As the Fourth Industrial Revolution opens up unprecedented business opportunities, it also increases the inevitability of a cyber-attack, and businesses need to be prepared. Not only do security measures need to be built into technology from the start, an awareness should be ingrained into company culture, while significant investment is also essential. Global spend on information security products and services will grow to a massive $93 billion in 2018, according to the latest forecast from Gartner.
With that in mind, these are some of the broad cyber-security trends that we’ll see moving into 2018:
Cyber-security skills continue to evolve
As technologies progress, the skills needed to deal with cyber-security needs are changing. The challenge is to train cyber-security professionals so that they can deal with threats as quickly as possible and also adapt their skills as needed. There will be some 3.5 million unfilled cyber-security roles by 2021, according to a Cyber-security Ventures report, so it’s up to governments, universities, schools and businesses to collaborate in order to bridge this substantial skills gap.
Shift from protection to prevention
In 2018, security breaches should be thought of as inevitable, rather than something that can be completely avoided. As a result, the focus is shifting from prevention to resilience. Businesses must talk openly about vulnerabilities, promoting awareness and accountability. Resources that are currently focused on prevention need to be redeployed towards the timely detection of and response to potential security hacks.
Digital ecosystems drive next-generation security
As smart technology and the Internet of Things (IoT) become more widespread, safeguarding customer data is even more important. As data breaches that reveal sensitive information can have a direct physical impact, organisations have become responsible for people’s safety. Accountability is a key challenge and technology companies must ensure that their devices, services and software ensure a certain level of security for their users. As cyber-security needs and regulations evolve, businesses will need to strategically develop next-generation frameworks to minimise risk. Not only will these need to support today’s requirements, they must also be designed to cope with disruptions caused by emerging technologies.
Bigger, more sophisticated threats
Up to 70% of emails today are spam, and the vast majority of these still involve phishing scams. Other common hacking threats include ransomware, malware and Distributed denial-of-service (DDoS) attacks, all of which have been responsible for major data breaches in recent months and which can leave both company and customer data vulnerable to cyber-criminals. A massive 93% of data breaches are motivated by financial gain, according to a recent Verizon report. Hackers aim for the highest return for the least amount of effort, which is why smaller businesses with lax security are often successfully targeted.
Emerging technologies are a double-edged sword
Emerging technologies have enabled cyber-criminals to use increasingly sophisticated methods but ironically, these innovations could also help to boost defence against hackers. For example, there is an increasing threat of artificial intelligence-enabled attacks, but AI could also help to speed up the process of identifying potential risks. AI is set to be so integral to cyber-security in future that it is estimated that the global AI security market will reach $18.2 billion by 2023, according to a recent report. Similarly, the expanding network of connected IoT devices opens up more potential security threats with some 22.5 billion IoT devices predicted to be connected to the internet by 2021, according to a report from Business Insider. While security will be a challenge, the vast amount of data generated by IoT technology could actually help researchers to spot security flaws.
Threat landscape continues to evolve to target vertical industries
While cyber-threats are a key concern for businesses across all industries, here’s what the security landscape looks like for a number of key sectors:
In summary, while it’s important for individuals to be more mindful of cyber-security, the same awareness must also be present at an organisational level. Businesses that invest in security measures to reduce the risks of a data breach will have a competitive advantage. What’s more, the issue needs to be tackled at a country level with governments and international bodies adopting a more prescriptive approach. Laws and regulations must be updated accordingly, while governments must also encourage education and enable international threat intelligence sharing. Regulation is essential so that providers can build the necessary defences.
Read one of my previous blogs on consumer security in 2018.