Closing out 2019, one of the worst years so far for data breaches which saw nearly 8 billion records exposed. Going into 2020, cybersecurity workers are dealing with more threats than ever and often handling greater quantities of cloud-stored data, all while strained by a growing skills gap that sees demand for skilled security professionals rapidly outstripping supply.
2020 is poised to build on 2019 — similar threats, new technology, and higher stakes.
Here are 3 cybersecurity trends that every security professional should be prepared for in 2020.
1. The Continued Rise of Ransomware
Ransomware is likely to become a bigger threat in 2020, following a string of major ransomware attacks in 2019. At the same time, the average amount of money demanded by hackers is increasing — making these attacks even more costly for victims.
Through 2020, these attacks are likely to continue costing both public and private organizations significantly.
These attacks can be some of the hardest to defend against because they are often the result of a successful phishing attack. Even the most skilled cybersecurity team can’t prevent a phishing attack if the employees of the company they work at aren’t trained properly in how to identify phishing.
In 2020, businesses will need to be ready to commit more resources towards training non-security staff and helping their cybersecurity workers prepare for a growing number of ransomware and phishing attacks.
2. More Businesses Turn to Cloud Computing
In 2019, a significant number of businesses moved some or all of their storage and computing power to the cloud — a trend that’s expected to continue into 2020. However, while this migration to the cloud can make things simpler for businesses, it’s not completely positive — among the flaws of cloud storage are the potential security vulnerabilities that the cloud can introduce.
For example, Capital One’s servers were breached due to a combination of a misconfigured Web app firewall and a hacker who had insider knowledge of cloud vulnerabilities as a result of previously being an Amazon employee. (Capital One’s cloud provider was Amazon Web Services.)
Cybersecurity experts need to be prepared to both secure cloud storage — and train non-security employees on the best practices to use when managing cloud databases.
3. Unsecured IoT Devices Become Major Targets
IoT security has made major strides over the past few years, soothing the fears of some experts that the proliferation of internet-connected in homes would expose hundreds of networks to hackers and cybercriminals.
However, these devices are no longer just consumer goods — they’re beginning to be used widely in enterprise-level business, industry, and even critical infrastructure.
As a result, consumer-level security may not be enough. As businesses and government organizations begin to adopt commercial IoT devices, they’ll become greater targets as potential entry points into secure networks that store valuable data.
Unsecured IoT devices will become a greater liability. Cybersecurity professionals will need to become experts in securing IoT devices or risk exposing their networks. They’ll also need to learn how to secure devices that connect over new networking technologies — like 5G, which is expected to roll out in earnest across America over the course of 2020.
What Cybersecurity Workers Need to Prepare for in 2020.
2019 was one of the worst years so far for data breaches and cybersecurity — as a result, cybersecurity professionals will have their work cut out for them going into the new year.
Ransomware will continue to be a major threat and is likely to grow even more costly for businesses. Worse, these attacks may be hard to defend against without employee training. Further adoption of cloud computing will provide benefits and flexibility for businesses but may make their data less secure.
Poorly secured IoT devices may become bigger targets as more and more companies and major organizations begin to integrate them into their infrastructure and workflows.