Due to the outbreak of the coronavirus, CYBERSEC 2020 will be rescheduled to August 12 (Wednesday) to August 14 (Friday), 2020. We apologize for any inconvenience this may have caused and your consideration will be much appreciated. CYBERSEC 2020 will continue open for registration. New updates regarding the event will also continue to be posted on the official website.×
The hyperconnectivity of the world is the result of combined technological advancements in the past decade. While it ushers in a new space for innovation and bridges expansive distances and borders, it also poses a challenge especially in cybersecurity.
In the hyperconnected world cyberthreats can have unpredictable and even unprecedented consequences. It is the principal task of cybersecurity in the upcoming decade to not only keep up with the threats borne from this new space but also anticipate how these threats will evolve in parallel to further technological advancements.
In 2020, NTT sees below 5 key trends in Cybersecurity.
1. Zero Trust: Zero trust is maturing into digital trust
2.Cloud: Organisations are focusing on cloud-based security platforms
3. Secure by Design: Organisations now aim to be secure by design
4. Intelligence: Cybersecurity is becoming intelligence-driven
5. Compliance: Tighter regulation is affecting risk profiles
1. The CISO role becomes required across industries. The challenge for a CISO is not only structuring a team but also making it service-oriented to help business deploy the services in a secured way.
2. The skills gap widens, making it increasingly difficult to find, hire and retain security professionals. Uplifting the skills and capabilities of the team and working with trusted partners are the top priority. In addition, automation in cybersecurity architecture not only eases the skills gap, but also improves the cybersecurity maturity. Visibility, actionable threat intelligence and SOAR are the trends in security architecture.
3. Employ 'Breach and attack simulation' resources to prove the benefits of your investment and find the blind spot of your organization. Red team exercise or automated simulation practice are good approaches.
The CyberSecurity expertise and skills shortage continues to widen. Relaying on signature based technology to detect and respond to threats is no longer able to cope with the every increasing cyber threats. If company wish to stay ahead of cyber criminals, they must run twice, or ten times as fast as that.
Cloud Security Adoption Will Accelerate in 2020. The coming year 2020 will usher in an even greater adoption of cloud security, with a material change in attitude and organizations fully embracing the cloud. As organizations increasingly access enterprise applications like Microsoft O365 or Google GSuite etc., it’s no longer practical for them to VPN back to the stack to remain secure while accessing these services in the cloud. With this move to the cloud comes countless security risks. Not only will we see more companies jump on the bandwagon and shift their applications and operations to the cloud, but we will also see the security stack move to the cloud and more resources dedicated to securing the cloud, such as cloud councils.
- Ransomware attackers raise the stakes
- Mobile malware and Potentially Unwanted Apps edging towards malware
- Cloud computing: misconfiguration is greatest security risk
- Automated, active attacks to gain access and move laterally through a network
- “Internet background radiation” affecting a wide range of internet-facing services and devices - RDP is at risk
- Interest in corruption of machine learning detection models
I think the major challenge is too much workload for IT security professional but the return is not up to par. (Smile)
Indeed what we have observed the major challenge is how to ensure you have a full coverage of Cyber Security in a smart way. For example, in Taiwan, we just observe the interest of NIST CyberSecurity Framework recently (CSF); however, CSF has been launch for years. Today computer network is complex boundary-less, lack of security professional is the major challenge of a lots of organization, if there is no clear Cyber Security management objective and metric, security team may forget to evaluate all the security needed and miss a serval pieces, causing silo and create Cyber Exposure gap.
Like recently containerization and DevOpsSec draw lots of attention, organization that adopted container technology like to deploy related security product. But in fact most of the time, container is the highest layer of an application, underneath there are container platform, database, private or public cloud infrastructure, and we are not talking about how to secure developer environment yet. All of these need to be secure, that's why having a Cyber Security objective and long term goal is very important.
For upcoming trend, we believe breaches will still happen, but as more and more defend in place to servers, we expect more and more breaches will start from end user devices or other devices like IoT devices.
In 2019, phishers are evolving and taking their attacks to new heights. Phishing attacks are done by cybercriminals, who trick the victim, by concealing their identity by masking themselves as a trusted identity, and luring them into opening deceptive emails for stealing sensitive information. Many business owners are unaware about the insecure and fraud links and emails. Without thinking for a second, the victim opens the fake link and enters the account details and passwords. They are attacked and sensitive information (i.e. banking information, credit card information, stealing of customer data and passwords) is grabbed and misused by cybercriminals.
Cloud services are gaining popularity among business. Companies can choose between cloud-based solution and in-house server. When it comes to providing a reliable mail server solution, email security and data storage are two top priorities. To try to strike a balance between the two has become the biggest challenge for today's IT administrators.
Building Cybersecurity without Agents
The biggest challenge facing cybersecurity in 2020 is the increased frequency of zero day attacks. Businesses are underprepared to protect themselves against zero days, despite the investment they have made in protection platforms.