What are the main cyber-threats for 2020 and how will the industry respond? According Forbes, we are likely to see more malicious activities like disrupting elections to targeted ransomware; plus a greater push for new privacy regulations and a rise of practices like developing deepfakes and the rise of malevolent AI.
How else will cybersecurity alter in 2020? To discover more, Digital Journal heard from members of the Nominet team. Nominet has run the .UK internet infrastructure for 20 years, developing an expertise in the Domain Name System (DNS) that now underpins sophisticated threat monitoring, detection, prevention and analytics that is used by governments and enterprises to mitigate cyber threats.
Redesign of Cyber Industry / Evolution of CISO roles
First, according to Stuart Reed – VP of Products: “In 2020 we will see the cyber industry redesigned in some key areas. Malware will undoubtedly evolve and ransomware will become more sophisticated, potentially even teaching businesses new ways to take payments and create customer service that encourages the victim to part with their money. £
Reed advises that the basis attacks will, however, continue: “That said, it will still be the simple attacks that cause the most damage, because organisations have a lot of work to do on ensuring they are utilising every layer of defence within their reach.”
Reed also predicts that businesses will undergo further internal restructuring to meet cyber-risks: “We’ll also see the role of the CISO redesigned in 2020, as the imbalance of their work-life worsens and the role needs to change to meet the demands of the modern cyberscape; for example becoming more of a strategic resource for the business on mitigating risk and facilitating business transformation safely.”
ML & AI enhanced cyber attacks
Second, Mark Burdett – Head of Product Delivery tells us that: “2020 will see machine learning and artificial intelligence used to create distributed and target malware and attacks. An attacker using machine learning algorithms can create a suite of botnets or worm-style malware that gathers data from multiple attempts to breach commercial sites, ultimately generating more sophisticated attacks that could be targeted at Critical National Infrastructure or Governments.”
Burdett warns that new threats are on the horizon, and these will be more sophisticated than anything that has gone before: “Using data from breaches, vulnerabilities, successful and failed attacks, the ‘next generation’ of malware can be created. It will make fewer obvious attacks but be more successful by using tactics proven to work. This would make pattern matching or DOS/brute-force security measures less and less useful.”
Such threats mean that businesses need to adopt new tactics: “Protecting against this style of attack requires analysis of network patterns, command and control, and a large-scale dataset of attacks to see these attempts happening across multiple sites and networks, rather than a single instance or victim.”
Security Considerations in Digital Transformation
Thirdly, we heard from Dave Polton – VP of Solutions, who looks at the impact upon DX initiatives: “In 2019 we’ve seen a number of digital transformation projects not fully meeting expectations. Consequently, in 2020 I expect to see a number of small but significant step changes in the way businesses approach digitalisation projects, particularly with regards to security. Focus will be on improving user experience and generating value from smaller more tangible projects.”
In terms of business strategy, he predicts “For cyber security, this will mean solutions that make day-to-day operations easier and that are proven to mitigate the impact of security incidents. As a result of this, in 2020, security teams will need to be looking to communicate the value they bring in terms of the bottom line.”
