Cybersecurity in 2019: What do we expect and what is waiting for us?
2018 is already named “a year of great tech scandals”. Try to find one industry not involved in some cybersecurity related titles, or just count the number of top-brands who suffered from internal or external attack, breach, regulatory violation, and so on. Hundreds of millions customer data records breached (to be honest – several dozen billions.) Marriott, Uber, Facebook, Dell, Under Armour, Google – and hundreds of other well-know and beloved companies are not happy now with this year results, both financial and reputational because of cybersecurity incidents.
What should we expect in 2019? What topics will be the hottest? Which trends will be under discussion and will cause biggest projects or losses?
One of the most popular and influential game changers of 2018, for sure, will continue its “journey” to the next year. Of course, we are talking about GDPR. New EU regulation caused unprecedented hype and debates. There are still too many unclear statements and requirements, which do not have practical cases till now. So, prepare for the new “victims” of EU data protection regulation.
Interesting, that European Parliament, the Council and Commission have reached a political agreement on the one more document – Cybersecurity Act – recently. This Act will regulate not only data protection. It will be new and obligatory framework and certification requirement for any online service and consumer device in EU. This step is the result of the next trend development and growth – Internet of Things (IoT) security. This industry growth is tremendous and security issues and controls are forgotten often by the inventors, developers and manufacturers. So, setting up necessary security level for IoT world will be also one of the most painful and same time important trends.
The third emerging trend is artificial intelligence (AI). AI in security, security of AI and security from AI. First one (“in”) is the beginning of security tools new era assigned to react to intelligent attacks, because black hackers already use AI modules. Second (“of”) is needs in security framework for AI applications and tools developed. And third (“from”) – is mostly regulatory work to create set of rules (like in Azimov’s books) to defend humanity from possible ethical or technical problems in future.
And last, but not the least, trend is Zero Trust Model, which got in 2018 new eXtended addon. This approach means that there is no trusted internal network and environment, as it was before. In this model neither individuals nor technologies inside the company and its network are trustworthy anymore. Total security from outside and inside will be the new approach as a result of last year internal attacks and risks. Such model will, likely, decrease insider risks for the enterprises. But, on the other hand, it can cause business flexibility loss, so companies will face new difficulties added to the personal data management brought with GDPR.
To make a long story short, we are on the threshold of security world splitting. From enterprise level to individual level. From country level to every (smart) house level. From big database to personal data record level. And all of us, corporate and personal, should follow the trend. And predict, prevent, track and react to any event!