by Claire Harratt

Head of Managed Security Awareness Services

Connect with Claire Harratt on Linkedin Connect with Claire Harratt on Linkedin

Saepio’s Threat Landscape Predictions

Every December at Saepio we unbox our crystal ball and predict what next year has in store for the cyber security industry. We thought you would appreciate our findings and welcome any feedback.

2019 Threat Landscape

The cyber-attack surface widened in 2018. As organisations automate and innovate, the accelerated adoption of new technology and internet connected systems is apparent. Couple this with the rise in cyber criminals armed with tools and knowledge to compromise software vulnerabilities…. well, the result is obvious.

The EU GDPR and the NIS Directive offer more fuel to hold sensitive data and business systems to ransom. So, with malicious cyber activity on the up and the attack surface continuing to broaden, what do we expect to see in 2020?

The good news is the attack vectors are unlikely to change but we do expect existing techniques to evolve and be increasingly sophisticated and targeted in nature.

1) The birth of a new Celebrity Vulnerability

Expect a new ‘celeb vulnerability’ in 2019 to join the likes of WannaCry, NonPetya, Meltdown and Spectre. It will almost certainly be malware that takes advantage of a common vulnerability and will likely arrive in a Maldoc contained in spear phishing emails. Once infected, we expect it to self-propagate much like EternalBlue. Effective vulnerability management and patching, mature email security controls, NextGen AV and security awareness training are all important preventative controls. Malware protection guide

2) Ransomware will continue…

… but the more serious attacks resulting in higher ransom demands will target IoT devices such as smart devices in transportation systems, production lines, medical equipment. So many of these smart devices have been bought to market quickly, speed of innovation appears to take priority over security which leaves them vulnerable. The concept of ‘Secure by Design’ requires broad adoption. Expect to hear more about DevSecOps.

3) IoT botnets will come to a device near you

Internet connected hardware devices will be compromised to serve up everything from cryptominers to Trojans to DDoS attacks. Large scale compromises of routers and IoT Devices are going to take place, and they are a lot harder to patch than computers. Even just patching does not fix the problem, if the device is infected.

4) Attacks on Internet Connectivity

Internet availability is more important than ever. Like electricity, it’s a core utility at home and work. Whether physically cutting cables or using DDoS mechanisms, targeted attacks will be used to disrupt business processes. As organisations increasingly rely on web connected devices and systems, we expect to see more being held to ransom by disrupting access to the internet.

5) If you can’t crack the lock, steal the key

Those with access to critical data or the ability to change the configuration of critical IT systems pose a rising threat. Cybercriminals want their credentials. Whether intentional, malicious or ‘forced’ by violent criminal groups, as companies are increasingly software driven, attackers will compromise the individuals with the privileges to gain the control they desire.

6) Behold, the CISO

As new technology emerges, more data and process is moved to the cloud, and with growing compliance requirements, in 2019 the importance of a dedicated member of staff to oversee Information Security will be more relevant than ever. For larger organisations, the voice of the CISO will elevate in importance, there is a lot of work for them to do. With there being a skills gap for this role we expect to see more organisations employ part time virtual CISOs who will advise the board and provide the cyber expertise, policy and guidance that is required.

7) Patching the Human Firewall

People are your greatest risk and greatest asset when it comes to information security. Social Engineering powers the vast majority of threats, and the sophistication is increasing. To counteract it, we predict accelerated adoption of new school awareness training to minimise the risk of people triggering cyber incidents at work and home. Aware people report threats and are an asset to the incident response process. We expect widespread mindset adoption that patching human vulnerabilities is as important as patching technical vulnerabilities.

Summary:

Every year the cyber threat landscape evolves and information security becomes a greater business challenge. The majority of risk is mitigated by doing the security essentials well. Do what is reasonable to prevent breaches with the right controls and processes in place but be prepared to deal with cyber incidents – it’s not if, it’s when.

In 2019 Saepio expect to spend a lot of time helping customers deploy security monitoring tools that highlight malicious cyber activity and automate the containment and response. If you don’t have one already, document your Cyber Incident Response Plan (CIRP) and conduct table top scenarios to test it.

Business Email Compromise Guide

Business Email Compromise can impact your company assets, your supply chain, your customers and your brand.  These fraudulent emails are getting more sophisticated, more regular, more targeted and more difficult to detect. Ultimately they are causing businesses of all sizes significant losses.

So how can you mitigate the risk of BEC?  Here’s Saepio’s Five Step Guide to Business Email Compromise

Read more in our Business Email Compromise Guide.

Saepio's Guide to Trusted Access

You need to ensure that only the right people and the right devices have access to your valued systems and data, this becomes even more important if your estate includes public and private cloud applications.

A user name and password are no longer sufficient to ensure integrity of access, Multi-Factor authentication is the first step on the journey, and if you can also ensure that your devices are trusted and behaving then you’re on the right path and Single Sign On solutions move the game on further still.

With access, your users need to be bought in and happy with the controls you implement to ensure the project is a success. Whatever you do needs to be simple to use and not impact your users from doing their day job.

Read more in our Guide to Trusted Access.

 

Government Cyber Security Breaches Survey 2019

In April 2018 The UK Government in conjunction with Ipsos MORI, has surveyed businesses and charities to find out they approach cyber security and help them learn more about the cyber security issues faced by industry.

The overwhelming majority of businesses and charities are reliant on online services, which exposes them to cyber security risks.

Virtually all UK businesses (98%) represented in the survey rely on some form of digital communication or services, such as staff email addresses, websites, online banking and the ability for customers to shop online.

Organisations of all sizes, and a substantive majority of large businesses have been breached or attacked. Those with more potential risk factors are also among the most likely to experience cyber security breaches or attacks.

Read more in our Government Cyber Security Breaches Survey 2019.