• IoT is to keep on being a problem to be solved

According to Guy Rosefelt, product management director for threat intelligence and web security at NSFocus, as quoted by Silicon Republic, Internet of Things may be efficient, yet it will continue being a source of vulnerability for enterprises and consumers, respectively.

Gary McGraw, vice-president of security technology at Synopsys, addressed that IoT still remains a 'security disaster waiting to happen'. Therefore, the IT systems in companies should be carefully examined.

  • Phishing gets personal

As stated by Asaf Cidon, vice-president of email security at Barracuda Networks, hacking and account take over is one of the most dangerous threats in the cyber security industry nowadays. He added that attackers will be tailoring email attacks to each individual target.

  • Multi-factor authentication will grow in popularity

Since many are those that have become aware of the value of their personal information, multi-factor authentication has become a challenge. Stacy Stubblefield, co-founder of secure communications platform TeleSign noted that increased collaboration between mobile network operators and online businesses will boost adoption. This data will be used to augment multi-factor authentication.

  • AI cyber attacks are a real possibility

AI is an everyday feature, thus it is convenient for cyber criminals to examine its vulnerability. Jason Hart, CTO of data protection at Gemalto, believes that an AI-augmented attack will be a real threat.

He quoted that by creating a new breed of AI-powered malware, hackers will infect an organisation’s system using the malware and sit undetected, gathering information about users’ behaviours and organisations’ systems.

  • Data regulation goes global

As the first anniversary of GDPR is getting closer, many are the countries preparing to examine their data privacy. Specifically, as published in Silicon Republic, the California Consumer Privacy Act 2018 will pave the way for similar legislation this year, while there are other changes afoot in Canadaand Brazil.

  • IIoT under threat

The threat is also focused on Industrial IoT. According to Forcepoint, in 2019, attackers will break into industrial IoT devices by attacking the underlying cloud infrastructure. This target is more desirable for an attacker – access to the underlying systems of these multi-tenanted, multi-customer environments represents a much bigger payday.

Targets include human-machine interfaces, industrial control systems and distributed control systems.

  • Cyber-criminals aim at the cloud

Jason Hart commented on this matter, stating that a new role of cloud migration security specialist will be a key part of large IT teams. Security-wise, continuous moderation with the help of automation can help teams.

Customer misconfiguration, mismanaged credentials or insider theft are the likely risks present – not so much provider vulnerabilities. Cloud hygiene will only grow in importance over the next 12 months, particularly in avoiding devastating data breaches.

  • C-levels wake up to cyber-risk

According to an IBM study, the average global cost of a data breach is close to $4m – and this is before you take reputational damage into account.

  • Software vulnerabilities set to be exploited

In an everyday enterprise, there is usually an array of software systems in use, from messaging to emails and productivity trackers. McGraw supports that this is where industries will face crucial challenges during 2019.