Check Point Software Technologies gave an outlook on future developments in IT security. The focus is primarily on technical upheavals, such as compliance with data protection, 5G as new network technology, cloud computing, and accelerated processes through automation.
IT Security: Use Of Targeted Ransomware
In 2020, ransomware attacks were targeted against businesses, local authorities, and hospitals. Attackers spend a lot of time gathering information about their victims. The amount of ransom demanded increases accordingly. So effective have the attacks become that even the FBI has softened its stance on paying ransoms, recognizing that paying in some cases protects shareholders, employees, and customers.
Phishing Attacks Go Beyond Email Traffic
The email will remain the most common avenue of attack on corporate IT security, but cybercriminals are already using other methods to steal personal information, credentials, and even money. Phishing increasingly includes SMS attacks via mobile phones or messenger programs in social media and on gaming platforms.
Mobile Malware Attacks Are On The Rise
In the first half of 2020, mobile banking malware attacks increased by 50 percent compared to 2019. Such malware can steal payment details, access information and funds from victims’ bank accounts. New versions are even available on the Dark Net for distribution by anyone willing to pay the malware’s developers – similar to a franchising process. Phishing attacks against cell phones are also becoming more sophisticated and effective.
IT Security: The Rise Of Cyber Insurance
Companies and public institutions are taking out more cyber insurance policies for IT security. Insurers continue to train policyholders to pay the ransom money as it can be cheaper than the cost of restoring the systems. This, in turn, will attract more attackers and lead to rapid growth in the cyber insurance industry.
IoT Devices Increase Security Risks
With the expansion of 5G networks, the use of IoT devices will accelerate dramatically. At the same time, the vulnerability of networks to large-scale, multi-vector Gen V cyberattacks will increase massively. IoT devices and their connections to data centers and clouds are a weak point: It is difficult to get an overview of all connected devices. In addition, their protection is complex. All companies must therefore develop a concept for IoT security that combines traditional and modern controls. Only then can these constantly growing networks in all industries and business areas be protected.
Increase In Personal Data Through 5G
The bandwidths that 5G enables will trigger an explosion of connected devices and sensors. So-called eHealth applications collect data on the well-being of users, networked car services monitor users’ movements, and smart city programs collect information on how citizens live. This ever-growing volume of personal data needs to be protected from injury and theft.
AI Accelerates Reactions To Cyber-Attacks
Most security solutions are based on detection models designed according to human logic. Artificial intelligence (AI) is needed to make them ready for the latest threats and keep them up to date with the latest technologies and devices. AI accelerates the process of identifying and responding to new threats. It also helps block attacks before they can spread. However, cybercriminals are starting to use the same techniques to scan networks effectively for vulnerabilities and develop malware to match.
Combine Protection With The Speed Of DevOps Teams
Companies already run most of their workloads in the cloud, but knowledge about securing the cloud remains low. The principle of shared responsibility has not yet fully entered the consciousness of those responsible. Security solutions must evolve into flexible, cloud-based architectures that combine scalable protection with the speed of DevOps teams.
Companies Are Rethinking Their Approach To The Cloud
With the increasing reliance on public cloud infrastructures, companies are at risk of failure. A good example was the operational disruption of the Google Cloud in March 2020. Companies have to rethink their existing data center and cloud concepts and consider hybrid environments of clouds and data centers.