ThreatConnect Research Team:
The Inability To Evolve Is The Biggest Cybersecurity Threat To 2019:
There isn’t one specific threat that could be deemed the “biggest” in 2019. That said, although adversaries rapidly evolve, the same isn’t necessarily true for their targets making them a big threat to businesses. It seems that every year, we, as an industry, work to improve cyber hygiene and educate our staff, and advance our tools, but that it is proving to not be enough. This is where threat intelligence comes into play. Employees and cybersecurity organisations that fail to evolve and address the specific threats facing their organisation — based on the industry they operate in, data they safeguard, organisations they interact with, etc. — will ultimately pose the greatest risk to that organisation.
Hacktivism / Influence Operations Expand Beyond The Political Realm:
Hacktivism, or more commonly known as influencer operations, is when consumers are directed toward a certain stance or feeling on a given issue using false or compromised information. As information and influence operations leveraging a cyber component have seemingly exponentially increased over the last few years, this most likely is going to continue and expand to issues existing outside of the political realm. Whether leveraging compromised data or strictly propaganda or false information, all variety of actors can use information operations to further their personal or organisational goals. Notably from a retail or economic espionage perspective, consider the possible effects of such an operation. A competing retailer could post scores of negative reviews for a competitor in hopes of ultimately driving down that organisation’s business. Similarly, a nation-state could minimise competition for its domestic companies by conducting information operations targeting foreign organisations.
Critical Infrastructure Threats Are Not Going Away, But There Is Hope:
In the past few years, attacks like those on the Ukraine energy sector have shown the world that cyber-attacks can have a physical impact if they’re directed at devices that control/manage critical infrastructure like the power grid. These devices will likely remain an attractive target for those who want to have an impact on the physical world until we come to a place where the security of process control networks (PCN), supervisory control and data acquisition (SCADA) systems, and other industrial control systems (ICS) is put at a higher priority than the ease of use of those systems. Strict access controls and steps to mitigate the threat from malicious insiders would go a long way toward addressing these issues.
Adam Vincent, CEO and co-founder of ThreatConnect:
Security Teams Will Need To Prove Their Worth With Data:
The security operations teams of today are focused on combating threats, but the team of the future is going to have to prove it with data. In the coming year, we’re going to see more CEOs and boards asking their CISO and security teams to demonstrate the value that they are providing. This means that it will be essential for the CISO to have a way to measure the success of the security team. Think about it like the HR or Finance department: reporting, dashboarding, data storage, aggregation and analysis, and the ability to answer executives’ questions on KPIs quickly are all requirements. In the past, this hasn’t been a practice for the cybersecurity side of business, but in the year ahead it will become more prevalent for security teams to be expected to have reporting at their fingertips.
Technology Plays A Key Role In Closing The Cybersecurity Skills Gap:
We see it now and will continue to see it in the coming year—security teams need to do more with the limited people they have. Threats are increasing, but the size of teams is often not. Even companies with budgets to hire still have open slots due to the limited supply of trained staff available worldwide. Technology that can perform certain processes without the need for human intervention will be critical to helping teams be more efficient, but it’s not a silver bullet solution. When data collection and analytics are a part of this process, the decision makers must have the intelligence needed to make informed decisions. In the coming year, CISOs will be looking to implement more solutions, particularly ones that can be automated and integrate seamlessly with other solutions, to help ease the pain felt by the growing cybersecurity skills gap.