Cybersecurity in business is perpetually evolving as is the legal framework surrounding data and privacy. Take the current UK’s 5G agreement with Huawei which shows uncertainties in terms of cybersecurity and engineering. The Huawei Cyber Security Evaluation Centre 2019 Annual Report showed serious and systematic defects in Huawei software engineering and cybersecurity competence. According to 5G expert Emily Taylor, ‘bugs in software make any system vulnerable to attack’.
In 2018 GDPR was introduced in Europe to better protect citizens from data privacy breaches. As a result, cybersecurity has a role in society as important as in business and the risks can be both personal and financial. A recent report by the search firm Martin Hawk showed that more than 60% of the cyber-security leaders surveyed said talent shortage will get worse over the next five years.
What is a CISO? Since information security goes beyond a simple technical issue and blends risk, people and data management, and technical knowledge, the traditional CTO role had to be revised. This is where the ‘CISO’ (Chief Information and Security Officer) comes in, following the evolving cybersecurity landscape and changes. The CISO has more critical responsibilities and has knowledge of potential threats.
With the rise of potential threats in IoT, companies need to implement strong cybersecurity systems to prepare for and deal with cyberattacks. The above infographic compiled by IT solutions network Paradyn highlights the major changes for companies to take into account this year in anticipating cybersecurity breaches.
GDPR provides a set of guidelines to help make data security practices more organised, transparent and protected. As seen in the infographic, several locations around the world have introduced similar regulations to GDPR. Companies should systematically plan to align their organisation’s data protection policies with GDPR as it is likely that similar regulation will eventually be implemented in their area.
According to Cylance Blackberry, 75.2% of surveyed security professionals plan to use artificial intelligence for cybersecurity defence, 70.5% for malware prevention and 68.6% for advanced threat prevention. Artificial intelligence and machine learning technologies will potentially be used to identify and respond to threats as they occur.
As more organisations migrate to the cloud, cloud security will remain a top concern. Around 29% of organizations have cloud account compromises. The biggest risks to cloud security include customer misconfiguration, mismanaged credentials or insider theft: 64% of cybersecurity professionals cite data loss and leakage as their main concern and 62% say data privacy and confidentiality is their top cloud security priority. Moving forward, greater education is needed for cloud protection and safety.
“Public cloud is a secure and viable option for many organisations, but keeping it secure is a shared responsibility… Organisations must invest in security skills and governance tools that build the necessary knowledge base to keep up with the rapid pace of cloud development and innovation.” – Peter Firstbrook, Research Vice-President at Gartner
By the end of 2020, the number of Internet of Things (IoT) devices is expected to surpass 20.4B. The increased adoption of IoT will also bring increased vulnerability for enterprises and consumers alike. Many IoT devices are not secure end-to-end, and this is partly due to a lack of security standards.
More than 80% of cyberattacks are a result of people getting tricked out of their passwords. Today’s technology makes it easy to hack even the most complex passwords. This is even worse when many users continue to use poor passwords across multiple accounts.
Biometric tech offers a safer alternative where users are identified by their unique physical characteristics or behaviours: facial, voice, and fingerprint recognition. Multi-factor authentication will also increase and become more commonplace: this requires the user to provide two or more independent credentials in order to verify their identity.