By Reymart Jan Sarigumba from iPrice Group
2017 was a disaster year for cyber security as phishing scams, hacking, data breaches, and many other forms of cyberattacks ran rampant globally, and they are not likely to stop anytime soon. Breaches will be on a bigger scale, hackers will most likely be smarter, and threats will be more advanced. With all that in mind, individuals and businesses should take steps to ensure that their data is safe. Here are some industry predictions for 2018.
Compliance and Enforcement of GDPR
For those who are unfamiliar with the General Data Protection Regulation (aka GDPR), it is a new initiative that regulates new approaches for enterprises to manage and control their information. This is an effort to prevent any data from being leaked to unauthorised third parties. Companies that fail to implement will be liable to pay fines if any breach occurs. The GDPR is not only limited to businesses in the EU nations only; any corporation that deals with EU companies or employees will have to adhere.
Considering all the cyberattacks that happened last year, it goes without saying that precautionary measures should be taken to prevent yourself from being a victim. Many companies and businesses collect excessive amount of data without knowing where they are stored. GDPR will require companies to present what data they have and demonstrate how they will be used.
More Elaborate Authentication Processes
The Equifax data breach serves as proof that password-only authentication is not sufficient to keep your data protected, especially when it comes to online transactions. Most customers today do not know about alternatives and enhancements such as multi-factor authentication (MFA) or risk-based authentication. The main reason behind this is because businesses are reluctant to offer them because they do not want the complicated process to downgrade the overall user experience. Moreover, it is quite unlikely for customers themselves to actively seek out these alternative methods.
However, this is about to change as there are many risk-based authentication tools that are currently available; they often come with identity and access management tools that enable them to access the behaviour of the individual trying to access the data to identify if they are authorized. These tools will serve as a barrier to prevent hacking and to keep your data more secured.
Security Protocol for Cryptocurrency
Blockchain was a buzz in 2017 as Bitcoin shot to an all-time high in 2017. Bitcoin and other cryptocurrencies are becoming increasingly popular as it is considered a virtual fountain of wealth. In fact, many companies are starting to implement blockchains as part of their payment method and assume it to be secure due to its distributed nature. However, the reality is that it can be quite risky as adding transactions to a blockchain can be completed without digital signatures therefore obscuring the true identity of the person performing the transaction.
Thankfully, Hardware Security Modules (HSM) have modernised and can be used to secure the blockchain in an enterprise. To enhance the security of blockchain transactions, signatures must be verifiable through a public key infrastructure (PKI). Hence, it is quite likely for corporations that are interested in incorporating blockchain to implement HSMs.
Increased Attacks on IoT Devices
Millions of devices who are connected to the Internet have little to no defence against virtual attacks. By utilising a botnet kit, hackers can easily gain control of many IoT devices and use them however they like. The problem is that this has been an ongoing problem, yet no one has any idea on what these third parties will be using them for. The answer could be revealed sometime later this year. It takes time for a large-scale attack but if it happens, then millions of devices can be affected.
The good news is that efforts to counter botnets are improving as IoT device manufacturers are taking measures to strengthen the security features on their devices. Only time will tell if these counter-measures will be useful to reduce the impact if an attack does happen. Nations should also work together to leverage on the resources and expertise that they have to build better defences and curb these cyber criminals.
Increased Automation in Cybersecurity Tools
As the threats continue to grow in frequency and scale, improvement of automated responses in cybersecurity tools and software is essential to make data filtering more effective. Many corporations are already utilizing machine-learning tools to lighten the load of its security staff and the momentum should increase in 2018 as the threat are not likely to dwindle anytime soon. Implementing automation in these tools will enable security teams to plan on defence more effectively. Automation may not be an absolute solution, but it will boost the effectiveness of detecting potential threats.
As everyone of us can fall prey to cyberattacks, we should take pre-emptive steps to ensure that our data is somewhat protected. The very least we can do is to install antivirus programs on your computer and mobile devices.