The cybersecurity industry is constantly changing. Threats and attackers are becoming more sophisticated and continue to wreak havoc on businesses in every size and industry, with no signs of deceleration, according to Forescout.
Terrie Anderson, country manager – Australia and New Zealand, Forescout, said, “Organisations need to think beyond the past when it comes to their security strategy. They also need to get ahead of emerging threats, and the foundational step is real time visibility of everything connected to the network, whether it’s transmitting data or not. This is likely to include adopting new technologies, as well as protecting the use of new devices within in the organisation. It also means considering the implications a cybersecurity attack could have on operations such as critical infrastructure.”
Forescout has identified six trends to watch in 2020:
1. Artificial intelligence (AI) for industrial
Industrial companies will continue to shift toward AI-based solutions for analysis of cybersecurity data. This is part of a broader trend of organisations shifting towards tools that can efficiently and effectively automate tasks, such as workforce challenges, costs, and security needs. AI machine learning tools will leverage data to augment human decision making. In addition, industrial companies are looking for ways to better protect their critical infrastructure devices. CISOs are hungry for tools that can help them with this problem and AI has the potential to flag anomalous activity that could point to an attack and analyse sensor data for more effective response to security threats and even predictive maintenance needs.
The market for 5G infrastructure technology is expected to reach US$4.2 billion and two-thirds of companies intend to deploy 5G in 2020, according to Gartner. 5G technologies let businesses replace existing networks with a lower latency, higher bandwidth alternative, letting them connect more types of devices and leverage enhanced capabilities around technologies like AI, edge computing, and automation. This presents a significant opportunity for companies to advance their technology posture. However, as adoption spreads so do potential security threats from these devices. Companies will reach a critical mass of these devices in 2020, forcing them to reevaluate their risk paradigm for connected devices. Further complicating that paradigm is the fact that devices leveraging 5G could potentially bypass some traditional cybersecurity technologies by connecting directly to cellular networks. It’s unclear if this changing risk paradigm will result in an attack or breach in 2020 due to the newness of the technology but, regardless, organisations will have to consider changing their security strategies or leave a growing section of their devices without adequate protection.
In 2020, disruptionware will increasingly intersect with connected systems and rogue devices in building automation and other operational (OT) systems. These disruptionware attacks include ransomware, but also reach more broadly to include disk-wiping malware and similarly disruptive malicious code. In recent research, Forescout noted the rise of disruptionware across the industry, particularly in manufacturing that relies heavily on OT technology. These attacks are incredibly impactful on a business. Forescout expects to see many more of these attacks in 2020 including at least one big attack on a major energy or manufacturing company that will severely disrupt the company’s operations. This event will serve as another wake-up call to CISOs to reconsider IT/OT convergence inside their own companies, evaluating technologies like network segmentation, which will let them protect these systems more effectively.
4. Changing role of the CISO
CISOs have increasingly assumed responsibility for securing OT networks as those networks converge with IT networks. To date, that trend of IT/OT convergence has largely been a technical one. Networks for IT and OT have increasingly overlapped, with 84 per cent of organisations already adopting or planned to adopt an IT/OT convergence strategy in 2019, according to SANS. This trend will expand in 2020 to become a cultural one as well. As CISOs increasingly assume responsibility for securing OT networks, previously relegated to teams running those networks, many more will choose to combine the IT and OT security teams into one cohesive organisation. This will require not only a cultural shift as the teams come together, but also new skills and training for IT, OT, and hybrid IT/OT teams. It will also mean the creation of a roadmap for how IT and OT will work more closely together.
Hospitals will start to shift how they procure Internet of Things (IoT) medical devices in 2020. This will happen in recognition of the attacks these organisations have seen in the past few years. While security will not always outweigh other factors, like cost, licensing, support, or type of device, it will increasingly become a consideration in the buying and procurement process. There will also be increasing budget available and projects more commonplace to secure devices that cannot be updated or replaced, as doing so is expensive. Overall, in both cases, healthcare organisations will move up the maturity model for cybersecurity in 2020, and those that bypass this trend, particularly small and medium-sized organisations, will continue to face devastating cybersecurity threats.
6. Cloud migration causes new security headaches for financial services
Financial services companies have been accelerating their adoption of cloud technologies as part of digital transformation strategies. However, this migration from the data centre to the cloud also can result in increasing cybersecurity challenges, driven by factors like misconfigurations in networking devices and business application servers that lead to exposed critical data. This is particularly concerning as more financial services companies migrate more of their critical business applications to the cloud. Forescout predicts that this acceleration in cloud migrations will result in a massive data breach in 2020, the size of which could be as significant as Equifax, given the amount of data these companies hold and their increased willingness to migrate critical data.
Terrie Anderson said, “It’s essential for organisations to be across these trends for 2020 and give careful consideration to how they will address them. Visibility across the network will be even more important as these trends gain momentum, and companies that don’t have complete visibility could be opening themselves up to threats. The first step, therefore, for many organisations, will be to implement visibility tools so they can start to get a clearer picture of what’s happening in the organisation and on the network.”