Our predictions for cybersecurity in 2020 and beyond
An often used and wrongly attributed quote states that “those who fail to learn from history are doomed to repeat it.” In the world of cyber security, we are focused on learning as much as we can from every data breach in order to develop the tools and systems for better protecting your data.
In that spirit, here are some of the key trends we’ve spotted more of over the past year, and what we can expect more of heading into 2020 and beyond.
Regulations will drive data breaches to new geographies
Traditionally, many of the biggest data breaches we’ve seen have been within the United States. However, as new regulations and compliance regimes have been introduced, bad actors have been targeting organisations elsewhere in the globe.
As new regulations appear across the world, from the EU’s GDPR to Australia’s Notifiable Data Breach program, companies will bolster their cybersecurity programs, and force cybercriminals to look elsewhere. Because there are people using credit cards and personal data everywhere in the world, and not all of them are as well protected.
Managing the risks of the continued transition to the cloud
In case you haven’t heard already, the switch to the cloud is still happening at a rapid rate. According to Gartner, the worldwide public cloud services market is projected to grow 17.3% in 2019 to total $206.2 billion. Organisations and businesses in every field want the cost-effective scalability that the cloud offers them.
In their rush to the cloud, we see many organisations missing some crucial steps. Crucially, they’re failing to adequately classify the datasets and workloads they’re moving to cloud environments, which means they may not be receiving the protection they need.
The general rule of thumb is that cloud providers are responsible for security of the cloud, while you are responsible for security in the cloud. This means you need to have a far more advanced understanding of the “who, what, when, where and why” of user access in the cloud in order to protect your data adequately.
Closing the security skills gap with AI
Whether through anecdotal evidence or actual statistics, it’s well understood that the world is facing a global cybersecurity skills shortage. According to research from Cybersecurity Ventures, there will be an estimated 3.5 million cybersecurity job openings by 2021, and not nearly enough qualified professionals to fill them.
We already see and hear of teams who are experiencing alert fatigue from the thousands of false positive alerts they receive each day. This is where AI and machine learning applications for security stepping into the breach to perform a wide variety of roles across network security, cloud security, user access management and data security.
This is happening in concert with the aforementioned shift to the cloud, as savvy businesses now realise they can access the best available security capabilities through as-a-service offerings on a subscription basis.
Ultimately, organisations need to understand that the range of threats they are facing today are growing rapidly and evolving dynamically. This means they need to adopt a data-centric and risk-focused approach to cyber security – by understanding where their data is, who has access to it, and how it is being protected.
About the author:
As the Regional VP across Asia-Pacific and Japan at Imperva, I partner with organisations to ensure their data is contained in completely secure cloud environments. Please contact me to determine whether your data is being compromised and discuss the security solutions available to you - chris.wood@imperva.com