The third instalment of the Infosecurity Magazine State of Cybersecurity Report 2020 has been published. It aims to highlight the key trends impacting the sector and they found that this year the COVID-19 pandemic took by force not only the public health sector but also the cybersecurity industry.
According to the report, the other top trends shaping the sector were the cloud, artificial intelligence and machine learningWhat is Machine Learning?Machine learning is a subset of Artificial Intelligence (AI) that involves the development of algorithms and models that enable computers to make predictions or decisions based on..., the human element, and phishingWhat is Phishing?Phishing is a type of cyberattack in which attackers send fraudulent communications, or direct people to counterfeit websites in order to trick those individuals into revealing sensitive information,... attacks.
The Impact of COVID-19
While in 2018 GDPR was the main trend impacting cybersecurity, rightfully so in 2020 the most influential trend, cited by 30% of the survey respondents, was COVID-19. The pandemic brought vast changes in the way people work and subsequently in the way we need to secure remote workforces.
Although a growing percentage of businesses were already becoming more dependent on remote work, the pandemic forced its acceleration. The degree that businesses were able to adapt to these digital transformationWhat is Digital Transformation?Digital transformation refers to incorporating digital technology into all business areas to create new or modify existing business processes, culture, and customer experience to fundamentally transform how... initiatives was critical. However, if these efforts were not focused on security, they could create a massive attack surface.
The proliferation of remote working has brought many new security challenges. For example, what is the best way to manage a team remotely? What is the perimeter of your network? And how do you manage all these privately owned computing devices?
Another disturbing element of the pandemic was the growth of COVID-19-related attacks and scams. As David Bisson reports in his series for Tripwire, over the last few months, cyber-attacks against the healthcare industry have risen by 150%. Criminals are exploiting the pandemic and everyone’s need for timely and accurate information through various attack vectors.
These variants include phishing emails pretending to be from the World Health Organization and more sophisticated forms of intrusion via encryptionWhat is Encryption?Encryption converts readable data (plaintext) into a scrambled and unreadable format (ciphertext) using an algorithm and a key. The primary purpose of encryption is to ensure the confidentiality... methods. Remote workers were often left more susceptible to attacks and scams due to poor vulnerability managementWhat is Vulnerability Management?Vulnerability management refers to identifying, assessing, prioritizing, mitigating, and monitoring security vulnerabilities in computer systems, software, networks, and applications. Vulnerability management aims to proactively identify and address... strategies. Another harmful side effect of the crisis is the use of disinformation to target corporations and consumers with ransomwareWhat is Ransomware?Ransomware is a type of cyberattack in which the attacker infects a computer with malicious software that encrypts the victim's data. The computer usually becomes locked, presenting a... and spear-phishing.
However, there are some potential positives to come out of this unprecedented crisis. Based on their experience, companies should adopt practices to better enforce the capability for workforces to work remotely. Also greater focus should be put on implementing stronger security controls to reduce cyber-risks.
To the Cloud and Beyond!
Cloud was mentioned by 26% of the respondents. Organizations have greatly accelerated the adoption of multi-cloud environments as part of their digital transformation efforts. Cloud adoption presented business with cost benefits and the ability to support more distributed workforces, vital for coping with emergencies like COVID-19.
However, cloud proliferation has also introduced various new risks and challenges. For example, more and more businesses acknowledge that identity is the new perimeter and that with the growth of the cloud, the traditional perimeter has disappeared.
What is important is for businesses not to overly trust cloud-native security services. The assumption that security is enabled by default is a mistake that can get industries and companies into severe trouble. It is far from clear that we need to focus on solutions that secure the cloud.
Artificial Intelligence and Machine Learning
Artificial Intelligence (AIWhat is AI? Artificial Intelligence (AI) refers to the simulation of human intelligence processes by computers in an aim to mimic or exceed human cognitive abilities across a range of domains....) and Machine Learning (ML) is the only trend that makes the top 5 for three consecutive years. This is not a surprise as AI and ML are an important part of the research and drive innovation in the industry.
The main use of these concepts is to enhance workforce development practices through the integration of tools, as well as augmenting workforce capacity through advanced automation, orchestration, and analysis. Both concepts have huge potentials in threat intelligence and intrusion detection. But the use of AI to develop autonomous and semi-autonomous systems should not be done without an understanding of the human-AI interface. The human factor is an important component of linking AI with cybersecurity.
On the negative side, adversarial machine learning is being used more frequently in cyber-attacks. It is evident that the future will bring more complex attacks. Attackers are leveraging automation and AI to wage wider attacks. Therefore, using the same technology to fight adversaries is more critical now than ever before.
The Human Element
Responding to the survey, Professor Steven Furnell from the University of Plymouth noted three reasons justifying why the human element is such an important trend for cybersecurity. First is the increasing recognition of the profession of cybersecurity by all industries to address their growing cybersecurity needs. The second reason relates to the ongoing shortage of cybersecurity skills, where businesses face the challenge of realising what skills they need before recruiting professionals. Finally, it is the issue of a lack of basic cybersecurity literacy which contributes to the breaches we witness. People make poor choices, fall victim to scams and introduce vulnerabilities simply because they do not know any better.
The report goes on to highlight many problematic areas surrounding the human element of cybersecurity. These include a lack of engaging and current educational content, misperceptions about usability and security (see for example the use of bad passwords), lack of cyberculture in enterprises and a communication gap between executives and security professionals, and failings in technology as well as security training.
Let’s Go Phishing
Phishing is playing a key role within the current cybersecurity landscape, particularly given the current situation regarding the COVID-19 pandemic. Phishing is too easy to carry out as it is often straightforward to manipulate users. That is why, after all these years, phishing remains a threat vector and is the only malicious trend in the top five.
One reason for this could be the amount of email traffic now flowing around the world. The use of email opens up threats in a company’s infrastructure. This results in hackers trying to exploit new tools of remote collaboration. As the recent Verizon DBIR 2020 report highlighted – sophisticated phishing and impersonation are the first methods of attack.
Businesses are employing various strategies to mitigate this threat. The use of email gateways has been deployed. Also, the creation of rules to determine which emails are permitted to get through. Despite their efforts, as attacks become more intelligent, they bypass any rules highlighting the need for better mitigation and stronger decision-making. Towards this end, education can play a critical role to bridge the knowledge gap. However, it has to be assisted by security controls that can solve this problem in an automated and scalable way.
Conclusion
The COVID-19 pandemic dominates not only the news headlines but also all cybersecurity efforts. This is evident is the Infosecurity Magazine State of Cybersecurity 2020 report. However, considering the pandemic is an anomaly, the other four trends are recurring. This indicates that the cybersecurity industry is still coping with the same challenges. The question that arises then is this: What are we learning from our mistakes? How can we really improve the cybersecurity industry?