Emerging Privacy and Security Trends for the New Year
By: Angela Polania
It’s a new year, and it can be expected that the pace of cyberattacks and data breaches will continue to expand. There will also be an increase in the variety of attacks and the advances and procedures set up to counteract them.
This is substantial given that in the first half of 2019 alone, more than 4.1 billion data records were exposed in known data breaches. The average cost of data breaches for affected companies is nearly $4 million per business. Organizations should remain focused on fixing known vulnerabilities while also keeping a look out for emerging threats.
Privacy and Security Trends for 2020:
- AI for Attacks
There are benefits that come with the use of AI, but it certainly comes with some risks. One such risk is that some attackers won’t just target AI systems, they will use AI systems to aid in their crimes. If compromised, AI could be utilized to enhance phishing and other social engineering attacks.
- MSPs Under Attack
Cybercriminals targeted MSPs throughout 2019 and seized upon the tools they use to manage customer IT systems as a means to attack those same customers. Given the level of access and trust MSPs enjoy in their client’s network, expect hackers to continue attempting to use MSPs as an entry point into their customers in 2020.
- Growth of 5G
Although it will take some time before 5G is fully deployed, 5G networks and 5G capable devices have started to roll out. The new network infrastructure will offer many benefits, such as more bandwidth and increased speed, but it may also open up new device vulnerabilities. The ability to back-up or transmit large volumes of data effectively will certainly tempt attackers with new plentiful targets to breach.
- Threats to the Cloud
Forbes says that 83% of enterprise workloads will move to the cloud by 2020. Human errors during the configuration process can provide cyber criminals with an easy way in. Therefore, as cloud usage continues to increase, so will data leaks.
- New Privacy Regulations
Governments across the world are reacting to the global cybersecurity crisis by creating new regulations that govern the way companies handle and store valuable consumer data. While the U.S. federal government has yet to create a set of strong data privacy protections, several states have drawn up their legislation, including Hawaii, Massachusetts, Maryland, Mississippi, New Mexico, and Washington.The most recent and comprehensive U.S. regulation is the California Consumer Privacy Act (CCPA) which went into effect on January 1, 2020, and governs the way companies must store and secure data. When requested, businesses must inform consumers about the type of personal data they possess, provide them with specific personal information collected in the previous year, and allow customers to request that their information not be shared with third parties. Companies will also have to delete customer data when requested.
- Lack of IT Resources
Perhaps the most important cybersecurity challenge is the shortage of cybersecurity experts. The number of cybersecurity openings continues to grow rapidly, while schools are still graduating the same small amount of qualified information security experts. Businesses must increase their compensation packages and other benefits in order to compete for the limited number of data privacy specialists.