Cybersecurity Trends 2018

In 2017 we witnessed some of the largest cyberattacks in history. Giant companies like Equifax, Arby’s, Yahoo and Uber were all hit with attacks that hurt both the companies and the consumers. And that’s only a fraction of the cybersecurity issues the world saw this past year.

It’s not just enormous corporations that are impacted. Almost 50 percent of cyberattacks are committed against small businesses. These attacks hit hospitals, government agencies, manufacturing companies and everyone in between.

The vast majority of small businesses don’t feel like they’re prepared to handle cyberattacks. It can be difficult to find qualified staff, and expensive to implement new security programs or policies.

Luckily, new technologies continue to emerge to protect us from this onslaught of cyberattacks. Artificial intelligence, adaptive authentication and blockchain technologies are just a few things changing the information security landscape.

Venture capitalists and Silicon Valley innovators are buying in to these trending technologies. The cybersecurity market has exploded, growing 35x over the past 13 years. Today, it’s worth more than $120 billion, but that number is expected to grow to over $1 trillion by 2021.

Many of these new security products are complex and have yet to become part of the business vernacular. Let’s talk about some of the overarching trends and break them down.


Intelligent security systems

The term “intelligent security” has been thrown around a bit for the past few years, but now we’re finally seeing it come to fruition. Many intelligent security products are already on the market and new ones will continue to pop up each day. These tools combine aspects of machine learning and artificial intelligence with traditional security applications. The tools are more capable of adapting to new threats and securing new types of applications.

For many intelligent security systems, the more threats and attacks that hit it, improve the system’s ability to defend itself. It can learn to identify suspicious behavior, changes to existing malware and continuously monitor networks to discover unapproved parties. The evolution of machine learning has a newfound home within the digital transformation. It’s a staple for innovative tools of all software types, but one of the most important to companies and users is security software.

A few different types of software, including threat intelligence software, endpoint protection software and cloud security software, have been at the forefront of intelligent security. The tools use machine learning algorithms and continuous monitoring practices to help defend against, detect and remedy cyber threats.

More than half of the data breaches in 2017 were due, in part, to the use of malicious software, which most people call malware. Threat intelligence networks and applications provide companies with the latest information on new cyber threats such as zero-day attacks, new forms of malware and recently discovered exploits.

Many of these tools use machine learning to identify and document new threats or malware mutations that could otherwise have their presence undetected for some time. Without in-depth threat analysis, companies are putting their data at risk to hackers. Entire networks could be compromised because a new form of malware compromised one device.

Threat intelligence tools are typically used by IT professionals and security experts to protect data across literally every industry. They need all the help they can get since 78 percent of companies encountered at least two threats in 2017, according to the SANS Institute. Luckily digital security is the top concern for CIOs in 2018.

Machine learning can improve the efficiency and effectiveness of threat intelligence programs by recognizing aspects of malware signatures after they’re trained to process natural language and common structures. The AI-powered threat feeds communicatie with security information and event management (SIEM) and vulnerability management systems, the tools that secure and enforce policies and extract events.

This process requires processing enormous data sets to provide up-to-date information on millions of malware signatures. G Data Security identified 9.78 million new malware signatures in 2017 alone. They also assessed that on-average, each computer witnessed 47.4 attempted attacks during the first half of 2017.

Business-critical applications, from marketing automation software to ERP Systems, all contain sensitive business data. Digital transformation and the cloud SaaS market’s growth have connected applications to millions of users, and subsequently connected their data in countless ways.

Each user is a potential security liability, and that’s huge vulnerability for any company. Businesses are implementing endpoint cloud application gateways and cloud-based network security tools to protect sensitive business information. These products can be used to protect end-users, the data those end-users may be transferring over unsecured networks and the public cloud itself.

Cloud applications are more popular than ever. Many companies assume Salesforce and AWS are responsible for securing your data, but everything in transfer is really out of their control. They can prevent their databases from being breached, but large chunks of data could still be stolen by using cloud apps on public wifi networks or with a compromised device.

Because of both rapid expansion of the SaaS market and evolution of cyber threats, companies are investing in solutions that will ensure these cloud applications are secured. As a result, the cloud security market is expected to grow from $6.78 billion in 2017 to $13.67 billion by 2022.

Governance, is one of the largest struggles so new features like adaptive security and continuous monitoring can detect anomalies and detect suspicious users. Some even provide single-sign-on portals to allow employees secure access to multiple applications from a single, fortified source.

Managing potential vulnerabilities and securing networks are two very important practices. But face it, odds are you’re going to end up with some form of malware in your systems at some point. More than 75 percent of websites cary some form of malware on them. Remediation tools with intelligent monitoring and automated malware removal are becoming the easiest ways for companies to recover quickly from an attack with minimal loss.

Attacks can be frequent and automated, and now resolution can be too. That’s important because most companies don’t have a dedicated cybersecurity incident response team, and many can’t afford managed security services.

AI and machine learning are popping up as features in endpoint detection and response software and incident response software solutions. Automation will seem a lot less intimidating when security systems can identify new threats and orchestrate best practices for remediation on the fly.

Historically, incidence response (IR) has been largely a manual process requiring expert teams and tedious work. But automation and machine learning will allow scaling businesses proportionate, consistent security enforcement without the need for dedicated remediation staff.


Blockchain software

Blockchain is one of the hottest buzzwords in tech. Most people think of bitcoin and commerce, but at its core, blockchain technology is a security mechanism. With blockchain, transactions are secure and identities of the parties involved are anonymous. Everything is validated through a public ledger, but information remains private.

 class=

Security powered by blockchain can be applied to identity management software, transactional systems, healthcare data management and most other industries you can think of. By using the security of blockchain, companies could realistically save tons of time and money by streamlining transactions and securing them with blockchain.

With blockchain, hospitals will be able to share patient information with electronic health records software (EHR) process payments without the traditionally perceived risks of exposing private patient data. Identities can be verified through blockchain-based governance before the appropriate party gains access to sensitive data or cloud applications.

Most of the benefits are positive and exciting, but many companies are swallowing their pride and succumbing to a darker truth about blockchain. Ransomware attacks increased 36 percent this year.

Some people believe this year’s bitcoin boom is the result of corporate investment in the cryptocurrency as a form of security insurance. The exponential growth of bitcoin’s values is paralleling growth of damage costs incurred by ransomware, predicted to total $11.5 billion by 2019.

 class=

Dramatic rise in cost of bitcoin and other cryptocurrencies fueled public blockchain interest in 2017.


Risk-based authentication

Risk-based authentication (RBA), sometimes called adaptive authentication, is a pretty neat emerging technology that’s impacting identity management systems. Major players in the new adaptive access market, like Centrify, IBM and RSA, are already releasing RBA products.

RBA products use a series of behavioral and technical metrics to restrict access to applications until it certifies that you are actually you. After analyzing your IP address, device vulnerabilities, network connection and historical behavior (among other things) they can automatically sign users in to SaaS applications, databases and company knowledge bases.

HR professionals can integrate directories and devices to delegate access permissions. Once they do, users can worry less about their wifi security and companies can worry less about suspicious activity. They can also log events and see which employees may be up to some nefarious practices by documenting failed access requests.

If a network is compromised or the program doesn’t believe a user is who they say they are, access requesters will be blocked from entry. If the program thinks you’re suspicious, but doesn’t know for sure, it will require a level of multi-factor authentication like SMS verification, unique tokens or personalized security questions.

Many of these tools also continually monitor networks and behavior to detect suspicious actions in order to identify compromised devices and dangerous users. That’s important because one in four breaches is caused by internal users. This additional protection will help reduce the frequency of privilege misuse and cyber-espionage, adding a layer of difficulty for criminal actors.


IoT security

Everything from your laptop and your fridge to cars and wind turbines can be connected to the internet today. That’s a lot of endpoints to secure and a lot of new threats to identify. IoT security tools have emerged to help prevent these unsuspecting endpoints from divulging sensitive information or becoming part of a botnet.

Many of these solutions will come as a form of hardware to monitor IoT sensors, but many are cloud-based applications to monitor threats on multiple devices at once. The threats are enormous and not completely understood since its so new. Hackers could gain control over a car’s operating system or a hospital’s infrastructure and wreak havoc on everyday citizens.

 class=

Public interest in IoT security has grown dramatically since 2015.

Hackers can take over internet-connected devices and use them to mine cryptocurrency, or sync them with millions of similar endpoints to form a botnet and attack websites. The most memorable situation like this is the Mirai botnet, which attacked the DNS company Dyn using more than 380,000 IoT devices.

IoT management and IoT security solutions are increasingly automating the detection process, making it difficult for hackers to sustain control over devices. That means companies and people both lose less. Most IoT attacks will go unnoticed and personal information will end up for sale on the dark web. Thankfully, the IoT security market is expected to grow from less than $2 billion to over $30 billion by 2022.


author-name

Aaron Montemayor Walker

Sr. Research Specialist, G2 Crowd