Willy Sutton (an American bank robber listed on the FBI’s Ten Most Wanted Fugitives list, who stole an estimated $2 million over the course of his forty-year robbery career,) famously said that the reason he robbed banks was, “That’s where the money is.”
Five major trends will dominate cyber security next year, some are threat oriented while others are inward looking and focus on defensive measures.
Here they are…
Ransomware
Ransomware will continue to be the growth driver in cyber-crime and the reason is simple, it’s the shortest distance between investment and revenue for its perpetrators.
Unlike, identity theft, crypto-currency theft, or bank fraud, ransomware is a fast, cheap, and effective method of extracting fees from victims. But ransomware too is showing signs of maturity.
The rate of appearance of new ransomware families fell by half in 2019(1).
The reason for this is that the families that did appear were more sophisticated, harder to prevent, and contained better distribution mechanisms.
At the same time, the average ransomware demands have increased rapidly to $36,000 in the second quarter of 2019(2).
But this number really understates the risk as perpetrators have adopted a more sophisticated pricing model which charges larger organizations much higher ransoms to unlock their data.
Rivera Beach, FL, for example, had to pay $600,000 to unlock the city records encrypted by a ransomware gang while Korean hosting company Nayana paid $1 million to unlock 3,400 hosted websites(3).
Refusing to pay can cost even more as Norwegian aluminum maker Norsk Hydro learned when they spent $58m in the first half of 2019 to remediate the ransomware attack they experienced in March.
The company’s Q1 profit also fell 82% due to production downtime caused by the attack(4).
The implications for security professionals of these trends are clear.
The time has come to move from a strictly defensive posture vis-à-vis ransomware to a more offensive strategy focused on finding and fixing vulnerabilities that can be exploited by ransomware.
Automation and Orchestration
While many organizations (and security vendors) will continue to focus on developing and deploying new detection technologies, progressive enterprises will look for ways to better utilize the tools they already have in place.
(See how RiskSense can help you identify critical areas of IT risk in your organization. Courtesy of RiskSense and Youtube.)
In most cases this will involve automating and orchestrating common and repetitive remediation tasks to free up security analysts to focus on more sophisticated threats and vulnerabilities.
The battle cry from many CISOs in 2020 will be, “Stop giving me ‘actionable data’ and tell how we can take unattended actions that don’t require people.”
Container Security
Concern for container security will continue to increase significantly and with good reason.
With 90% of enterprises currently implementing containers(5), securing these assets is now a top priority.
While the prevention technologies like TwistLock, Aqua, and StackRox are important, the ability to map vulnerabilities to individual container assets (static and run-time), which has proven so valuable for securing other parts of the IT attack surface, is sorely lacking.
One of the leading security vulnerabilities that will need to be addressed in 2020 is that far too many containers are running with far too many privileges.
In these scenarios, if one container is compromised, an attack can quickly laterally across the enterprise IT infrastructure.
As an industry, we invested heavily on identity and access management at the user level, but have not done the same for container and cloud implementations.
Data Supply Chain
It’s no longer sufficient for an enterprise to simply lock down its own infrastructure, since every organization, large and small, relies on a patchwork of third parties for their data supply chain.
As such, organizations are not only responsible for protecting their own data but ensuring its security and integrity when used by “downstream” companies.
Several large data breaches this year did not involve the enterprises that collected the data, but rather their analytics service provider partners.
My belief is that this phenomenon will drive the majority of big enterprises to insist on data protection and security as part of their supplier contracts and demand transparency from vendors in terms of their security posture and defensive measures.
The Election
Next year we can expect to see a range of cyber attacks that will target the U.S. presidential election in much more sophisticated ways than the social media campaigns we experienced in 2016.
Several nation states have vested interests in influencing or disrupting the 2020 election and we are ill-prepared to defend against such foreign intervention.
One of the things to keep in mind is that from a data management perspective, the U.S. presidential election isn’t a single data collection and processing exercise.
It spans 50 different instances that are independently operated by different teams using different tools and security processes.
As it turns out, a bad actor does not have to compromise all 50 election systems to influence or disrupt the election.
The outcome of the election will be determined by results in a dozen or fewer swing states(6).
I expect we’ll see significant phishing activity targeting the offices of the Secretary of State and other election officials in these battleground states starting in the spring.
Their aim will be to establish undetected beachheads that can be exploited next fall.
About the Author:
Dr. Srinivas Mukkamala, co-founder and CEO of RiskSense, is a recognized expert on artificial intelligence (AI) and neural networks.
He was part of a think tank that collaborated with the U.S. Department of Defense and U.S. Intelligence Community to apply these concepts against cybersecurity problems.
Dr. Mukkamala was also a lead researcher for CACTUS (Computational Analysis of Cyber Terrorism against the U.S.) and holds a patent on Intelligent Agents for Distributed Intrusion Detection System and Method of Practicing.
Risksense Takes Gold in 2019 ‘ASTORS’ Homeland Security Awards Program
Risksense
-
Best Cyber Security Solution
-
Unified VRM
-
The cloud-based RiskSense Cyber Risk Mgmt platform uses machine learning driven risk-based scoring and analytics, combined with accelerated penetration testing to identify and prioritize critical vulnerabilities.
-
Risksense was also recognized in the 2018 ‘ASTORS’ Awards Program.
The 2019 ‘ASTORS’ Awards Program surpassed expectations with a record number of nominations received from industry leaders and government agencies, and drew over 200 attendees to the ‘ASTORS’ Awards Presentation Banquet – an exclusive gourmet luncheon and networking opportunity which filled to capacity, before having to turn away late registrants.
The event featured an impassioned and compelling keynote address by William J. Bratton, former police commissioner of the New York Police Department (NYPD) twice, the Boston Police Department (BPD), and former chief of the Los Angeles Police Department (LAPD), as he walked attendees through 50 years of American policing history, the impacts on the communities, and the evolution of critical communication capabilities in our post 9/11 landscape.
Commissioner Bratton, one of the world’s most respected and trusted experts on risk and security issues and Executive Chairman of Teneo Risk a global advisory firm, was recognized as the ‘2019 ‘ASTORS’ Person of the Year’ for his Lifetime of Dedication and Extraordinary Leadership in Homeland Security and Public Safety.
Why the 2019 ‘ASTORS’ Homeland Security Awards Program?
American Security Today’s comprehensive Annual Homeland Security Awards Program is organized to recognize the most distinguished vendors of physical, IT, port security, law enforcement, and first responders, in acknowledgment of their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’
Over 200 distinguished guests representing Federal, State and Local Governments, and Industry Leading Corporate Firms, gathered from across North America, Europe and the Middle East to be honored among their peers in their respective fields which included:
- The Drug Enforcement Administration (DEA)
- National Center for Missing and Exploited Children (NCMEC)
- United States Marine Corps
- The Federal Protective Service (FPS)
- Argonne National Laboratory (ANL)
- United States Postal Inspection Service
- DHS S&T
- United States Marshals Service (USMS)
- The Port Authority of New York & New Jersey Police (PAPD)
- The Department of Justice (DOJ)
- The New York State Division of Homeland Security & Emergency Services (NYS DHSES)
- United States Border Patrol
- AlertMedia, Ameristar Perimeter Security, Attivo Networks, Automatic Systems, Bellevue University, BriefCam, Canon U.S.A., CornellCookson, Drone Aviation, FLIR Systems, Hanwha Techwin, HID Global, IPVideo Corp., Konica Minolta Business Solutions, LenelS2, ManTech, Regroup Mass Notifications, SafeLogic, SolarWinds, Senstar, ShotSpotter, Smiths Detection, TCOM LP, Trackforce, Verint, and More!
Why American Security Today?
The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.
The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.
American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State and local levels of government as well as firms allied to government.
American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers eyes throughout the story with cutting edge editorial that provides solutions to their challenges.
Harness the Power of the Web – with our 100% Mobile Friendly Publications
The AST Digital Publications is distributed to over 75,000 qualified government and homeland security professionals in federal, state and local levels.
‘PROTECTING OUR NATION, ONE CITY AT A TIME’
AST Reaches both Private & Public Experts, essential to meeting these new challenges.
Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.
These experts are from Government at the federal, state and local level as well as from private firms allied to government.
AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.
AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.
Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.
To learn more about the 2019 ‘ASTORS’ Homeland Security Award Winners solutions, Be on the lookout for the 2019 ‘ASTORS’ Championship Edition Magazine – the Best Products of 2019 ‘A Year in Review’.
The ‘ASTORS’ Champion Edition is published annually in December and includes a review of programs, feature details on many of the winning firms, video interviews and more.
To learn about advertising opportunities with American Security Today, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.
RiskSense provides vulnerability management and prioritization to measure and control cybersecurity risk.
The cloud-based RiskSense platform uses a foundation of risk-based scoring, analytics, and technology-accelerated pen testing to identify critical security weaknesses with corresponding remediation action plans, dramatically improving security and IT team efficiency and effectiveness.
For more information, visit www.risksense.com or follow us on Twitter at @RiskSense.
Learn More…
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos
Subscribe to the AST Daily News Alert Here.
References:
(1) TrendMicro
(2) Coveware
(3) https://www.itgovernance.co.uk/blog/the-5-biggest-ransomware-pay-outs-of-all-time
(4) BBC & CNBC
(5) Portworx
(6) Colorado, Florida, Iowa, Michigan, Minnesota, Ohio, Nevada, New Hampshire, North Carolina, Pennsylvania, Virginia, Wisconsin