2020 predictions: Rising complexity of managing digital risk
Digital risk management experts at RSA Security have released their predictions for 2020, detailing key cyber trends for the year ahead. With contributions from President, Rohit Ghai and CTO, Dr. Zulfikar Ramzan – the predictions offer a steer to companies on emerging threats and highlight that cybersecurity issues remain the number one digital risk for organizations undergoing digital transformation.
“In 2019, across all verticals, cyber attack risk ranks as one of the top digital risk management priorities,” commented Rohit Ghai, President at RSA Security. “Don’t expect anything to change in the New Year. In fact, across both public and private sectors, organizations will continue to embrace digital transformation initiatives. On the risk register, cyber-attack risk will remain the leading business risk and inevitably, organizations will continue to struggle to gain visibility across a growing number of endpoints and a more dynamic workforce. Both will create gaps for potential exploitation.”
Some of the key trends that businesses need be aware of include:
Cybersecurity: A matter of safety
“There will be a shift in mindset from cybersecurity to “cyber safety” in 2020. Global events like the Summer Olympics in Japan or World Expo in Dubai are blending physical infrastructure with connected systems to deliver better user experiences,” comments Alaa Abdulnabi, Regional Vice President of META. “However, these events underscore a new reality: cyber is much more than just a data security issue. It will become a component of physical security, too.”
Expect to see a cyber incident at the edge next year
“The continued proliferation of IoT devices will make edge computing an essential component of enterprise IT infrastructure in 2020,” comments Rohit Ghai, President. “To power these systems, 5G will become a bedrock for organizations looking to speed up their IT operations. With this innovation and speed will come greater digital risk. A security incident in the New Year will serve as the wake-up call for organizations leaning into edge computing. It will remind them that threat visibility across is essential as their attack surface expands and the number of edge endpoints in their network multiplies.”
Breach accountability
“A high-profile case where an organizations is breached due to an API integration will create confusion over who is responsible for paying the GDPR fine,” comments Angel Grant, Director of Digital Risk Solutions. “This will spark conversations about regulatory accountability in a growing third-party ecosystem.”
The rise of cyber attacks in the crypto-sphere
“The security of cryptocurrencies rests on safeguarding users’ private keys, leaving the ‘keys to kingdom’ accessible to anyone who fails to adequately protect them,” comments Dr. Zulfikar Ramzan, CTO. “Cybercriminals usually follow the money, so expect that cryptocurrencies will be at or near the top of attacker’s wish lists in 2020.”
The API house of cards will start to tumble
“Many organizations have stitched together a fragile network of legacy systems via API connections to help better serve customers and improve efficiency,” comments Steve Schlarman, Director & Portfolio Strategist. “A security incident in the New Year will disrupt the patchwork of connections and it will lead to major outages. The event will serve as a call-to-action for security and risk teams to evaluate how their IT teams are patching systems together.”
The identity crisis will worsen
“Businesses are coming to realize that mismanaged credentials and passwords are often the weakest link in a security chain and identity compromise continues to be at the root of most cyber incidents,” comments Rohit Ghai, President. “Next year, we will see identity risk management become front and centre in cyber security programs as organizations adopt more and more cloud solutions; as workforces become more dynamic with gig workers and remote employees and as the number of identities associated with things or autonomous actors continues to dwarf the number of human actors on the network.”