Here are 7 of the most important cyber security trends you need to watch out for in 2018
Since the dawn of the digital age cyber security has been of concern, but only recently has it become something that can cause widespread panic. The recent spate of high-profile attacks on big businesses and governmental organisations have thrust cyber crime, and all its weaknesses, into the limelight, for businesses and the public alike. Cyber security is now a major worry for everyone. And quite rightly so…
From the NHS WannaCry attacks to the Equifax breach, businesses are accepting their own vulnerability and wising up to the threat of cyber crime. But the question on everyone’s lips is ‘What’s going to happen next?’
The short answer is more of the same. But there are a few stand out trends you can expect to see coming to the fore in 2018. Here are the top 7 trends you can expect to see in cyber security next year.
More people-focused security strategies
With 3.8bn internet users in 2017, and that number expected to grow to 6bn by 2020, cyber crime that takes advantage of human weakness will continue to rise.
To counteract the threat, businesses will need to put the focus on people and training. Companies will need to create plans that go through best practice processes to protect companies from insider threats, as well as cut down on the time spent investigating attacks and responding. One of the key problems with human error related cyber incidents is that people are blamed for making the mistakes, and this will need to shift in the future to ensure employees report issues quickly and effectively, without fear of retribution.
Take a look at our article on why your staff can be your strongest asset when it comes to your business cyber security.
Cloud security is the key
Cloud adoption is growing. In fact, 78% of small businesses expected to be fully reliant on the cloud by 2020. With more companies utilising the cloud, more problems with security and attacks are likely to crop up.
Companies utilising traditional IT systems and processes will struggle with modern cloud services, which will impact on their levels of security visibility and control. The demand for IT to make the switch to cloud services is growing and so security controls need to be enhanced to ensure continuous monitoring, management of vulnerabilities, and compliance monitoring. To counteract the potential problems, businesses will need to choose trustworthy providers, as well as develop guidelines for use and strategies in case security breaches do occur.
Have a quick look at our post on how to stay safe in the cloud with the right security.
GDPR impacts small business IT and data systems
The start of 2018 is likely to begin with a rush of companies frantically trying to get their data in order for the GDPR. Data collection, storage, handling, manipulation, and reporting is going to change, in some cases completely and irrevocably. Business may have been slow on the uptake, not quite understanding the amount of work that was involved.
Under the GDPR, if businesses hold and process any information about clients, suppliers and/or employees, you are legally obliged to protect that information using different IT processes and systems; some of which will be new and unfamiliar to many small companies. If they don't, businesses could find themselves in trouble with the Information Commissioner’s Office, and data breaches have the potential to cost a lot of money.
Just before the deadline, there will be a flurry of activity to ensure businesses are on the right side of the law.
For more information, read our guide to the GDPR for small business.
The threat of unsecured IoT grows
With a rising number of connected devices finding their way into homes and businesses, related security vulnerabilities will become even more of an issue. IoT electronics are constantly being found to have loopholes and openings for hackers to infiltrate and steal information. With Gartner reporting that by 2020 25% of identified business attacks will involve IoT, it is a technology ripe for hacking.
With IoT devices, your network could be open to exploitation if not adequately protected. Plus, when a device is synced with other electronics the data on those machines can be compromised too.
Businesses will need to look at the IoT devices they have, analyse the risk, and evaluate how prepared they are. Weak passwords, poor encryption implementation, and inadequate patching will put businesses at unnecessary risk from this threat.
Take a bit of time to read our post on how to improve your network security in 5 easy steps.
New and returning sources of malicious threats
The proliferation of ransomware will continue, as hackers find new and easier ways to infiltrate systems and cash in on the fear of data loss. However, there will also be a number of different sources of cyber attacks coming into the mix. Worms are expected to make a 2018 reappearance, for example, but the growth of malicious mining is of particular concern to many.
The process of gaining crypto coins from long, complex calculations, mining is a popular form of cyber crime. In fact, over the first 8 months of 2017, Kaspersky noted that it protected 1.65m users from what they call malicious miners, and they expect this figure to grow to 2m by the end of the year. In 2018, web mining is expected to become even more popular as it is now commonly implemented directly in a browser. This means that a user can be drawn into a mining scheme just by visiting a website and downloading something containing a secret script. A computer’s processor and power resources will then be used to mine without the individual’s knowledge. This could have a major impact on a business if a miner is able to infiltrate company computers and use them to fill their own crypto wallet.
Find out more about how to build your cyber resilience with our tips and tricks to strengthen your business security.
Outsourcing of security services
The shortage of IT professionals who have security expertise is likely to grow in 2018, and organisations are expected to struggle to get enough in-house help to address the challenges.
Overall, IT departments are stretched thin right now, with multiple industries cutting back on the amount of IT staff they currently hire. In a poll of over 900 IT leaders conducted by Fuze, it was found that 92% of IT departments are under pressure to reduce expenditure. Because of this, 2018 will see small businesses looking to external vendors and managed IT support providers as they realise it’s not just big businesses that are being targeted by cyber criminals.
Outsourced support can help businesses increase their time and resources. In fact, in a study by Markets and Markets in 2016, managed IT services providers were also found to cut costs by as much as 40%, while also doubling efficiency.
For more information on how managed IT support can help protect your business take a look at our article.
The rise of social engineering
Social engineering will continue to proliferate due to the lack of knowledge and awareness, and the potential for cyber criminals in this the area. In particular, social network hacking is one of the largest growing areas and is expected to continue to grow in 2018. This type of hacking uses trust (such as having a lot of followers on social media channels) to fool individuals into parting with precious data.
According to Proofpoint, one large area of growth in 2016 has been social media fraudulent support account phishing, which increased 150% in 2015. This type of attack is when a hacker creates a lookalike social-media account posing as the customer-service account of a trusted brand. When someone tweets to a company looking for help, the attacker pounces. Victims are then often directed to real-looking landing pages and tricked into handing over their account credentials.
To combat the increasing threats, businesses will need to deploy strong social media security solutions that scan networks and report any fraudulent activity quickly and effectively.