Blog Details

predictions for 2019 cybersecurity skills shortages are getting worse

image
Overview?
No-one is predicting a cybersecurity apocalypse this year. In many respects, it looks like business as usual for 2019, with threat actors expected to continue to hone their targets. We can also expect a steady flow of stories of hackers making further inroads in emerging areas (malware targeted at connected household devices, for instance).

Threat actors big and small
Predictably, many commentators focus on the likely growth of state sponsored threats. Meanwhile though, some (e.g. Kaspersky) are careful to remind us that with just a little bit of know-how, a few dollars and access to the dark web, virtually anyone can get tooled up to do some serious damage. (We write this as “the motherlode of all data breaches” - a cache of 773 million email addresses and 21 million passwords has just come to light).  

Cat and mouse: whos winning?
In its annual survey, The World Economic Forum (WEF) asks business execs across the globe to list their most significant risks. At the end of last year, for the first time, business leaders in ALL regions cited cyber attacks as the biggest risk they face.

Just how well-equipped are businesses to address this risk? It’s often said that security managers are constantly locked in a game of cat and mouse with threat actors. To play the game and to continue keep their assets safe, businesses need the right skills and resources.

Several commentators (e.g. FireEye, Infosecurity and ESG) make the point that plugging the massive deficit in qualified cybersecurity talent will be one of the biggest worries for business leaders this year. It’s essential for staying on top of the game.

Some more top trends...
State sponsored attacks: going beyond the usual suspects
Where a cyber attack is linked to state collusion, it’s usually one of a handful of countries (Russia, China and North Korea) who are most often in the frame. Yet US intelligence chiefs have previously stated that more than 30 countries are developing attack capabilities. FireEye predicts more countries getting in on the act this year - as lots more state-backed agencies ‘tool up’.    

IoT: Its still wild west territory
Will this be the year when you are scammed by your fridge? Most analysts believe the onward march of IoT technology will continue. What’s worrying is that much of this tech, in its current state, is not secure (particularly in relation to unverified payments). Don’t be surprised to see instances of these vulnerabilities being exploited in 2019.

Compliance: the public fights back
​I believe that 2019 will be a year of public retaliation. In post-GDPR Europe, for instance, consumers are now much more aware of the rights they have over their data - and how to enforce those rights. One commentator dubbed 2019 “The year of the GDPR fine”. The threat of fines, compensation payouts and customers walking away will shape the data privacy landscape more than ever.