When it comes to cybersecurity, staying ahead of threats – rather than reacting to them – is critical. In a constantly evolving threat landscape, plugging holes – or designing one’s security posture for yesterday’s threats – just isn’t enough anymore. A new year is almost upon us, and with it comes new threats and trends, specifically in the world of cybersecurity. We’ve put together our top 5 cybersecurity predictions for 2020, with a view to helping ensure you stay ahead of threats.
1. Ransomware is set to cause even more sleepless nights
- Ransomware is getting more sophisticated.
- It is evading even the most advanced email security solutions.
- With more devastating consequences.
Ransomware attacks are now able to penetrate even the most sophisticated email security solutions with increased sophistication and automation, especially when it comes to the creation of Trojan variations. What’s more, current security solutions start detecting ransomware attacks only hours after they are released, which is often more than enough time for the damage to be done.
An example of this is Emotet. One of the factors that makes Emotet so successful is that it utilizes a specific shortlist of targets, so reputation services will take more time to detect it. These attacks are also changing IOCs constantly, so even the smartest signatures, IDS and other traditional solutions won’t be able to detect it quickly enough.
As we see it, these attacks occur in cycles, roughly every other week. The attackers develop a new sample base, that contains new obfuscation and evasion techniques. They then create permutations of these samples and distribute them. Security vendors must play catch up, while the attackers develop a new base for the samples.
2. The risk associated with phishing attacks will be security executives’ top concern
- We hear it all of the time. Security professionals from across the board are looking for solutions to solve the growing risk of phishing attacks.
- A year ago, malware was generally perceived to be the greatest threat facing businesses. As we approach 2020, phishing attacks are the main concern.
Today, most organizations looking to enhance their email security are driven by the need to block phishing attacks. Phishing attacks are becoming more sophisticated and even the most dedicated professionals can’t detect all of them. Phishing kits, available on the dark web, along with lists of compromised credentials for targeted attacks, mean that the volume and sophistication of phishing attacks will increase, too.
What’s more, the consequences of a phishing attack have become more severe. Data breaches, financial fraud, and other consequences of a phishing attack can have dire consequences for organizations of all sizes. To gain some perspective, according to Verizon 2019 DBIR, phishing is the number one cause for data breaches.
There is a real need for technologies that can detect and block these types of attacks, especially when sent via email.
3. The urgency of detecting threats immediately will rise
- Once a threat is delivered, the clock starts ticking.
- It takes hours for data-driven security solutions to detect never-before-seen threats.
- This is the most dangerous phase of attacks.
- Organizations are going to be increasingly less tolerant of this latency period.
The timeframe in which attacks have the most devastating impact on their victims is from the moment the malicious payload is released, until detection by security solutions. Since it often takes a few hours (or sometimes much longer) for even the most sophisticated security solutions to detect new, never-before-seen attacks, the risk within the first few hours is massive.
Organizations and security professionals have begun to acknowledge this and are expected to see it as a key challenge in 2020.
4. Enterprise collaboration platforms will become more popular as attack vectors
- Platforms such as cloud drives and instant messengers will be increasingly leveraged by attackers.
- These enterprise collaboration platforms are often immediately trusted by users – a fact attackers will take advantage of.
The usage of collaboration services is exploding. Users are increasingly collaborating using tools like Microsoft’s OneDrive, Google Drive, and others. While this is great for productivity, it poses a unique challenge for security professionals.
These services are under constant attack – with increased frequency, sophistication and evasiveness. With new channels come new attack vectors, which also means that the risks and potential damage that can be caused keep growing.
5. Breach and attack simulation vendors will expand their solutions to various channels and attack vectors
- According to Gartner, the majority of threats still begin in the email channel.
- Email delivery is involved in 94% of malware detection, causing losses of over $1.2 billion USD in 2018.
- Breach and Attack Simulation (BAS) tools test a network’s defenses by simulating cyberattacks, but BAS for email is not yet mainstream.
BAS vendors are expected to expand their solutions to the entire kill chain providing a more comprehensive solution to their customers. Since email is a popular attack vector, they are likely to also start covering email as part of their BAS solutions.
Cybersecurity predictions for 2020: Challenges ahead
Productivity tools, including email, that have enabled increased speed, efficiency and collaboration also mean increased risk and vulnerabilities for security teams. Whether that’s ransomware, phishing, or leveraging popular collaboration platforms in other ways, keeping users and organizations protected is what we’re all focused on.
While products are being offered to protect against these threats, attackers are constantly innovating to get around security techniques.
What’s clear is that what worked in 2019 cannot be automatically relied upon to keep an organization secure in 2020. Never has the role of the cybersecurity professional been more critical. We’re set for an exciting year ahead: new threats, new challenges, and an increasingly connected world that needs our help to stay protected.