itb-nz logo
Story image

Two top execs’ predictions for cybersecurity in 2019

01 Jan 2019

Executives from the local branches of major security vendors One Identity and Secureworks have released their predictions for some of the major enterprise technology trends for this year.

Unsurprisingly, security makes up the majority of these trends as the coming year is sure to bring new and possibly unexpected threats across the evolving IT landscape.

Staying protected

Data continues to take centre-stage in the efforts to remain safe, secure and compliant as the worldwide explosion of legislation.

“In 2018 Australian businesses saw the implementation of Mandatory Data Breach Notification legislation which has shed light on which industries are struggling to keep Australian’s data safe,” says One Identity APJ technology and strategy regional manager Serkan Cetin.

“In 2019 businesses will start to see organisations adopt more secure measures like multi-factor authorisation in order to prove they are taking security seriously.”

The old adage that knowing is half the battle rings true as organisations will need to make choices about where to focus their cybersecurity efforts.

“If Australia plans on effectively growing the cybersecurity sector in 2019, businesses must apply a risk-based approach to security,” says Secureworks senior security researcher Alex Tilley.

“IT teams must understand what data is of value to their business and evaluate threats and risks to that data, prevent what attacks can be prevented, detect what attacks cannot directly be prevented, predict hackers next moves, and be prepared to respond efficiently and effectively.”

Types of attacks

Government will continue to be an area of opportunity for those providing sales and services into the cybersecurity market as nations collect more and deeper data on their citizens.

“Crime and state-based attacks for intelligence or military aims have been staggeringly successful in 2018 and we expect the evolutionary growth in tools, techniques and procedures of all types of attackers to continue into 2019 as success breeds boldness. Over the next year, expect to see more nation-state attacks focused on disruption,” Tilley says.

However, organisations will certainly not be immune as that necessary evil, email continues to be a major area of vulnerability.

“In 2019, ‘business email compromise’ (BEC) tactics will continue to be successful against companies that don’t have fundamental security controls in place. Multi-factor authentication on internet-accessible email accounts, user awareness education on phishing, endpoint controls to detect malware running on machines, and log monitoring to detect anomalous login activity on accounts are all vital to creating a strong security platform,” Tilley adds.

And we haven’t yet seen the last of ransomware.

“Throughout the next year, ransomware tools will continue to gradually evolve. This will result in further criminal success and more mounted attacks involving compromise, long-term lateral movement and device discovery inside the victim network,” says Tilley.

Privileged Access Management

The sci-fi world of biometrics is well on its way to the mainstream as unique identifiers become more vital to keeping an organisation secure.

“Biometric authentication will become more widespread to secure access and satisfy multi-factor authentication needs,” says Cetin.

"Besides the physical biometric solutions, such as fingerprints and face detection, more emphasis will be put into analysing users behaviour for identification. Those enterprises that need to meet the highest security standards, for instance, the finance sector, complement their security analytics with behavioural biometrics capabilities that help analyse their privileged users' activities.

“How an individual types on a keyboard, their reaction time or how they use systems and consume the services provided will be a more prevalent part of the identification of the most important users to secure their access to sensitive data.”

Will we finally see the backside of those pesky, immemorable, eminently hackable words and phrases we rely on to secure our closest secrets?

“2019 will move us one step closer to a password-free future as technology companies lead the charge to develop new ways to securely authenticate individuals,” Cetin posits.

“More companies will embrace FIDO2, which has recently been approved for use. In 2019, expect more tokens, laptops and more websites to build FIDO2 capabilities into their authentication workflows. While the password may still be around in 2019, its days will be numbered.”

Cybersecurity skills

The cybersecurity skills shortage may finally be addressed, especially as the human aspect of security is becoming recognised as imperative to a secure organisation.

“In 2019 businesses will need to Identify talented staff in non-security roles and spend money on upskilling and training them for security roles,” says Tilley.

“Businesses will need to seek interested staff who can gain experience through mentorship programmes. This combined with “real world” activities given to security graduates can help to somewhat narrow the skill gap facing Australian businesses.”

Story image
Cybercriminals are leveraging AI for malicious use
"At a time where the public is getting increasingly concerned about the possible misuse of AI, we have to be transparent about the threats."More
Story image
Advanced Threat Protection from Fortinet: Prevent, detect and mitigate
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, explains why zero-day threats represent an unacceptable risk to your enterprise and how to protect your network by adopting Advanced Threat Protection security services.More
Story image
Data mastery the difference between success and failure, report finds
"A mindset change is needed - leaders must accept and embrace an agile culture of experimentation if they are to achieve data activation.”More
Story image
Webinar: TLC for Kids on their usage of Nintex Drawloop DocGen
The charity is using the software to free up resources and enable its team to focus on its mission — which, simply put, is to put smiles back on sick kids’ faces. It does this through its TLC Ambulance, Rapid TLC, and distraction box programs, and its services are used over a million times each year across Australia.More
Story image
Samsung extends partnership with Google, joins Android Enterprise Recommended programme
Samsung’s participation in the programme gives customers added assurance that its participating products meet the hardware and software requirements set out by Google for the enterprise.More
Story image
COVID-19 creating increased global demand for NZ’s digital businesses
Activity is picking up for many Kiwi software and digital businesses as demand increases for digital and cloud-based service offerings.More