Technology Reseller - v17 2019

01732 759725 PREDICTIONS 38 1 Cyber-attacks will grow – and go slow. Organisations will see an increase in cyberattacks but these will be ‘low and slow’, rather than ‘noisy’ incidents like DDoS attacks. Launched by botnets, ‘low and slow’ attacks aim to remain under the radar for as long as possible, to steal as much data as they can. Often, they take the form of credential stuffing attacks, where stolen credentials are used to access associated accounts and steal further personal data such as addresses and payment details. 2 Bots will overtake human web traffic. As bots become more sophisticated, more than 50% of web traffic will come from bots. Already, Akamai has found that 43% of all login attempts come from malicious botnets and this is set to increase. More sophisticated bots will become capable of accurately mimicking human behaviour online, making it harder for bot solutions to detect and block their activities. 3 Multi-cloud strategies will complicate security management. Businesses adopting multi-cloud strategies will face increasingly complex challenges to ensure that security is consistently, and effectively, deployed across them all. With Gartner predicting that multi-cloud will be the most common cloud strategy next year, organisations that have successfully This time it’s personal By Asaf Cidon, VP Email Security, Barracuda Networks Account takeover is one of the biggest threat vectors in the cybersecurity industry today. More and more organisations are getting hit, as attackers move away from phishing emails to the more lucrative targeting of business executive accounts. In 2019, the level of personalisation in these attacks will reach new heights: n An attacker will know when an executive is on a flight and not on email, and will choose then to target one of their subordinates by impersonating the executive; n An attacker will know that their target is going to make a big purchase and will jump in right before the transaction takes place to redirect the funds or change the order information. These are two examples of how attackers will up the ante by making account takeovers and email attacks so personalised that even the most savvy of targets can be fooled. In that vein, a big problem in cybersecurity that will grow even bigger is that of identity – how do we know if someone is really who they say they are? This challenge will be exacerbated as more organisations continue to move to the cloud and remote logins become more common. Don’t speak too soon… or at all We will see an increase in breaches that use virtual assistants for privilege escalation or distribution of sensitive information. These attacks will manipulate people into inadvertently giving voice commands or playing audio on their computer, prompting a sequence of events that leads to information on company performance or the gathering of additional network information to ease an attack. Reuven Harrison, CTO at security policy company Tufin secured one cloud will need to replicate this across all their cloud portfolio to ensure vulnerabilities are patched and nothing slips through the cracks. We expect companies to seek out cloud-agnostic security solutions to simplify deployment and management across the enterprise. 4 Consumers will continue to put convenience ahead of security. Even though awareness of the insecurity of IoT devices is growing, millions of consumers will continue to ignore the risks, purchasing and using devices that lack comprehensive security solutions, from fitness trackers to smart home appliances. This could swell the armies of bots that are already being used to target enterprises. While some governments have begun to introduce security standards for connected devices, the industry is still a long way from adequately securing its devices. 5 Cybersecurity will be replaced by cyber resilience. In 2019, smart organisations will stop thinking of cyber security as a separate function of the IT department, and instead adopt it as a posture throughout the entire business. Known as ‘cyber resilience’, this concept brings the areas of information security, business continuity and resilience together with the intention of making systems secure by design, rather than as an afterthought. This will enable organisations to continue to deliver business operations in the event of a cyber-attack or incident. 6 Zero Trust will march towards killing off corporate VPNs. For years, virtual private networks (VPNs) have been the mainstay of remote, authenticated access. However, as applications move to the cloud, threat landscapes expand and access requirements diversify, this all-or-nothing approach to security needs to change. Zero Trust, where each application is containerised and requires separate authentication, is stepping in to provide security fit for the 21st Century. 7 Blockchain technology will move from cryptocurrencies to mainstream payments. Today, most people associate blockchain with cryptocurrencies and the less legitimate end of online payments. However, in 2019, blockchain-based payment networks will make it into the mainstream. The inherent security built into blockchain can streamline the online payments process, reducing friction, increasing speed and improving the user experience. In the coming year, we expect brand-name banks and consumer finance companies to adopt blockchain-powered payment platforms, with high scalability and speed. Bots try to break the internet By Jay Coley, Senior Director of Security Planning and Strategy at Akamai Technologies Jay Coley Asaf Cidon