Top Five Cybersecurity Trends for Businesses In 2019
As we reach the midway point for 2019, here are the top five cybersecurity trends businesses should watch for.
Expert Insights / Jun 04, 2019By Joel Witts
In 2019 so far, we have seen cyber-attacks become more sophisticated and more dangerous for businesses of all sizes. In the first half of 2019 alone, it’s been estimated that over 4.5 billion records from organizations around the word have been compromised. We’ve already seen this year numerous high profile cases of data breaches and cybersecurity attacks in 2019. We’ve seen Facebook, WhatsApp, and just this week Flipboard, lose data in high profile hacking attacks. We’ve also seen the security issues rising from nation states, and how they could be affecting corporate security around the world. Here are the top five cybersecurity trends that we’ve seen in 2019 so far, and we can expect to see over the next six months.
The number one trend for cyber security this year has been
the rise of Social Engineering style attacks. The most common forms of Social
Engineering attacks are Phishing, Spear-Phishing and Business Email Compromise.
study at the end of 2018 found that phishing attacks rose 297% at the end
of last year, and this trend has only continued to worsen in 2019. Phishing
currently accounts for about 90% of breaches within organizations and 76% of
businesses have reported being hit by a phishing attack, according to Retruster.
These types of attack prey on human weaknesses, and involve
hackers trying to trick employees into giving up sensitive data, account
details, or clicking on malicious URLs. Phishing emails have become more
sophisticated than ever before, and it can now be difficult for a fully trained
security professional to spot a phishing attack, let alone an untrained end user.
This means that phishing can be a lucrative business for hackers, and
businesses of all sizes are needing to invest more in protections from phishing
There are a range of solutions for businesses to protect
themselves from phishing attacks. An increasingly important technology is ‘Post-Delivery
Protection’ which utilizes machine learning technologies to learn the patterns
of email communication within an organization, which it then uses to spot
phishing attacks. Organizations should also consider Security Awareness Training
for their employees, which teaches them vital skills around spotting phishing
attacks and business email compromise attempts.
GDPR is now in full effect, affecting organizations around
the world. But in 2019 and beyond, tough data regulations are expected to come into
effect in the USA and other countries around the world, which companies may
find they need to adapt to quickly. Hence, meeting data regulations has remained
one of the top security trends in 2019.
At the start of 2019, Intel’s Head of US Government affairs Lisa Malloy said that she felt ‘2019 may be the year for federal level data privacy protection to be passed.’ This could represent a significant challenge for businesses of all sizes to ensure that all of their company and customer data is properly compliant. In addition to incoming federal level regulations, state level laws are also forcing companies to take more steps to secure their users data. California passed tough data legislation last year and has taken even more steps this year to enforce policies to protect personal data. It’s clear that in 2019 and the coming years, meeting legal data requirements is going to influence cybersecurity decision making for all types of organizations around the world.
Remote Working and Managing Endpoint Security
One of the major workplace trends from 2018 that has carried
over into this year is the explosion in employees working remotely. In 2019,
52% of employees work from home once per week, and 18% of employees work remotely
full time, according to Owl Labs. This has
posed security challenges for organizations, who must impose company policies
in terms of security and data protection, for a workforce increasingly using
their own devices, outside of business networks, off company premises.
Network parameters have been a thing of the past for a while
with the advent of cloud technologies and endpoint devices are a relatively
weak target for hackers to breach. Endpoint devices are very hard to secure,
especially if employees are using their own devices for work or using work
devices for personal usage at home. In 2019 Endpoint devices or IoT devices are
online all the time and can be easily infected with malware or ransomware
without the user knowing anything has gone wrong. Without controls, end users
may easily download a malicious file by mistake or click on a phishing URL. One
device being stolen or hacked into could potentially lead to hundreds of company
accounts being compromised, especially if the user has passwords stored on the
Therefore, in the latter half of 2019, more organizations
and business around the world will need to invest in Endpoint Protection
solutions. These solutions make it easy for businesses to secure their Endpoint
devices, with cloud based anti-virus that can be installed on each Endpoint
Device. This can be centrally managed by your organizations IT team, allowing
them to implement security policies such as stopping users from downloading
third party applications online, blocking them from installing programs from USB
devices and more. Endpoint Protection solutions also give admins more visibility
over endpoint devices’ security, usage and performance. As the Endpoint device
threat landscape continues to grow, more businesses will need to consider implementing
Endpoint Protection technologies.
In line with threats coming from Endpoint Devices, web based
threats coming from browsers have also grown over the first half of 2019. In 2019,
malware and web based threats were the most expensive for businesses, with
organizations needing to spend an average of $2.4 million USD to protect
against them, as found by Accenture.
In 2019, we are starting to see a trend of businesses moving away from the
current dominant standards of web security, such as DNS – based Web Filtering, towards
the new technology of Browser Isolation. In 2018, Gartner recommended Browser
isolation as one of the most effective ways for organizations to reduce web
based threats against their users. They also predicted that 50% of businesses
will begin to implement a variation of this technology over the next few years.
This is a trend that has begun this year.
Browser Isolation technologies work in a few different ways.
The most common is a cloud based technology delivered to businesses as a
service. This technology isolates all end-user browsing away from the actual Endpoint.
This means that your internal networks and infrastructure is completely
protected from any web-based threats or malware. If a user downloads a malicious
file, this technology means it cannot affect their device or your business network.
This technology is cost effective and highly scalable and will likely continue
to be adopted by more organizations over 2019.
Over the last few years, more and more organizations in all
market sectors are moving from on-premise technologies to the cloud. This has meant
securing their cloud environments has become for many businesses a number one
security priority. Cloud Access Security Brokers (CASBs) are quickly becoming
the dominant cloud security solution. At
the start of 2018, the CASB market was the ‘fastest growing security category
ever,’ according to Gartner. They have predicted that by 2020, 60% of large
enterprises will be using a CASB platform to manage their cloud security services
– while at the moment less than 10% do. We’ve observed this boom in popularity
in 2019 so far.
CASB solutions are cloud based software that works in-between
your business networks and your cloud security providers. They allow companies
to implement security and govern cloud applications, with reporting and management
in a central administration dashboard. They also give admins visibility over an
organizations cloud networks, with controls to view devices and security risks.
As more and more organizations move to the cloud, technologies such as CASBs
are going to become more adopted as businesses look for more security and
control over their cloud infrastructure.
So far in 2019 we’ve seen multiple complex cyber-attacks, that only seem to be on the rise. Cybercrimes are becoming harder more sophisticated and harder for businesses to stop. Businesses of all sizes will need to watch these trends carefully over the rest of 2019 and into 2020, to ensure that their employees and data remain secure.
About Expert Insights:
Expert insights is an independent review platform for Cyber Security services. They offer to readers detailed and meticulously researched product information written by industry experts, and independent end user reviews. This helps customers looking for cyber security services make an informed buying decision.