How can businesses better protect themselves from the increasing volume and complexity of cyberattacks while preparing for the opportunities of automation and digitalization of industries? TÜV Rheinland sheds light on these questions in more detail in its “Cybersecurity Trends 2018”, available for download at http://www.tuv.com/en/cybersecurity-trends-2018
“Our goal is raise awareness to increasing cybersecurity risks impacting business and safety of our clients,” shared Frank Luzsicza, Executive Vice President ICT & Business Solutions, TÜV Rheinland. “In this year’s report, we focus on where we see the most significant threats and opportunities emerging. We highlight the implications of our increasingly connected world, how global regulation is responding, the need to inject trust into cybersecurity, ways to protect ourselves from ‘intelligent’ cyberattacks, and what we should do to close the skills gap in an environment starved for cybersecurity talent, yet overwhelmed by volumes of data.” Similar to previous years, our report is based on a survey of TÜV Rheinland’s leading cybersecurity experts and input from clients in Europe, North America and Asia.
Following are highlights of the 8 cybersecurity trends identified this year:
TREND 1: A rising global tide of cyber-regulation increasing the price of privacy
Data protection is a critical concern in an increasingly digital world and May 25, 2018 is a turning point for data protection in Europe. It marks the end of the transitional period for the EU General Data Protection Regulation (GDPR) as it becomes enforceable by law. It disrupts data governance and how information is protected for any organization controlling or processing EU citizen personal data, and leads a growing list of emerging data protection regulations from around the globe. Failure to comply could result in fines of up to 4% of global turnover – a significant sum that demands attention. Expect to see the EU Commission hold major global companies accountable for GDPR violations.
TREND 2: The Internet of Things drives the convergence of safety, cybersecurity, and data privacy
In 2016, Mirai proved that Internet of Things (IoT) devices can be effectively weaponized as botnets. Today, product development, time to market considerations, and technical power constraints leave IoT devices exposed by exploitation of critical vulnerabilities. The impact of data breaches now extends far beyond simple data monetization to ‘kinetic’ threats to health and safety, as devices and systems are directly connected to open networks. It is widely accepted that the state of IoT security is poor and, with over 500 connected devices expected to cohabit with us in our homes by 2022, these represent a major risk to safety, cybersecurity, and data privacy.
TREND 3: Operational Technology emerges as a frontline for cyberattacks
The industrial internet is already transforming global industry and infrastructure, promising greater efficiency, productivity and safety. To compete means to move process equipment online, often unwittingly exposing component vulnerabilities to cyberattacks. Manufacturing plants are targeted to obtain intellectual property, trade secrets, and engineering information. Attacks on public infrastructure are motivated by financial gain, hacktivism, and national state agendas. Fear of a ‘worst-case scenario’, where attackers trigger a breakdown in systems that underpin society, was highlighted this year at the World Economic Forum. Industrial systems are particularly susceptible to supply-chain attacks, adversaries have recognized this, and are targeting them.
TREND 4: With cyber defences in place, focus shifts to threat detection & response
Recent cyberattacks on high-profile organizations are proving that, against the sophisticated and persistent cybercriminals, preventative controls alone are not enough. Today, it takes organizations, on average, over 191 days to detect a data breach. The longer it takes to detect and respond to threats the greater the financial and reputational damage done to the organization by the incident. Due to the vast growth of security log data, limitations of incumbent technologies, ineffective use of threat intelligence, inability to monitor IoT devices, and shortage of cybersecurity talent, organizations are exposed to costly dwell times.
TREND 5: Increasing use of Artificial Intelligence for cyberattacks and cyber defence
As organizations undergo a digital transformation, there is a growing volume of increasingly sophisticated and persistent cyberattacks. Malware is becoming smarter, able to ‘intelligently’ adapt to and evade traditional detection and eradication measures. With a global shortage of cybersecurity talent, organizations are losing the cyber arms race as a result. The volume of security data now far exceeds our legacy capability to use it effectively, leading to a growing number of AI-enabled cybersecurity use cases: accelerating incident detection and response; better identifying and communicating risks to the business; providing a unified view of security status across the organization.
TREND 6: Certifications become necessary to inject trust into cybersecurity
It is broadly accepted that cybersecurity and data protection are of critical importance in an increasingly digital world, but how can you judge the effectiveness of an organization’s cybersecurity posture? There is a growing concern for trust in cybersecurity, evidenced by existing and emerging standards. For CISOs and product manufacturers alike, certification validates you have done what you say you have done. Today, however, product security assurance certification schemes tend to focus on the critical infrastructure and government sectors only. Where does that leave the manufacturers of consumer products?
TREND 7: Passwords being replaced by biometric authentication
Our digital lives are ruled by a complex web of online apps each requiring a username and password to control access. To protect the data behind these apps, selecting an obscure and complex password, and changing it often, is good practice, but also quite rare. With exponential improvements in computing power, and easy access to lots of it in the cloud, the time it takes to brute force passwords is rapidly reducing. What took nearly 4 years in 2000, now takes only 2 months. Add to that the fact stolen, hacked, and traded, passwords have never before been so openly available. As a result, it is increasingly commonplace to encounter biometric authentication (facial, fingerprint, iris, and voice) included in everyday mobile, tablet, and laptop devices, as well as physical access and online services.
TREND 8: Industries under siege: Healthcare, Finance, and Energy
The majority of cyberattacks are undertaken by criminal organizations and are motivated by money. The value of information on the dark web depends on demand for the data, the available supply, its completeness, and ability for reuse. As a result, healthcare and financial personal information are highly sought after. Medical records can fetch $1-$1,000, depending on how complete they are, while credit cards can fetch only $5-$30 dollars, if bundled with the information necessary to do immediate damage. Other cyberattacks have more political and nation-state motives, here disruption to critical services through attacks on the energy sector is a key risk in 2018; as evidenced by recent news of Russia’s campaign of cyberattacks targeting the US power grid, which is suspected to have been underway for several years.