In today’s business landscape, it’s not a matter of if you’ll be hacked, but when. Cyber adversaries are using more sophisticated methods and attacks are becoming more commonplace. With our greater dependence on technology, it is unlikely that we’ll see this trend reverse anytime soon. More companies are starting to realize that cybersecurity prevention is not optional – are you?
While no protection can ever be foolproof – as we know from the legions of breaches and hacks in the headlines – preparation and risk management are still key. Businesses need to not only think about strengthening their defenses via security policies, controls, people and processes, but also figure out how to minimize exposure and damage control in the aftermath of a cyberattack.
It’s against this backdrop that we can see five major trends in cybersecurity forming for 2019.
1. Increased Awareness and Spending, Including by SMBs
Given the volume of cyberattacks that the average company faces, organizations are carving out ever-larger portions of their budgets to devote to cybersecurity. In fact, Cybersecurity Ventures predicts that global spending on cybersecurity products and services will exceed $1 trillion cumulatively by 2021.
SMBs are no exception to this, despite being more resource-constrained than other business segments. They’re taking it seriously, and putting aside more budget than ever before to address security.
2. The Cyber Workforce Shortage Will Only Get Worse
With cyber threats on the rise, it also increases the demand for the experts who can deal with them.
There’s a significant cybersecurity workforce shortage in the United States, and it looks like it’s going to get worse over the next few years. According to CompTIA’s Assessing the Skills Gap report, nearly half of companies say the IT skills gap has grown in scope and depth over the past two years. And on a more quantified basis, the Center for Cyber Safety and Education says that there will be a projected 1.8 million unfilled positions by 2022, which is an increase of 20 percent in just two years.
3. Good and Bad Guys Will Make Greater Use of AI
Artificial intelligence (AI) and machine learning are increasingly being deployed to better pick out anomalies amongst behavioral norms and spot potential attacks faster. The system takes some time to observe the environment and determine what normal behavior is, then establishes a baseline – so that it can pick up on deviations from the norm by applying algorithmic knowledge to a data set.
This can have big implications for security personnel, especially for SMBs. All too often, companies simply don’t have the resources to search through the haystack of anomalies for the proverbial malicious needle.
However, there are also downsides to the emergence of AI. For one, the technology has been leveraged by cybercriminals to do things like scan for open and vulnerable ports. It has also been used to automatically generate emails that have the exact tone and voice of the company’s CEO, learned over time by 24×7 eavesdropping. In the not-too-distant future, cyber-drones could emerge to attack other machines. This may all sound like science fiction, but it’s happening right now and will continue to evolve in the near future.
4. We’ll See More Fileless Attacks
In a disturbing trend, fileless malware attacks rose 94 percent between January and June 2018. It now represents 42 out of every 1,000 attacks on computers, according to recent analysis of 2018 data.
As the name suggests, fileless malware infects computers without leaving any files on the local hard drive, which in turn makes it harder for traditional antivirus solutions to notice it. Typical fileless attacks exploit vulnerabilities in browsers or use phishing to entice a victim to click on an attachment. When it’s executed, the code runs in the computer’s memory and uses the programs already on the system to carry out its dirty work.
5. Managed IT Services Are On the Rise
With so many proliferating attacks, the managed IT services market is taking off. It’s expected to be worth $257 billion by 2022.
Services like managed endpoint security can ensure that patches and updates are always installed, and can provide integrated anti-malware and anti-virus technology. Managed security can also include firewalls and intrusion detection, with 24×7 monitoring, and troubleshooting and repair.
For SMBs in particular, managed IT services can provide the answer to a lack of in-house personnel and budget. Managed services give them their own cybersecurity department in a cost-effective, pay-as-you-go model – and those services are always up-to-date to address the latest threats.
SMBs are realizing that they can’t go it alone as the escalating risk of cyberattacks tops the agenda. Attacks are getting more complex, and the number of attacks is growing – and so is the skills gap for cybersecurity staff.
With 2018 coming to an end, a good business resolution would be to put your cybersecurity matters in order so you can avoid unpleasant surprises in 2019. TPx has a full range of state-of-the-art cybersecurity protections and mitigation services, all offered on a cost-effective, managed basis. Request a free consultation today to find out how we help you navigate the always-evolving threat landscape.
About the Author
Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.