We have seen a number of issues in the past year and an increase in security incidents among all typeS of companies. Now, let’s discuss what the experts predict will happen in 2020.
There is agreement that some of the issues we have already seen will still happen in 2020 such as:
Misconfiguration (Cloud resources)
We know that cloud has been, and will continue to be, a buzzword and there is a misconception that moving everything to the cloud is much safer, quicker and so on. It is all true, but only if it is properly configured. In the past, we saw that Amazon S3 buckets were misconfigured or left open long after a job was completed, and because of that information was leaked. There are many of these examples out there, so we will need to be careful moving forward.
Risk around third-party security will grow
You may spend thousands of dollars making your IT systems more resilient, robust and redundant, but at the same time you also work with third parties which provide you services, or you provide service to, and they are continuously in some shape or form interacting with your system. For instance, your payroll system in the cloud, your CRM or ERP line of the business application stored somewhere outside your premises, etc. How safe are your data out there? How much control do you have if any?
An increasing number of IoT devices
We have already seen how IoT devices are impacting IT infrastructure, and at the same time how vulnerable they are. In 2020 it is expected that the number of IoT devices on the Internet and networks will keep increasing. According to Moore’s law, processor chips double in power every 18 months, but unfortunately, IoT security is not progressing at a similar pace. This year you will need to be cautious of what is connected to your network and how to protect it.
Security is not just an IT problem anymore
In 2020 we will expect to see more and more attacks to end-users. Why? Because we can spend thousands of dollars in malware protection, antivirus, firewall, anti-phishing engines with Artificial Intelligence, and so on, but the bad guys need only 1 email going through all those defences and reach the end-user mailbox. At that point all your IT Infrastructure would rely on the end-user not clicking on a link, not opening an attachment and so on. Therefore, end-users training will be an important component in 2020.
There are many more security predictions for 2020 but these are a good starting point for you to start reviewing your current IT Security posture and starting moving to a more resilient IT.
Evaluating Your Company’s Security in 2020
If you want to see how your IT security stacks up, schedule Security Reviews with our team today so you can learn where you’re doing well, and where you may have security weaknesses.
And as always, be safe out there and until the next Malware Monday.