2019 Cybersecurity Trends

This year will present a time of change for the IT world.   Of course, that is to be expected ever since Moore’s Law was accepted in the tech sector as the mark of processing power doubled every 18 months.   The theory dates back to 1965 yet has been proved correct for five decades and while there has been some drift in those numbers, Moore’s prediction has long been said to be responsible for most of the technological advancements we see in today’s digital age.  We won’t see true death of that theory until quantum computers become a reality. With the rapidly approaching reality of quantum computers, we may finally see Moore’s Law hit its limit.

Data centers and corporate networks have the ability to process information exponentially faster   – meaning more efficient and powerful encryption techniques. However, this processing power is also at the disposal of nefarious actors giving rise to bigger, more detrimental malware and breaches.  Some have estimated that a quantum computer could theoretically improve the efficiency of a brute-force crypto attack significantly. As the future arrives faster every day, we need to be prepared to wield and defend against this double-edged sword.

 

Predicting the top cybersecurity trends in 2019

 Reporting and Monitoring

In 2018, we noticed a trend of organizations actively working to improve their reporting and detection capabilities in their environment.  By utilizing tools that query and cross reference information from different systems, these organizations are able to break out of their team silos and see a larger, more comprehensive view of their network.  With the increased speed and diverse nature of attacks that IT security teams are currently attempting to prevent, the ability to centralize, normalize and correlate the data from all of your various security tools in a single pane of glass is not just a “nice to have”, it is an absolute must.

All too often software is deployed into an environment with a “set it and forget it” method to merely to fulfill an audit requirement.  Security teams should look beyond just fulfilling minimum standards and proactively protect their environments by leveraging the data that already exists in the environment.

Internet of Things

From smart lighting to refrigerators with web browsers to game consoles – “smart devices” have invaded our homes. While these items may be new, trendy and convenient, the security of these devices are questionable and can lead to compromised systems.

Several years ago, it was home internet routers being compromised as part of a botnet that could be used as part of a DDoS attack.  Today, they are being compromised to generate Bitcoin or other forms of cryptocurrency.

Not only is it impossible to believe that the average user can manually patch all of their appliances and lightbulbs on a regular basis, but most of the time, security patches are not even released for these “smart devices.” While consumer grade security is ranked as low priority because most items are considered novelty or disposable, consumers actually tend to keep these items on their home network for multiple years.  With Amazon, Google, and Apple entering into a market that is always listening, people are learning and starting to demand accountability.    Tech companies need to take responsibility and treat the security of their consumer’s homes just as seriously as they do their own corporate network – even if it is just a fridge with a browser.

  

Artificial Intelligence

We have not yet seen a major breach or malware threat that utilizes AI.  However, as AI becomes more commonplace, it is easy to see how the speed it offers will be very attractive to nefarious agents.

Because of the vast resources required, the first attacks will likely be state-sponsored for use in intelligence gathering.   However, as the technology matures and becomes easier to use on a microlevel – the random user will have access to intelligent agents, (though not as comprehensive), that can be deployed from their own home computers.   At this point, we will see a rise of random AI malware.

Though I’m not sure if 2019 is the year we see the birth of AI malware, I’m sure it is on the horizon and we will need to take a comprehensive approach to defend against.

 

Legacy Systems

As a consultant, every year I am tasked with helping companies tackle legacy systems in their environment.    Figuring out how to segregate, harden, and limit functionality on legacy systems is an on-going issue that almost all companies deal with.   Because these systems are no longer patchable, they present major security concerns for organizations because the software they use is considered “indispensable.” They remain in environments because they are fulfilling a function that cannot yet be replaced, whether due to function or cost. However, the longer they remain on the network, the cost of maintenance and operation continues to rise.

Since 2014, organizations have been working to remove the last remnants of Windows XP from their environment.   While most have seen success, the latest thorn in our sides is Windows 7.

It has been predicted by the end of this month, Windows 10 will finally surpass Windows 7 for overall global installations.  With support for Windows 7 ending in 2020, this year we are going to see a major push towards discontinuing the Legacy System cycle that has continues since Windows XP was retired in 2014.   Luckily, many businesses learned their lesson with XP and are taking a proactive approach this time around.

 

What Does This Mean for the Future?

We all need to work together.   We need communicate between teams and figure out how we can help each other.   We need to climb out of the idea that one team or another is more important in the corporate culture for securing the network and data center.   We need to be cohesive.  If we work towards that, then maybe we can truly have a great new year.

 

by: Brent Gueth, Principal Security Consultant