With data breaches hitting headlines daily, IT pros are constantly concerned about the next big threat. Whether it’s ransomware, phishing, or completely new attack vectors, there’s always something on the horizon rearing its ugly head.
KnowBe4 has compiled a list of its top 10 cybersecurity predictions for 2020 from its executive leadership team and array of security awareness advocates from around the world. The topics range from upcoming government legislation to security culture to specific industry verticals being targeted in cyber attacks.
Stu Sjouwerman, CEO
In 2020, federal legislation will be passed that makes any ransomware infection of more than 500 records automatically a data breach with all the resultant disclosure requirements and legal expenses.
Kevin Mitnick, Chief Hacking Officer
Everyone will still be vulnerable and likely exploited through phishing, pretext calling, and using other social-engineering based tradecraft. I also predict AI-driven social engineering attacks especially adopting voice-changing technology to hijack a person’s voice to further fraudulent schemes. Moreover, I expect to hear about more sophisticated supply-chain attacks in corporate environments wherein hardware implants are installed which are extremely difficult to detect.”
Javvad Malik, Security Awareness Advocate, EMEA
We will see further balkanisation of the internet and its services. While countries like China have traditionally maintained its own infrastructure, we have seen political issues spill out to the cyber realm, with companies like Kaspersky and Huawei being banned in the U.S. We will likely see more products and services having to be tailored for local requirements and regulations.
Perry Carpenter, Chief Evangelist and Strategy Officer
A nation-state will decide to make a point and flex their cyber muscles by initiating large-scale manipulation of everyday consumer IoT products. In addition to the general panic and unease that is caused, other – even more serious – impacts will reign across power grids and aspects of critical infrastructure.
Roger Grimes, Security Awareness Advocate
Social engineering and unpatched software will remain the top two root causes for successful exploits as they have been for over three decades. Everyone knows they are the top two causes, but most of the world will not treat them like the top threats they are. Instead, they will be mostly ignored or weakly mitigated while most of the world concentrates more resources on things less likely to happen.
Jelle Wieringa, Security Awareness Advocate, EMEA
We’ll see more targeted multi-vector attacks emerge. The bad guys are building increasingly more complex attacks to combat the increasing layers of defense. And while defensive measures are in no way sufficient in battling various attacks yet, the bad guys are always looking to increase the efficiency of their attack methods. Combining a multi-attack vector to chain-link attacks is an excellent way to increase efficiency and reduce the cost of an attack, which allows them to scale up even more.
Jacqueline Jayne, Security Awareness Advocate, APAC
Business email compromise (CEO fraud) will escalate and cause major disruption to day-to-day activities across the globe, leading to the addition of compulsory new-school security awareness training and testing in business, academia, industry and government. This will, in turn, result in collaboration and sharing of ‘near misses’ related to cyber threats more than ever. At present, there is a lot of caution with sharing such information.
Erich Kron, Security Awareness Advocate
Deepfake technologies will be used to attempt to influence the 2020 elections in the United States and beyond. Fake videos and audio will be released close to the election time in order to discredit candidates or to swing votes. While these will be proven as fakes fairly rapidly, undecided voters will be influenced by the most realistic or believable fakes.
Kai Roer, Security Culture Advocate
In 2020, the use of the term security culture will continue to increase as more organizations understand what it takes to reduce risk and manage security in their workforce. A combination of training, assessments and a structured process is being implemented to manage the human factors that influence security.
James McQuiggan, Security Awareness Advocate
As energy facilities continue to be targeted for cyber attacks, the need for Operation Technology (OT) departments and Information Technology (IT) to collaboratively solve the cybersecurity issues will be an increased importance for organizations. They will need to collaborate with their own corporate Security Operations Center (SOC) or utilize virtual SOCs to continually monitor their SCADA or DCS networks monitoring network activity and assets connecting and disconnecting from the networks.
Rosa Smothers, SVP of Cyber Operations
Governments such as China, Russia – and as seen more recently with Saudi Arabia’s recruitment of a Twitter employee – will continue to pose counterintelligence (i.e., insider) threats to corporate America and our allies. The media is replete with stories regarding insider threats posed by our acknowledged adversaries and some “uneasy” allies. There is no return on investment to spend millions of dollars in time, money and effort to hack into a highly secure network when an intelligence service can spend less than $100,000.00 to gain the information they need by recruiting a willing employee with financial (or otherwise) vulnerabilities. Any organization with significant personally identifying information, especially as it relates to people in countries with politically vulnerable populations, should pay special attention to their insider threat education efforts.
There’s no doubt that it will be interesting to see which attack vector is going to be the biggest threat next year. And more than ever, your users should remember to think before they click because the bad guys will try to hack your employees before anything else.