2019 was an interesting (and eventful!) year for cyber security. Breaches were hitting the headlines almost every week. According to research, the number of data breaches increased by 54% in the first half of 2019, with nearly 4,000 publicly disclosed breaches during that time.
Should we expect more of the same throughout 2020? Or will cyber criminals change their methods as we head into a new decade? Only time will tell, but one thing for sure is that cyber-crime remains a top issue on every business leaders mind.
Ready to improve your cyber security knowledge? Download our FREE White Paper >>
From phishing scams and mobile attacks to IT security staff shortages and cyber insurance increases, here are 5 cyber security trends to look out for in 2020.
Insider threats
Insider threats have long been an issue for companies. However, recently they have become increasingly prevalent. A study conducted by Cybersecurity Insiders revealed 90% of companies feel they are vulnerable to insider attacks. As a result, 64% of organisations are putting their focus on detecting insider threats and helping to prevent attacks from happening.
Many people think of the term ‘insider threat’ in cyber security is an employee with malicious intentions. But the reality is that negligent employees cause an equally high number of security breaches or leaks by accident.
Employees in every sense can represent a significant threat to a business’ data. While more and more organisations are becoming aware of this, very few are equipped to face this type of threat. Now halfway through 2020, companies need to invest in solutions that address the issue. There are several employee monitoring and data loss prevention software available so that every company can be equipped to defend against insider threats today.
Phishing scams
Despite our best efforts, phishing scams are continuing to be an effective method for gaining access to inboxes in order to steal credentials and identities, distribute malware, and much more. Unfortunately, this threat is not going away any year soon.
Phishing is a type of social engineering attack when cyber criminals try to contact you via a fraudulent email, phone call, or fake website. They often disguise themselves as a trustworthy source to deceive victims into opening an email, instant message or to give over personal information.
Experts have already predicted that phishing scams will be re-crafted to become increasingly difficult to detect. Therefore, businesses must ensure they provide proper cyber security awareness training for all employees and business partners.
Cyber insurance
Cyber insurance is likely to play a larger and more crucial role in cyber plans for 2020 and beyond. The cost of responding to cyber attacks is rising, with companies learning the hard way that they don’t have the money to cope with an attack or the resources to mitigate the attacks on their own.
Partnering with a Managed Service Provider will provide your business with the resources you need to stay protected. An MSP such as entrustIT already know how important security is to a business and will have access to specialised resources.
Cyber insurance isn’t going to directly pay for any money lost in an attack, however it will help to finance legal investigations and fees. As organisations are becoming more and more aware of the benefits of having cyber insurance in place, we can expect to see a significant increase in the number of organisations buying cyber insurance, making it one of the fastest growing markets related to cyber security.
Cyber security skills gap
The demand of cyber security professionals is exceeding the number of available candidates; two in three organisations worldwide have reported a shortage of IT staff. Additionally, it is estimated that by 2021, 3.5 million cyber security jobs will be vacant. Because of this, cyber security professionals are facing serious pressure and long working hours, resulting in them leaving the profession at a record rate.
This high-stress, high-turnover environment puts business data at risk. Companies are now looking at different ways to handle it by broadening the talent pool and by investing in tools that take the pressure of their cyber security workers. For example, many companies are investing in AI antiviruses, anti-phishing tools and other cyber security platforms to help reduce the amount of labour needed from cyber-security experts.
There are no signs that the cyber security skills gap will begin to close throughout the rest of 2020. However, it is clear employers and training programmes are taking a step in the right direction.
Mobile attacks
New technologies mean that the number of devices employees use to get work done continues to rise, as does the amount of business data on these devices. Cyber criminals are moving their attention to mobile attacks due to this; it is expected that mobile will become a primary phishing vendor for attacks throughout the rest 2020.
Security experts Lookout say “Traditional secure email gateways block potential phishing emails and malicious URLs, which works for protecting corporate email from account takeover attacks, but neglects mobile attack vectors, including personal email, social networking, and other mobile centric messaging platforms such as secure messaging apps and SMS/MMS.”
In a post-parameter world, it is more important than ever that businesses realise corporate email is not the only, or even primary attack method used when it comes to social engineering. They must then look to alter their cyber security practices accordingly.
2019 was undoubtably a bad year for cyber security, and there is not much to make us believe the rest of 2020 will be any better. A determined intruder is hard to keep out. However, by educating yourself and your employees, you will help to mitigate the chance of an attack happening.
Want to become a cyber security champion? Download our FREE White Paper to get started >>
