With merely three months into our new decade, a reflection of cyber threats, both past, present, and future, will inevitably cross the minds of both cybersecurity professionals as well as those with a passion for new tech. Rapidly advancing technologies using the Internet of Things (IoT) devices, 5G, virtual reality/augmented reality, and big data/analytics are only the tip of the technological iceberg in the present world as we now know it, and all of these bring the risk of cyber threats.
Hi-tech advancements promise us improved convenience, faster connectivity to the world, and access to more usable, mission-essential data for everyday operations and other critical business functions. While each of these provides unique benefits, all have equally as much (if not more) to be concerned about when it comes to security. Does a happy medium between secure and convenient exist? How much is too much, and how do we, as a society, ensure that convenience does not come at the cost of our security? What should cybersecurity professionals and advocates do to prepare for the modern-day “Roaring 20’s”?
4 Threats you will face in 2020 and the decade ahead
Unfortunately, there is no simple solution, nor is there a magical, or just-in-time (JIT) patch that can be applied to eradicate and prevent this new era of advances persistent cybersecurity threats we face with 100 percent effectiveness. Despite these challenges, there are some basic yet practical common-sense steps that can be applied to improve and maintain good cyber hygiene while enjoying (most) of what the future of the tech world has to offer.
1. Cloud storage
Although it may be tempting to want to store and transmit various types of personally identifiable information (PII) and other sensitive data on IoT devices, consider verifying whether or not data is encrypted. If you do decide to store data on a device connected to the Cloud, consider asking to review the details on what the level and type of encryption is and who stores (and has access) to decryption keys. These questions may seem inflated to some but are crucial to privacy and overall cyber safety.
2. 5G technology
5G technology is still in its infancy, and many aspects are still unknown to both device manufacturers and service providers. While many are concerned with the potential health and environmental risks associated with 5G, others may want to consider what the reliability and security of this new technology is. Because this is such a new concept, it is important to remember that many undisclosed backdoor threats and vulnerabilities may exist, thus putting crucial information systems at-risk.
3. Virtual reality (VR) and augmented reality (AR)
Virtual reality (VR) and augmented reality (AR) are wonderful ways to virtually explore, train, game, and even collaborate with others all across the street or even across the globe like never before! This advancement in technology has improved the lives of many in ways unheard-of before. As with any new development in technology, risks are bound to follow. Since VR and AR allow for world-wide communication, a malicious attacker can impersonate a known entity or party to exercise a form of social engineering to gain access to a credit card or other financial information.
4. Big data management
Data analytics and big data management are in high demand. As a result, individuals and companies alike all have data. From a cybersecurity perspective, an obvious concern is how the data secured both while in-transit (sending and receiving) and at-rest (stored on a Cloud server). It is extremely important to ensure that all sensitive data is properly secured at all times. Only use trustworthy data analytics tools that have been fully updated and patched for vulnerabilities. Consider extra steps to validate software and utility packages by checking developer hashes and other basic information such as the NIST National Vulnerability Database (NVD).
Lastly, don’t believe everything you see and hear. It is essential to do your own research on products and services you intend to be a consumer of. This same principle applies to both personal and work environments. Like the saying says, if something sounds too good to be true, it most likely is too good to be true! Always, ALWAYS trust but verify!
How to Protect 30Bn IoT devices by 2020
For businesses migrating from physical infrastructure to cloud-based operations, they should consider outsourced cloud security services. EC-Council Global Services offers cloud security solutions that will give your organization unbiased cloud-computing security methodologies and frameworks to protect data and applications. And for those adopting the stated technologies, can start with Cyber Security Posture Assessment, a service that gives clear insights on an organization’s current security stance. With this, opt for our Security Strategy and Transformation services that will offer a secure and intrusion-free environment to the organization.
Engage with EGS!
Gain greater confidence in your cybersecurity decisions by working with EC-Council Global Services’ thought leaders to apply our solutions to your specific business and technology initiatives.
Posture Assessment Survey
An independent expert assessment of the current state of information security environment is conducted against global standards and leading industry practices to measure the overall cybersecurity maturity of your organization.
Connect with us to take a FREE 15-Minute Survey. This will be followed by a remediation plan of the identified gaps and the development of a roadmap for transformation.
FREE Phishing Simulation
To assess your organization’s human error vulnerabilities, take OhPhish’s FREE subscription to run simulated Phishing attacks and get a detailed, actionable report.
OhPhish is the fastest growing integrated platform for security awareness training. You can train your users, phish them, review results, and repeat to ensure your company is on top of this game.
Vulnerability Assessment & Penetration Testing (VAPT)
EGS offers a broad range of network infrastructure, web applications, and mobile application security assessment services designed to detect and gauge security vulnerabilities. Take the FREE VAPT for up to 10 external IPs, worth USD 5000 and get a customized report!