Last year was a disaster in terms of the number of data breaches. A study produced by the nonprofit Identity Theft Resource Center rounded up 1,473 reported data breaches by the end of 2019 – a staggering 17% more than 2018.
While the analysis notes that the actual number of data exposed were considerably less than 2018, it’s still proof of the increasing insecurity of deployed IT systems. Experts note that systems today have become a battleground for securing critical data and that there’s an arms race centered around patching up cyber security vulnerabilities. A key factor in this competition is the continuing gap between cybersecurity professionals and the increasing attacks on organizations. In their industry outlook, Maryville University notes that there were around three million cybersecurity positions left unfilled last year. This puts undue pressure on organizations to overly rely on multiple vendors for their cybersecurity needs.
As more organizations continue to complete their digital transformation, it’s imperative businesses keep up with the growing complexity of today’s cybersecurity landscape. Here are the top cybersecurity threats you should be on the lookout for in 2020, according to experts:
Last year saw the re-emergence of phishing tactics that prey on unknowing individuals and organizations to steal user data by obtaining their passwords. One of the most recent examples was the Lancaster University breach where over 13,000 undergraduate students’ data were leaked. While university officials note that the attacks only affected a small amount of data, it still shows how these tactics are still effective against institutions like universities and colleges. Even users of office tools under Microsoft 365 were targeted by phishing last year.
Trust has become taboo in the cybersecurity space as hackers continue to focus on third-party vendors who have access to more data. Bigger organizations engage with at least 80 to 150 third-party vendors with varying degrees of access and volumes of data from businesses. With stories like the AMCA and IRS breach hitting the headlines, businesses are eager to implement more stringent security policies in their software supply chain. However, research from the American University highlights that businesses who experience data loss from third-party vulnerabilities tend to underinvest in cybersecurity. The study recommends that companies have to create stronger protocols and regularly review Service Level Agreements to ensure their cybersecurity supply chain is secure.
Automated attacks that make use of AI are a new and increasingly real concern according to a CNBC report on cybersecurity. The chief security officer at cyber intelligence company IntSights says these are “a major risk to the global economy,” since multiple and repeated attacks are resource-intensive and difficult to mitigate.
Experts are also increasingly concerned about the rise of state-backed attacks in recent years. In fact, some say it’s the most dramatic development in the cybersecurity space. While major superpowers are quick to throw accusations at each other, last year also saw attacks from developing countries beefing up their capabilities. As geopolitical tensions continue to increase, experts predict that these nation-backed forms of cyber warfare will remain a part of the global security landscape of 2020.
Lastly, credential stuffing will likely be a huge impediment for organizations in securing their data in the coming months. With the spillover of the attacks from last year and the amount of personal data now publicly available, it will be easy for hackers to continue to leverage them to gain more access. Whether it’s your policies for network security or BYOD rules, your organization needs to tick all the boxes when it comes to making sure your data is safe against these threats.