December 13, 2018
The digital landscape is ever changing. It exists in a constant state of evolution and revolution, driven by new innovations. For consumers this means more convenience, more choice and greater access. For businesses this means improved productivity, more efficient processes, faster problem-solving with greater accountability, and a wealth of opportunity.
Of course, technology is also a double-edged sword!
Threats to your business’ cyber security are also in a constant state of change and evolution. With each year it seems that one business or another has been brought to its knees by malware, security breaches and data theft. Just as legitimate software developers are constantly at work devising and refining efficient digital solutions, so are their criminal counterparts. Fortunately, for every digital malcontent trying to compromise the networks of legitimate businesses, there’s a cyber security engineer hard at work on pre-empting their malicious attacks. Nevertheless, it is important for business owners to make themselves knowledgeable about the issue of cyber security and the tools at their disposal as we head into a new year.
As we march towards 2019, we must take stock of the year that lies behind us. High profile security breaches were a common theme of 2018, which proved that even a titan of industry can be crippled by cyber-attacks. We must also familiarize ourselves with the definitive technological advances of recent years and how they represent not only great opportunities for businesses, but potential vulnerabilities.
2019 is likely to be a pivotal year for cyber security & cyber security engineers, and the market is estimated to have a worth of $155.74 billion by 2019. For every transformative technological development the New Year brings, there’s a potential weak spot vulnerable to exploitation.
Cyber security breaches can affect any business at any time. No business is too small or too large to be immune. Make no mistake, when you go into business for yourself, you paint a target on your back at which cyber criminals will take aim. This year alone, we’ve seen some extremely high-profile security breaches including;
Uber- Uber already has an unfortunate history of compromising user data going back to 2016. The taxi hailing platform was forced to pay hundreds of millions in damages after a cyber-attack exposed the data of 57 million customers and drivers.
Google- The search engine diet was dealt a very public black eye this year which saw its (already ailing) social media platform Google+ shut down. At the beginning of the year, Google noticed a vulnerability in an API which gave third party developers access to app users’ data. Not only did Google compromise this data, they enshrouded the vulnerability in secrecy for fear of damage to their reputation. Further investigation found out that a bug within the website was sharing the access to the data of Google+ users between 2015 until the issue was resolved in March 2018.
Facebook- This year, social media leviathan Facebook also encountered a cyber security vulnerability that compromised the data of over 50 million users while 30 million personal records were stolen. Worryingly, at the time Facebook had not noticed that the accounts were compromised, nor had they found any inappropriate activity. It was later revealed that the attackers used Facebook developer APIs to steal the data.
T-Mobile- The data of around 2 million T-Mobile customers in the US was breached this year; including customer names, billing zip codes, phone numbers, email addresses, account numbers and encrypted passwords. Again, the network’s servers were breached via an API by an international group of cyber criminals.
As well as looking at these high-profile breaches we must also look to the technological innovations which will drive business in the coming year and prepare an action plan for the security vulnerabilities that they may represent and how they may impact our businesses. In many cases, they offer both vulnerability and opportunity.
AI offers an intriguing combination of vulnerabilities and opportunities. Attackers may use AI to identify opportunities to assault your network and any weaknesses in its defense. Cyber criminals can now even use AI to facilitate extremely convincing social engineering attacks. Moreover, as more and more businesses incorporate AI systems into their operations, these also present attackers with potential opportunities.
On the other hand, defenders can also use AI to their advantage. AI can identify and fix vulnerabilities quickly and comprehensively before attackers can access them. It can use attack simulations to bolster your network’s defenses and pre-emptively warn users of security risks as and when they present themselves.
2019 will see the start of a huge roll out of 5G networks and devices with the power to utilize 5G them. This new era of faster (and potentially more secure) connectivity is exciting for consumers and businesses alike. Yet, this exciting networking evolution also presents businesses with potential security vulnerabilities.
Greater reliance on cloud-based storage will inevitably expose new targets while greater dependence of IoT enabled devices on 5G rather than secured Wi-Fi networks could also lead to prospective breaches.
The Internet of Things is poised to revolutionize both consumer products and business operations with a bevy of interconnected devices in constant communication. However, while the IoT is undeniably exciting, it also brings potential vulnerabilities of its own.
As our homes and businesses grow ever more reliant on IoT enabled devices, the more we open ourselves up to malicious forms of attack from DDoS (Denial of Service) attacks to more sinister attacks like turning down your enterprise’s thermostats in a cold winter or interfering with IoT automated production to sabotage your products.
Legislation and regulation have considerable power to shut down potential breaches, of which the recent GDPR laws in Europe are just one high profile example. However, legislative measures may be perfectly well-intentioned, but poorly conceived. This may create vulnerabilities in some areas even as it strengthens security in others.
A business is only as strong as its reputation, and as we head into the New Year, we face a horde of new cyber threats which could threaten to compromise both.
Ensure your business is safe in 2019. Hire a freelance cyber security engineer today to perform a cyber security audit and protect your assets.
January 17, 2020