Four Cybersecurity Trends For 2020

iStock-1013820642.jpg

A new decade brings new opportunities for organizations to ramp up their cybersecurity postures. From adopting automated security data analytics to creating C-suite security posts, forward-looking companies are investing more resources to fend off today’s increasingly sophisticated cyber-attackers.

Cyberattacks are becoming more targeted and costlier than ever to remediate. As a sign of the times, the FBI has softened its “never give in” stance on ransomware and conceded that, under some circumstances, organizations should pay a ransom for a decryption key.

Four Cybersecurity Trends to Consider Now

The best way forward is to improve defenses in the first place. For example, one critical housecleaning step is to address vulnerabilities related to Microsoft’s end of support for Windows 7 and Office 2020. At a more strategic level, develop a preventative strategy to identify threats before they jeopardize critical data and networks. Here are our top four trends to watch:

  1. Machine learning is assuming a growing role in cybersecurity solutions, and becoming essential for detecting threat patterns across your systems.

    Given the volume of data transmissions today, manually detecting data patterns across networks and systems can be difficult, if not impossible. Now, cybersecurity tools like Microsoft’s Windows Defender, IBM AI, Chronicle’s Backstory, Sqrrl, DarkTrace’s Enterprise Immune System and others are incorporating artificial intelligence (AI) and machine learning to rapidly sort through millions of files, uncover threats and mitigate damage before it occurs. A Capgemini survey found that 28% of organizations were using security products with embedded AI and another 30% were using proprietary AI algorithms in 2019—but almost two out of three will be employing AI in cybersecurity in 2020.

    By leveraging automation and machine learning, you can quickly detect suspicious patterns, such as malicious digital signatures across multiple systems, and draw actionable conclusions.

  2. Threat detection and response is becoming more difficult, requiring an integrated toolset. If you don’t have a proactive program, you’re behind.

    From reconfiguring code to invading from a new IP address, today’s hackers can change their methods on a dime and deftly bypass defense programs. No wonder 76% of cybersecurity professionals say that threat detection and response is more difficult today than it was two years ago, per ESG research. Given the increasingly obvious reality that reactive strategies alone are insufficient, our 2019 predictions included more focus on active detection response. Now we’re seeing even more interest in proactive threat detection and response.

    As the number of endpoints has grown, many organizations have deployed an array of disconnected point security solutions. Now, 66% of organizations in ESG’s research say that their threat detection and response effectiveness is limited because they’re using so many independent tools.

    What’s needed is a tightly integrated threat detection and response technology architecture. And, as discussed in #1, using machine learning to detect and respond to network abnormalities in real time across systems should be part of the picture. For instance, it’s possible to automate some end-user controls or automatically remove a machine from the network altogether if it has been compromised.

  3. The IoT and smart device explosion continues to challenge organizational data safety.

    Smart devices are transforming the way we work in incredible ways. Global adoption of 5G infrastructure will continue the rise in edge computing and connected IoT devices. Yet, many security teams are not aware of the full scope of devices connected to their infrastructure—and these unaccounted-for devices mean countless vulnerabilities. Hackers can enter connected devices to eavesdrop on network traffic or to launch larger attacks on the network and databases. You’ll need to adopt a proactive strategy for mitigating IoT risks. For example, Access control and network segmentation are common security defenses against IoT intrusions.

    Prevention-focused endpoint security is essential to staying ahead of attacks. With the right tools you can keep organizational data safe and compliant, while still providing users with the access they need to accomplish their tasks.

  4. Cybersecurity continues to rise in importance—to the point of becoming a standalone C-suite position.

    Protecting data has become a top-level, C-suite concern. Senior leaders recognize the growing costs of data breaches, malware, malicious intrusions and other cyber-threats. Many companies are moving security out of IT and into its own specialty area, creating CISO-level posts and CISO-CIO peer positions. At the same time, however, most enterprises are looking to maintain a strong security posture without hiring more specialists than they can afford. As a result, managed security-as-a-service solutions are gaining traction.

A Fresh Chance to Rethink Your Cybersecurity Strategy

Like any auspicious new beginning, this decade’s start is a chance to rethink cybersecurity. It’s time to do more than invest in the latest tools by building a fresh defensive strategy.

  • What are your organizational goals?

  • What data and applications are most critical to those organizational goals?

  • Do you have a testing protocol, so that your teams are rehearsed and ready to go for incident response?

By answering these and other questions, you can help defend your organization in 2020 and beyond. Contact a Burwood expert to jump-start your defensive cybersecurity strategy today.


 

February 28, 2020

 
Burwood Group

Burwood Group is an IT consulting and integration firm. We help forward-thinking leaders design, use, and manage technology to transform their business and improve outcomes.


Founded in 1997, Burwood Group is headquartered in Chicago, IL and maintains seven office locations across the U.S.

https://www.burwood.com
Previous
Previous

What is IT and Clinical Engineering Convergence?

Next
Next

Network Segmentation For Security and Compliance