Top 8 2018 Cyber Security Trends & How to Respond
Cyber Criminals are not standing still and 2018 is rolling. What are you doing to move the ball forward in response to 2018 cyber security trends and the resulting threats? 2018 cyber security threats require an appropriate response on how to deal with insecure IoTs, Crime-as-a-Service, AI driven attacks, creeping regulations and securing systems and data as it moves to the cloud.
Attacks that worked in 2017 are being repurposed to new devious objectives like mining crypto currency using your servers and PCs. Social engineering continues to be an open door to attackers as they exploit your employees lack of training providing a means to financial fraud, and login access to your data.
2018’s Top Cyber Security Trends
- Ransomware continues to grow as an attack method
- Crime-as-a-Service makes creating attacks easy and cost effective for criminals. Successful ROI for these attacks means more attacks in 2018 using even more targeted messaging.
- Attacks on the IoT insecure ecosystem
- Using IoTs to drive DDoS attacks, zombie attacks from IoTs, and taking down corporate IoT devices should be expected in 2018. IoT devices come from many vendors and are frequently insecure and hard to monitor and control by companies. IoT devices, mobile Apps, and IoT cloud service providers are all points of vulnerability.
- Social Engineering Attacks
- AI will be increasingly weaponized by cybercriminals to customize and target social attacks against users
- Use of AI based security to protect and detect is increasing. In 2018 expect AI to be used to bypass your AI defenses and to create more focused phishing, customized malware and attack methods. Now we need AI to fight AI… the battle of the machines.
- Business Email Compromises (BEC)
- Phishing is still a top cyber security threat. New innovative (AI based) phishing messaging and targeting techniques make these inexpensive attacks more successful than ever.
- Business Process Compromises (BPC)
- Compromises of corporate business processes for financial gain using social engineering knowledge continues to power exploits like CEO Fraud.
- “Regulation Level” Security Begins to Impact All Companies
- 1) Regulations trickle down to all size companies as partners and customers require companies to comply with NIST, HIPAA, GDPR, etc.
- 2) New all-encompassing regulations (GDPR) impact ALL companies… elevating regulation level security to be a requirement ultimately for all companies. The U.S. is next.
- 3) Boards of Directors drive regulation level security to protect corporate assets.
- 4) Supply chains increasingly believed to be a security weak link.
- Hijacking Computers. Hijacking servers, web servers and computers to mine cryptocurrency (Crypto-jacking), to generate advertising cash, to use as phishing sites, or as zombies increases as a security problem.
- Insecure Access Control – ID Hijacking
- Passwords are insecure and poorly controlled
- IoT Devices often have default password after deployment
- The move of Apps to the cloud makes secure access control even more important
- Most companies are moving to Multi-factor authentication
- Phone based (Soft tokens, text)
- Automatic Adaptive authentication used by Web portals such as financial, HR, etc
- People (Employees) are still likely your weakest link. Most security is designed to try to prevent outside breaches. Yet, employees are a big risk for companies especially when they are not properly trained on how to deal with cyber security threats. Rampant use of social media is increasingly making corporate information available on the web.
- Other people in partners, consultants, suppliers, customers also can be serious threats to your security
- Cloud Data Center and Cloud Application Security.
- Breaches of cloud infrastructures is likely to be a big negative surprise to many companies in 2018. As more and more of our infrastructure moves to trusted 3rd party providers who host our systems and data in the cloud, can we expect adequate security without taking personal responsibility for our data?
2018 Cyber Security Trends Response Checklist
Your response to 2018’s cyber security trends should include the following cyber security solution areas.
- Independent Risk Assessments. A complete look at your goals, security controls, and needs can reveal the best way to utilize your budget. Over-spending on one area and ignoring another key area can result in exploits of the “weakest link”. Companies that ignore areas like employee training, SIEMs, advanced malware solutions or multi-factor authentication feel secure, but are setting themselves up for some type of security breach.
- Employee training is key. Having great security tools can’t negate employee risks from being improperly trained.
- Gateway security. Advanced email security, web security, and firewalls are needed to protect against malware, phishing, and hackers. Integrated Next-Gen solutions are recommended.
- AI machine learning cyber security. AI based network and endpoint security is an important addition to your traditional security. Just know that this security alone is not sufficient by itself and the hackers are using AI to attack holes in your security.
- Multi-factor authentication. Both human process authentication and MFA digital security solutions are required to combat credential theft, CEO fraud and phishing attacks.
- Integrated intelligence. Solutions that integrate information from endpoints, networks, real-time security data feeds is important to correlate and analyze information looking for indications of compromise. Solutions include APT, SIEM, Threat feeds, and AI data collectors.
- Backup and Disaster Recovery (BDR). A good backup that can instantly recover your servers and data makes up for a lot of other sins. Onsite, offsite, data, systems, and frequent testing are all key elements of a good BDR policy.
- Cloud Security Solutions. Data center and cloud application security needs to be treated as seriously as firewalls and endpoint security. These are potentially weak spots and can result in lost, compromised or corrupted data, websites, or servers.