ForceShield Co-founder and CTO  Yumin, Lin

In 2018 the mantra became “another day, another data breach.”, organizations and companies were struck by massive and damaging data breaches is not a news but a new common in the past year. Up to September 2018, there were 1.7 billion data have been exposed, and the average loss per enterprise-level breach was $4 million USD. Every second, there are more than 900 data breaches happening worldwide. "According to ForceShield’s observations, credential compromise is the most common way for attackers to get sensitive data. Besides credential compromise, router exploits affecting IoT, cross platform malware infections, and API abuse are the other common attack techniques to breach the data” said Yumin Lin, Co-founder and CTO of ForceShield.

By looking at the cyber-attacks, hacks, and major breaches of 2018 along with some of our proprietary customer threat data, ForceShield is able to give a reasonable prediction of some critical areas to watch for the coming year and beyond：

• FIDO2 and hard token login solutions will begin to gain momentum and solve many of the security risks associated with passwords and MFA techniques
• As more sophisticated security tools are developed to combat these adversaries, bots have transformed from primitive scripts to more sophisticated bots that mimic human behavior and actions
• The focus of automated attacks will be continuously on the abuse of inherent application functionality and misuse of related design flaws or business logic
• California recently passed the SB-327 ("Information Privacy: Connected Devices") bill that goes into effect on January 1, 2020. This requires IoT devices to have a ‘reasonable security feature’ or ‘requires a user to generate a new means of authentication’ and we expect other countries will follow with similar laws/bills.
• The lack of robust endpoint security on many IoT devices will continue to expand the network attack surface