Top 3 Cybersecurity Trends Moving into 2020
Cybersecurity is a constantly evolving landscape. As technologies change at a faster pace, new threats emerge, existing threats become more effective and small businesses must take new measures to protect themselves. It only takes a single spear-phishing email or malicious download to expose an entire network and cause extensive damage.
Cybersecurity is a constantly evolving landscape and 2020 will bring a new set of important threats from IoT, AI and other emerging technologies. Let's take a look at three cybersecurity trends to watch in 2020 and how small businesses can protect themselves from linked security threats.
#1. IoT Devices Moving onto 5G
Internet of things, or IoT, devices have become increasingly popular over the past several years. According to Statista, the number of connected devices is projected to grow from about 15 billion in 2015 to more than 75 billion by 2025. The rollout of 5G cellular technologies will drive these growth rates via higher speeds, lower latency and less cost.
Most devices connected to today's cellular networks were designed with security in mind. For instance, connected traffic lights and smartphones both have extensive security measures in place to protect against abuse. Many security experts worry that the same isn't true for IoT devices, which are typically manufactured at a large scale and low cost.
The greater number of connected IoT devices translates to a greater surface area for cybersecurity attacks. There are about three billion smartphones connected to cellular networks right now compared to the more than 75 billion IoT devices projected to connect over the next five years. These devices create the potential for large-scale DDoS and other attacks.
Small businesses can protect themselves from IoT-related risks in several ways:
- Select high-quality IoT vendors and manufacturers that provide ongoing support and software updates.
- Inventory IoT devices, keep firmware up-to-date and conduct a regular audit for new vulnerabilities.
- Implement visibility solutions that monitor the behavior of IoT devices and investigate any anomalies.
- Use firewall software that includes DDoS protection to thwart potential increases in attacks from IoT powered bot networks.
#2. Spear Phishing on the Rise
Most people are familiar with phishing emails designed to steal personal information. For instance, you may receive an email that appears to be from your bank requesting you to login to resolve an issue. These emails are effective on some people, but most of us are aware of these risks and spam filters are effective at flagging them.
Download our free Checklist of Tips for Recognizing Phishing Emails to help your employees spot and avoid potentially dangerous emails.
Spear-phishing emails are much more nefarious. Rather than mass-emailing thousands of people, hackers research specific high-value targets and send them legitimate-looking emails that often make it through spam filters. These emails are used by more than 70% of hacker groups and are responsible for about 95% of successful attacks on business networks.
In a typical attack, employees may be sent a legitimate-looking attachment that appears to be from their boss. The attachment may contain malware that gives the hacker remote access and the ability to steal data. Other spear phishing attacks may be disguised as directions from an executive to wire payments to the hacker's bank accounts.
Small businesses can protect themselves from spear phishing attacks in several ways:
- Implement spear phishing awareness training among employees to discourage them from succumbing to attack.
- Require a verbal or in-person confirmation before sending any wire transfers requested via email.
- Install software that blocks phishing emails at the server level before they reach employee inboxes.
- Establish reporting requirements for any suspected phishing attempts to help identify problems before they spread.
#3. AI-Powered Cyber Crime
Artificial intelligence (AI) and machine learning (ML) have made great strides over the past several years. From self-driving cars to facial recognition, deep learning algorithms have opened the door to a wide variety of possibilities. However, these same technologies could help hackers become more efficient and effective in their attacks against consumers and businesses.
For example, sophisticated hackers could use machine-learning algorithms to evaluate whether antivirus software is effective against a particular malware program and make small adjustments until it's no longer caught. AI and ML algorithms could similarly be used to craft more effective spear phishing emails on a much larger scale than doing it by hand.
The good news is that these same technologies are improving cybersecurity software. For instance, Google's anti-phishing and anti-spam algorithms are highly effective at blocking most malicious email before it ever reaches Gmail or Google app users. Firewall software also uses ML and AI algorithms to identify, flag or block suspicious behavior.
Small businesses can protect themselves from these emerging threats in several ways:
- Use smart cybersecurity software that harnesses AI and ML to protect against attacks.
- Whitelist what you need rather than blacklisting what you don't want to let in when it comes to network security.
- Keep employees up-to-date with the latest security threats and train them to recognize any problems.
- Conduct regular network audits and penetration tests that leverage the latest malicious software tools to ensure you’re secure.
The Bottom Line
The cybersecurity landscape is constantly evolving with new threats. With the rise of IoT devices, spear-phishing attacks and AI-powered cybercrime, small businesses should ensure that they're taking measures to protect themselves. A single data breach is often enough to put a small company out of business — or at least cause irreparable damage to a reputation.
Don't forget to download our free Checklist of Tips for Recognizing Phishing Emails to help your employees spot and avoid potentially dangerous emails.
Many small businesses realize the importance of cybersecurity, but they struggle with manual processes, inadequate staffing and disconnected tools. Without a dedicated chief information security officer, or CISO, it can feel difficult to ensure that all of your assets are properly protected. The good news is that there are some comprehensive solutions out there.
Jungle Disk provides a cybersecurity suite that's especially designed for small businesses with less than 250 employees. With active network protect, team password management, secure backup and other cybersecurity solutions under a single roof, small businesses can ensure they're protected from the most common threats and minimize the potential for a data breach.