Tag Archive for: predictions

Cyber Predictions 2022 | K2 Integrity

/in


Where We Stand

This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a new set of cybersecurity problems for technical and security teams have emerged. While it’s still too soon to tell just how much damage it has done (or will continue to do), it’s clear that the Log4j vulnerability has the potential to become the most significant threat seen on the Internet for years.

This is due to three reasons:

  • Its pervasiveness—Log4j is widely used by developers and bundled in various vendor products.
  • Its ease of exploitation—compromising a vulnerable system is often easy but patching the vulnerability is complex.
  • Its severity—once a system is compromised the attacker has total control to run whatever malicious code they choose.

Patching vulnerable systems has always been challenging for IT teams under pressure to maintain uptime. This struggle persists and is becoming more difficult. With Log4j, the challenge is finding what is at risk. This is particularly difficult for small to medium-sized enterprises (SMEs), who may not have dedicated IT resources to keep on top of the patching cycle or the capabilities to respond to zero-day exploits.

It is estimated that 60% of small companies go out of business within six months of a cyber-attack1.

This is likely to lead to further outsourcing of cyber services to managed security services providers (MSSPs); when selecting such security partners, businesses will need to exercise caution to ensure that the chosen partner fits their needs and has the experience appropriate to their environment.

To plug security gaps, organizations will continue to increase their spend on information security and risk management technologies and services, as they continue to deal with remote working and cloud security risks. A recent Gartner survey2 reports that 61% of organizations view cybersecurity as their top priority for new spending, with a further Gartner study3 reporting that 88% of boards now view cybersecurity as a business risk, rather than a technology risk. Communicating a return on…

Source…

2022 Cybersecurity Predictions Saket Modi, CEO and Co-Founde…

/in


(MENAFN– Mid-East.Info)

  • The First Phygital Catastrophe is Coming: A central mission-critical application will go down and create a ripple impact across businesses and for consumers around the world. For example, a hack on a major central system like an internet gateway, public cloud provider or a healthcare system like Epic will impact millions of people and we will see the physical ramifications in our everyday lives. Healthcare could be upended, businesses unable to provide digital services, flights cancelled, food and supplies not delivered and more.
  • The Consumerization of Cyberattacks Will Rise for Easier Wins: The attack perimeter is becoming more personal, and the consumerization of attacks will rapidly increase. For example, the last iOS update alone had 11 zero-day attacks. Hackers will amplify attacks on mobile apps and people. This issue will proliferate because as zero-day attacks are rising, consumer cyber awareness and the steps people need to take to protect themselves have not increased in tandem.
  • Cybersecurity and Data Science Fields Will Unite: Cybersecurity and data science have been disconnected fields that served two distinct purposes, but they will come together to help organizations better understand and proactively protect against increasing threats. The fields will collide and continue to grow together out of necessity, as application creation and enterprise data continue to explode and dramatically expand the attack surface.
  • Cyber Insurance Will be Mandated: In the next 12 months, the quantum of cyber insurance needed to protect against ransomware and other attacks will be mandated, at least in some geographic regions and industries. In a similar manner to requiring everyone to have auto liability insurance, high at-risk industries will be mandated to have a minimum level of cyber insurance. For example, companies may be required to have insurance to cover at least two percent of their annual turnover. In the next five years, almost all industries and geographic regions will mandate cyber insurance.
  • A Healthcare Cyber Regulator Will be Established: Healthcare continues to be the most targeted and…

Source…

Cyber Security Predictions 2019 – Threat Hunting

/in



2021 Cybersecurity Predictions: How Bright is Our Future?

/in


2021 is right around the corner.  A bit of online shopping season left, a set of major Winter holidays (in the Northern Hemisphere at least), then the new year.  After the, shall we say, challenges, of 2020, we can all hope it will be a better year overall.  This time of year is also when folks tend to make predictions about what we can expect going into the new year.  Folks in the security industry are no exception. Here are our cybersecurity predictions for 2021.

We have a byline up now over at Threatpost with some cybersecurity predictions: Cybersecurity Predictions For 2021: Robot Overlords No, Connected Car Hacks Yes.  It’s worth a read on its own.  But, while you’re here, let me sum it up.

Bad Guys Will Stay Bad

We really don’t expect cyberattacks to go away.  The fact is they will just grow more sophisticated over time and target a broader range of industries.  Their business models will probably expand to include even more of the compound attacks we’ve been seeing.  Attackers won’t just encrypt files to get a ransom.  They’ll add blackmail to the attack by threatening to expose the stolen data if they’re not paid, so even if we have backups the bad guys still make their money.  Or we suffer the loss.  Either way, it’s a win in their books.

We won’t see cyberattacks let up against healthcare or infrastructure, which will lead to someone dying as the direct result of a cyberattack.  Hopefully, crossing that line will lead to a more concerted effort by the international law enforcement community to address the issue.  But the challenge of State and State Sponsored actors will remain.

Cryptocurrency is gaining more traction in the financial world, but whether it takes hold or collapses is an open question.  Question or not, cybercriminals will continue to utilize it and we’ll continue to see cryptominer payloads as attackers leverage stolen compute in their effort to get something for nothing.  It seems likely someone will try and develop an ultralight miner that can run on IoT iron, trading raw compute power for myriad clients toiling away mining for virtual gold.

Ghosts in The Machines

IoT will continue to be a challenge is another of our…

Source…