There was something of a cultural shift in the technology sector during 2018 that will undoubtedly impact 2019. Up until last year, cybersecurity issues seemed to predominately plague significant corporations and organizations. The Democratic National Committee hack fallout and Russian bots on Facebook were coupled with big-time breaches at Equifax and others that garnered headlines. Even the recent reports coming out of U.S. intelligence agencies point to enemy states such as China and Iran stealing American intellectual property.
Cyber threats ramped up in 2018 and the World Economic Forum ranked technology breaches as a top risk to economies worldwide.
“Attacks are increasing, both in prevalence and disruptive potential. Cyber breaches recorded by businesses have almost doubled in five years, from 68 per business in 2012 to 130 per business in 2017,” the Forum reported.
Consider for a moment that climate change and severe weather events such as hurricanes and tsunamis were also listed. That should put the danger in context for any business leader. And that’s why the mainstream perception about breaches has shifted significantly.
These days, small and mid-sized companies recognize that their personal information and critical data are targeted at a much higher rate than Fortune 500 outfits and national-level organizations. Ransomware has emerged as an almost routine method to extort money, and now fraud from crypto-mining is trending high. Business owners and decision-makers are prioritizing cybersecurity because the stakes are just too high. Cyber threats are likely to escalate during 2019, and these are some dire predictions.
1: Strict Data Breach Fines
Last year, regulations such as the California Consumer Privacy Act implemented harsh penalties for companies that fail to protect personal employee data. The conventional wisdom is that businesses and non-profit organizations alike have a responsibility to safeguard the information they ask of team members.
Cyber attacks that penetrated Uber, for example, reportedly resulted in the transportation organization settling out of court to the tune of $148 million as a result of a 2016 breach. Leading online companies such as Facebook and Equifax have been under fire and they both reportedly were fined a maximum penalty of £500,000 in the UK.
Currently, Google, British Airways and Facebook once again are under government scrutiny for cybersecurity failures and hefty fines could be coming. While this may not seem like a direct and discernible danger to small and mid-level outfits, think again. Although household-name organizations make headlines, everyday companies can expect to get hit with penalties for lack of cybersecurity as well. The moment a company asks employees to provide personal information, that organization becomes responsible for protecting it.
2: Rise of the Machines
The days of a rogue hacker halfway around the world infiltrating a system are expected to evolve in to (artificial intelligence) AI cyber attacks. If this sounds a lot like the sci-fi “Terminator” movie franchise, that’s not far from the truth.
Hackers are expected to deploy machines under their control to more rapidly and covertly penetrate business systems and cull valuable information. But beyond mining, these human-controlled devices will increasingly have the ability to impact the lives of everyday people.
Consider that the IoT continues to create an accessible matrix that can be manipulated. Autonomous vehicles, smart-home technology, and even friendly Alexa are being weaved into the fabric of human lives. This opens the door for hacker-driven AI to penetrate lives outside of the workplace. The necessity of cybersecurity in our personal lives is expected to grow exponentially going forward.
3: Governments Expected to Ramp Up Cyber Weapons
The mainstream media has been brushing up against the subject of enemy states attacking infrastructure such as power grids. It goes without saying that governments across the world are not sitting idly by as others hone their hacking talents.
From voting booths to water supplies, governments around the world are expected to meddle more and more in each other’s affairs. When someone loses, expect malware, ransomware and debilitating viruses to be unleashed.
While your small or mid-sized company may not be the target of a rogue state attack, it could end up being collateral damage. Don’t be taken by surprise, secure your company and personal data before the first wave hits.
4: Email Expected to Remain Top Data Breach Vehicle
Criminal hackers view email as the gift that keeps on giving. New hires tend to need time to understand the protection protocols around email usage. And, too many outfits lack adequate policies or fail to update usernames and passwords effectively. Employee email has ranked among the most vulnerable backdoors into an organization’s sensitive data and the best way to deploy ransomware.
Even though cybersecurity and IT teams warn decision-makers about the dangers of sub-par email protections, it is expected to remain a primary threat in 2019. Every day companies cannot take email security seriously enough in 2019.
5: Tougher Laws and Regulations Expected
The 2018 U.S. congressional hearings that involved Facebook, Google and others demonstrated that lawmakers recognize that cyber threats are prevalent and current regulations appear inadequate. Intellectual property and critical data are now outpacing oil regarding value.
In the U.S., states are creating more stringent laws to deal with hacking. The federal government and countries abroad are also wrestling with policies to manage cyber threats. It’s essential for small and mid-sized outfits to follow the trend and communicate with lawmakers at the local, state and federal level. The laws that come out of cybersecurity hearings are likely to impact the business community in a significant fashion.