Cyber security trends for 2020
- Tristan Morgan, Director of Security at BT
- 14.01.2020 07:00 pm Cyber Security
This has been another busy year in cyber security, with hackers targeting business, governments and major cities across the globe. From a financial services perspective, 2019 witnessed a number of high-profile data breaches, some of the largest to date, which affected millions of people. So, as we head into 2020, cyber security is very much on the boardroom agenda. Let’s take a look at some of those key trends in cyber security for 2020.
One of the major trends which will continue into 2020 is the increasing role of AI and automation. AI, if deployed correctly, can dramatically accelerate the identification and mitigation of new threats, helping to prevent initial attacks from spreading and infecting the wider network. This decreases pressure on vital resources which can be redeployed to other areas such as raising the skills of key personnel.
Having said this, we are also seeing a growing number of cyber criminals deploy AI and deep-learning against targets, for example, imbedded in malware. These form part of an increasing array of tactics used by criminals to breach security, such as ransomware, hidden adware, exploiting insecure mobile apps and payments made over mobile phones.
The first line of defence against this sort of attack is to carefully consider all options before deciding when and where the use of new technology is appropriate for your business. But when AI-based cyber attacks do come, it’s an industry-wide problem and must be addressed as such. Intelligence sharing is vital and to this end, BT shares key information with others in the telecoms sector.
At the front of this new technological embrace is the migration to the cloud and while there are clear benefits from being able to access large amounts of data around the world at the same time, financial services in particular need to be aware of the risks and update their security strategies accordingly. Expanded supply chains and the evolvement of third parties present a big threat, with data dispersed across a wide network and multiple potentials for a security breach. Firms need to know where their critical data is located and ensure a uniform level of protection across the system. Communication and understanding of what the different cloud providers do and don’t do, before moving your critical information, are key.
In 2020, we’ll see continued collaboration between business and government to help develop a collective resilience to cyber threats and, as a result, an increase in the regulation surrounding cyber security. In October, the UK Treasury Committee published a report criticising firms in the financial services sector for not doing enough to mitigate the operational risks that they face and called upon regulators to act.
However, despite improved technology and increased regulation, the weak link in the cyber security armour and source of the majority of security breaches remains basic human error. Following high-profile stories around the use of personal data, people are becoming ever more proactive about data protection, although there is still a great deal of education required, especially as cyber criminals utilise different means of attack.
The most successful attacks are as a result of sloppy security such as weak passwords or computers left on, enough to undermine even the most sophisticated security software.
In addition, as cyber security becomes increasingly important for financial services, more people are taking up careers in this area than ever before and a result, the security workforce is becoming ever more diverse. It is no longer the domain of those with computer-related degrees as employers seek those with an understanding of how viruses adapt and behave (biology) as much as they need those with knowledge of implementation.
Overall, we can expect 2020 to be another challenging year for cyber security as business and government respond to the changing dynamic of cyber attacks along with the increasing role of AI on both sides. It will also be interesting to see how those trends which continue from this year impact the sector in the months ahead.