In today’s climate, even non-technologists are becoming acutely aware that poor cybersecurity hygiene can produce far-reaching effects. From ransomware holding major municipalities and hospitals hostage to concerns over election meddling, cyberattacks pose a detriment to all citizens. This persistent rise in the severity and complexity of attacks will force organizations to get more serious about preventing attacks, instead of just wishing they don’t become victims because the odds once appeared in their favor. Organizations should provide more general support for budgeting to implement these pertinent data security measures.
- Zero Trust: 30% of all organizations will begin to implement a Zero Trust approach to security. The traditional perimeter-based security approach lags behind how we interact and perform day-to-day business functions. We must change how we protect our data, which is any organization’s most valuable asset. Just as we evolved from living in castles with fortified perimeters and one entrance to houses with multiple egress points and multiple internal security features, such as motion detectors and safes, our corporate information technology infrastructures must also evolve.
- Rising costs of ransomware: The cost to organizations in 2020 from ransomware attacks will more than double what they were in 2019.
- Malware 100X more dangerous: Traditional malware will cost organizations 100 times more than ransomware in 2020. While ransomware will continue to get more press coverage, more discrete malware not usually noticed by organizations will clandestinely steal and manipulate data at a greater rate to disrupt business operations and compromise critical intellectual property. This will cost organizations more than ransomware, but many organizations won’t even know they’ve been infiltrated.
- Cloud more susceptible to ransomware: Ransomware will target the cloud and could represent 25% of ransomware attacks by 2024.
- Cyber playbooks: The government will start releasing Cyber Response playbooks. Today, individual organizations are responding with direction from their insurance companies, lawyers, and cyber consultants how to respond to cyber incidents like ransomware attacks. With competing and conflicting advice, unstructured responses can exacerbate the situation and delay recovery.
- Compliance drives spending: Compliance will drive a 20% increase in data center spending. Cybersecurity shortcuts are being implemented by buying down risk with Cyber-insurance. Compliance will force organizations to implement cybersecurity to continue operating and conducting business with their customers.
- CMMC: New proof of compliance being forced by regulators and customers will shine a light on how poorly data security is implemented within most organizations. New requirements like the DoD’s Cybersecurity Maturity Model Certification (CMMC) require third party accreditation instead of allowing the organization to self-certify. Exposing how bad conditions were before forcing third party accreditation will validate the requirement for more regulation and proof of compliance on a broader spectrum.
- Robotic Process Automation: People will treat robotic process automation (RPA) robots from a security perspective the same way they treat humans. Organizations will see that AI/ML and RPA will need the same level of compliance and scrutiny that traditional users require because they can be misprogrammed or hijacked.
- Ecosystem security: Hybrid compliance and security tools will emerge. Today most existing security tools focus on the cloud or corporate data center. Next generation tools must cover the cloud, corporate data center, and edge. Compliance and reporting across the whole data ecosystem must grow so that organizations can track the source and integrity of data.
- 5G: 5G rollout will drive the edge and drain some workloads from the cloud or be duplicated at the edge. The edge will be a hot topic of 2020 and forever cause people to think about The Cloud + Corporate Data Center + The Edge. The edge will require new ways of thinking about data security as 5G could be the hacker’s fastest exfiltration path yet.