The security of networks, technologies and data is a top concern for organizations and governments around the world and the cyber security market is now estimated to be worth $155.83 billion dollars. This is expected to skyrocket to more than $376.32 billion by 2029 as investment in cyber increases rapidly.
Without investing some resources into cyber security, organizations put themselves at risk of data breaches and attacks by cyber criminals. Prevention of attacks is essential but having measures in place to effectively limit damage caused is also necessary.
Not only does poor cybersecurity risk financial and reputational damage, many organizations have compliance standards they must comply with and risk legal ramifications if they fail to do so.
There are a number of trends that have emerged over the last couple of decades. Here we provide an overview of what these are and how they have come about:
Den Rise/Shutterstock.com
Evolution of the Internet of Things (IoT)
The Internet of Things (IoT) refers to technology devices that connect to the internet and share data, with popular examples including smart watches and voice assistants like the Google Home and Amazon Alexa.
In five years time, it is predicted that there could be more than 60 billion IoT devices in use around the world. As reliance on this tech increases, so does concern for their cyber security.
Most of these devices have small storage capacity, meaning that installing antivirus software isn’t always possible. Therefore, experts need to look at other ways to safeguard devices and reduce the attack surface.
Increased remote working
Photo by Glenn Taubenfeld on Unsplash
With more workers working remotely, either at home or in public spaces, data is at increased risk of being intercepted. Organizations now need to employ solutions such as Perimeter 81 to monitor and manage their networks.
Segmenting networks is a good way to prevent lateral movement through the network in the event of an attack. Solutions that allow network security teams to monitor and audit devices remotely and all in one platform are gaining popularity.
Taking a zero-trust approach to network access is now the expected standard for organizations across a range of industries and they need the resources to manage this remotely.
More use of artificial intelligence
Artificial intelligence or AI has a huge number of applications in the modern day, from self-driving cars and chatbots to automated investing and social media monitoring. Recently, the use of AI has become popular within the cyber security sector.
When used within security infrastructure it has the ability to save organizations money. In fact, in 2020 organizations that used AI solutions in their response to a data breach saved themselves an average of $3.58 million dollars.
AI can be used to automatically detect threats, as a security face detection tool and even to analyze the amount of risk data has within a network. AI can minimize an organization’s need for a large security team as it can replace takes that once required a human present.
However, there is also the risk that cyber criminals can utilize their own artificial intelligence to launch sophisticated cyber attacks. Security experts are working on ways to tackle this as knowledge of these types of threats grows.
State-sponsored cyber warfare
A few decades ago cyber warfare was not even on the radar of security threats for many governments. However, in recent years the impact of state-sponsored hackers on elections has been a highly talked about topic in the media.
In times of war, the risk of data breaches releasing governments’ sensitive information and state secrets is a challenge that state security agencies around the world are trying to tackle.
Attacks from hackers in China, Russia and other countries are believed to have been state sponsored in the last few months, heightening political tensions between these countries.
Rise of insider threats
Organizations do not need to only look out for outside threats but also the actions of their employees. It is estimated that nearly 35 percent of data breaches are as a result of employee error or malpractice.
Most organizations now provide some form of cybersecurity training to their workforce to help prevent human error and encourage staff to speak up if they have made a mistake (such as responding to a phishing email) that might put the company at risk.
Zero trust access is one way that organizations can reduce the risks caused by insider threats.
Social engineering attacks
In relation to this, social engineering attacks appear to be getting more sophisticated. SMS phishing is becoming more of a problem with attackers using platforms like WhatsApp, IMessage and Slack to mislead users into downloading malware onto their devices.
Voice phishing or vishing is another new cybersecurity threat with hackers pretending to be IT support to trick staff into providing them access to parts of the network that they can exploit.
