By Tyler Moffitt, Security Analyst at Webroot, a Carbonite company

Building a Cyber Resilient Plan to Combat Security Threats in 2020

As we move into a new year, the amount of data we create and consume will continue to be top of mind for businesses. Over the past few years, we have seen technology continually evolve with digital transformation and innovation ingrained in every organization. But as we aim to advance our businesses, we need to be well aware of the potential threats we'll have to face and how we can strike a balance between innovation, security, and convenience.

In 2020, there will be a greater emphasis on securing organizations and staying resilient in the face of the ever-worsening threat landscape. Companies will need to build a cyber resiliency plan that encompasses all areas, from endpoints to the cloud. By looking back at past trends, companies can start to plan and prepare for what is next, including these three main areas: AI and ML's role in cybersecurity, the adoption of cyber insurance for protection against regulatory infractions and other attacks and a better understanding of vulnerabilities.

• Expect the inevitable and plan for the worst: Threats and vulnerable targets

In 2019, we saw how different attacks including unauthorized access to system resources, disruption of operations that cause downtime and great business costs, were featured in the news every day. We also bore witness to staggering numbers such as 95% of malware being unique to a single machine. In the coming year, these concerns will grow exponentially.

We will see cybercriminals targeting more SMBs, the public sector, education and healthcare organizations because they share some of the same vulnerabilities: low budgets as well as being understaffed and under educated on their attack surface. These targets are also vulnerable because of the sensitive data they hold.

We also expect ransomware to continue evolving in two different directions. In one front we will have less sophisticated actors attempting to mimic the tactics used by larger, more successful operations. While on the other side, highly targeted ransomware attacks will continue. Ransom-motivated attackers will more pointedly observe automatic backup solutions and make attempts to remove and alter the backup data or the task itself.

Threats will expand as phishing becomes further targeted as data collected from breaches is incorporated into the phishing email. Items like passwords and recent transactions can go a long way in convincing people the email is legitimate.

• Jumping into the AI/ML reality

AI and ML have reached an unprecedented level of hype in the security industry, and cybercriminals are not far behind in using this technology as well. As we see more AI experimentation, there will be an increase in scale of attacks in 2020.

Adverse attacks against AI-based security products will grow in scope and complexity. There will be a bifurcation in AI providers highlighting which systems are vulnerable to sophisticated attackers. It will become clear that there are fundamentally two types of AI in cybersecurity - one that acts like a smarter conventional signature and another that is built into every facet of an intelligent, cloud-based platform capable of cross-referencing and defending itself against adversarial attacks.

After the hype of AI virtues and unverified claims wears off, we will start to see tangible gains made in security by those who are using the technology in pragmatic approaches to solving security problems. They will effectively combine humans, to unravel unseen new threats and create defenses, and AI/ML to automate real-time detection of threats at electronic speeds and volumes

• Cyber insurance raising in time of uncertainties

Cyber-attacks and ransomware are causing a number of headaches for businesses. Those firms who are governed by GDPR and other data protection regulations are impacted by hefty fines when data is captured. And just in the past few months organizations have paid millions of dollars to keep their data from extortionists. This is certainly true for those in highly regulated industries such as finance, healthcare and government. The insurance industry will need to evolve to adapt to increasing ransom targets. We will see more movement in two specific industries.

The first one being the public sector, which still remains an easy target for ransom. This is particularly true for local governments because of the higher prevalence of cyber insurance in place and due to the remediation costs, which can be considerably higher than paying the ransom itself. However, organizations can only pay $600k so many times.

The second is the automotive market. As connected cars become more widespread, cyberattacks will too. Cybercriminals will take advantage of new unique automotive vectors to exploit, including un-monitored charge points for electric cars, as well as advanced software platforms on today's cars that manufacturers are incredibly slow to react to and patch.

To face these very real threats, insurers will work more closely with cybersecurity vendors and service providers to ensure that insured parties are properly protected from the majority of threats.

In 2020 we will witness how security takes the spotlight as several known threats evolve, some overhyped trends mature, and compliance becomes an even greater headache for organizations and vendors alike. Companies can best thwart attacks by staying vigilant and creating a cyber resilient data protection and security plan to combat these concerns.

##

About the Author

Tyler Moffitt is a Senior Threat Research Analyst who stays deeply immersed within the world of malware and antimalware. He is focused on improving the customer experience through his work directly with malware samples, creating antimalware intelligence, writing blogs, and testing in-house tools.