expected that attackers will be attentive to Docker and Kubernetes for post-exploitation. Also, attackers will likely continue to use the large number of mobile IoT devices to launch sustained DDoS attacks, namely against infrastructures such as GitHub and Dyn.
5. Cyber skills gap
The absence of cyber security training for users in a way that intertwines with the organisational culture is a must for the future. Social engineering has become the top-ranked attack vector, along with identity theft as one of the top cybercrimes. The information obtained from these breaches provide attackers with substantial insight into how to best compromise the assets of an organisation. Organisations should stay vigilant and invest in employee education, training and awareness, as well as increase controls on identity, access and anomalous activity detection. Email phishing scams will remain the primary attack vector, as dubbed by Mailsploit, an exploit designed to spoof email senders’ names to bypass Domain-based Message Authentication, Reporting and Conformance (DMARC). Again, employee education, training and awareness, from daily reminders to gamification, serve as a critical barrier against these attacks.
6. Lack of cybersecurity talent
Finally, it is also important to acknowledge the lack of skilled cyber security professionals, a situation that hampers the definition and implementation of strong cyber security strategies and defences in all organisations. Existing personnel lack the understanding of potential cyber threats and are usually unfamiliar with the state of the cyber threat and cybersecurity landscapes. The need to recruit and engage adequate cyber security talent is paramount for organisations to demonstrate active control over cyber hygiene (identify cyber assets, update software, patch software, run standard controls and educate the users) and thus efficiently remediate top cyber threats.
More information about the future cybersecurity challenges can be found in Deliverable 2.1 that is publicly available here.