HP TECH TAKES /...
Exploring today's technology for tomorrow's possibilities
Subscribe
The Future of Cybersecurity
Tulie Finley-Moise
|
December 27, 2019
From year-after-year record-breaking numbers of global data breaches to the 2018 implementation of the General Data Protection Regulation, the tides of change within the cybersecurity industry are equal parts foreboding and promising. On both large corporate scales and small individual scales, internet safety has become one of the driving forces leading today’s conversations about cybersecurity for tomorrow.
The status, accessibility, speed, and ubiquity of the internet is on the rise with no signs of slowing anytime soon. Similarly to how the introduction of 4G networks led to the popularization of consumer-grade smartphones and devices, the unveiling of 5G promises a slew of new connectivity possibilities for individuals and businesses around the world. However, this propitious gateway to the future comes with serious risks.
According to a recent Risk Based Security report, 2019 is on track to be the worst year for data breach activity [1]. The reality of the modern digital sphere is that with newer technology comes newer, smarter, and more invasive threats. This inevitable rise is being met with serious preemptive action designed to protect users from costly breaches and cyber attacks.
In fact, it is estimated that by 2027, worldwide spending on cybersecurity measures will cross the $10 billion threshold [2]. With so much money being poured into the future of cybersecurity, it is incredibly important to first understand what that future looks like.
If you’re like most people, you depend on the internet to keep you connected to your social circle, financial status, career responsibilities, and more. Your online life exists in perfect alignment with your everyday reality, and it’s that very alignment you depend on to keep everything in-sync. Even on your small, individual plane, a data breach can be a life-changing, devastating, and costly mishap. Read on to find out how the future of cybersecurity will affect you in the coming years.
What is cybersecurity?
Cybersecurity is the body of technology designed to protect systems, networks, and programs from third-party digital attacks. These malicious cyberattacks are executed with aims at accessing, modifying, or destroying sensitive information. This includes everything from extorting money from businesses to sabotaging business processes.
Ultimately, the goal of cybersecurity is to serve as an impenetrable armor between confidential data and third-party hackers.
IT security
Though often confused and used interchangeably with cybersecurity, information technology (IT) security, is a subset of cybersecurity that effectively prevents unauthorized access to digital assets including computers, networks, and confidential data. IT security focuses on maintaining the integrity and privacy of data even against the most sophisticated cybercriminals.
Why is cybersecurity important?
For many years, the only users who needed to concern themselves with the ins and outs of cybersecurity were high-ranking corporate business leaders who depended on their IT departments to ensure all digital data was securely stored and protected. It was commonly thought that as long as top-performing anti-virus programs and encryption tools were in place, all was well. However, as technology grew more advanced and the internet made its way into everyday homes, the minimalist cybersecurity fence in place grew increasingly weaker.
Smart homes
Today, the average American’s life is wholly inundated with web-connected technology that is constantly at risk to third-party attackers. In essence, the omnipresence of the internet’s reach and our devout engrossment with smart devices presents cybersecurity as something no one can afford to ignore.
Personal data
While cybersecurity is important for several reasons, the core importance lies in the simple fact that important data should be well protected and accessible to authorized users only. Government, military, financial, medical, and corporate digital landscapes are imbued with an unprecedented amount of sensitive data ranging from intellectual property to personal information. Unauthorized access to these data collections can be massively devastating, so the consequences of poor cybersecurity practices and implementations are immensely severe.
Increasing volumes of sensitive information online
To simplify, cybersecurity is incredibly important because while the internet is free to access and use, it’s also a fruitful breeding ground for cybercriminals to enact their many different types of cyber-attacks and hacks. So long as people and organizations transmit and store confidential data online, there is a need for proper security measures. And as the volume and sophistication levels of cyber-attacks evolve and increase, organizations and individuals must work harder to keep their sensitive information safely secured.
The current state of cybersecurity
2013 marked the first year where the nation’s top intelligence officials cautioned that cyber-attacks were the top threat to national security, eclipsing even terrorism [3]. Since then, we have witnessed some of the most harrowing data breaches to date. Modern cybercriminals are more resourceful and adroit than ever before, finagling their way into intricate high-level systems and accounting for trillions of dollars in losses [4].
To best grasp the current state of cybersecurity, let’s take a look at recent breaches, costs, facts, and figures to gain a more informed perspective.
Breaches
The number of large-scale, high-impact breaches continues to increase with every passing year, suggesting that not only are the cybercriminals behind these attacks becoming more sophisticated but that they’re also affecting more people both nationally and globally. Let’s take a look at some of the most harrowing data breaches of 2019.
During May 2019, WhatsApp revealed that a vulnerability in the system was hacked and spyware was installed on users’ phones. Third-party cybercriminals were able to install surveillance technology onto the phones of WhatsApp users who answered their seemingly innocent phone calls through the app [5]. The messaging system, owned by Facebook, is home to over 1.5 billion users, though the number of affected users is still unknown.
- Quest Diagnostics
Over 11.9 million patients’ medical and financial data were exposed in a massive June 2019 Quest Diagnostics breach. The clinical laboratory company announced that an unauthorized user had gained access to confidential data on nearly 11.9 million patients, including credit card details and social security numbers. Ultimately, the party responsible for the breach was revealed as the American Medical Collection Agency, a partner debt collector [6].
- Capital One
In one of the largest financial institution hacks in history, Capital One’s July 2019 data breach affected over 100 million people. This figure included every existing member, every former member, and anyone who has ever applied for a Capital One credit card. By bypassing a misconfigured web application firewall, the hacker was able to access everything from transaction histories and balances to credit scores and social security numbers.
Costs
The financial costs of cybercrimes have been on a steady rise as average expenditures on cybercrime continue to increase dramatically. The costs associated with these crimes are also on the rise, posing serious financial threats to companies who have yet to make cybersecurity a top priority in their budgeting.
- Data breaches cost companies an average of $150 per compromised account
According to IBM and Ponemon Institute’s annual Cost of a Data Breath report, the average cost of a hacked account is an estimated $150 [7]. This number is a slight increase from 2018’s estimate of $148 per account, though it’s worth noting that this number has steadily increased with every passing year indicating that data breaches are increasing in cost-severity.
- Global spending on cybersecurity is expected to reach $6 trillion by 2021
According to Cybersecurity Ventures, it is expected that global spending on cybersecurity will surpass $6 trillion by 2021 [8]. In order for large-scale fundamental change to take place, organizations of all sizes need to make significant changes toward bolstering security measures to sufficiently battle the challenges brought forth by diligent cyber hackers. This means rearranging budgets and allocating a higher amount of funding toward effective and regular cybersecurity programs and practices.
Facts and figures
- 43% of all cyber-attacks are targeted at small businesses
According to Verizon’s 2019 Data Breach Investigations Report, a staggering 43% of all cyber-attacks are aimed toward small business owners [9]. While this may be shocking as larger, more profitable businesses may be the more lucrative avenue, hackers target small business owners because they are far less likely to have foolproof cybersecurity measures in place.
With the right techniques, cybercriminals can easily gain access to small business owners’ company data and steal consumer information including sensitive personal credentials, credit card details, and social security numbers.
- Only 10% of cybercrimes are reported in the U.S annually
For the sheer amount of reported data breaches that are reported, it’s quite shocking to know that a mere 10% of all cybercrimes are officially reported in the United States leaving an astounding 90% of unreported data breaches flying below the radar.
Though the U.S. is often regarded as a world-leading hub of technology, this status seems to downplay the glaring rate of unreported cybercrimes. While efforts are being made toward raising that number, the obstacle of proving a cybercrime makes it justifiably difficult. For example, in the vast majority of ransomware cases, it can difficult for the targeted victim to seek professional help as the attacker may threaten to expose sensitive information and inflict reputational harm if their desires are unmet.
- Over 77% of organizations do not have a Cyber Security Incident Response plan
According to the IBM and Ponemon Institute study on Cyber Resilience, 77% of organizations are completely unprepared to handle a cyber-attack [10]. A Cyber Security Incident Response plan is designed to serve as a safety net for companies vulnerable to any form of data breach. These plans are intended to soften the blow and ease the associated costs with the volume of compromised accounts.
The future of cybersecurity
The future of cybersecurity depends on battling the current challenges and vulnerabilities of modern cybersecurity programs. This, however, proves difficult as the face of cybercrime is constantly changing and evolving, becoming smarter and more elusive with every new technological rollout.
Traditionally, organizations and governments have focused most of their cybersecurity efforts and resources on perimeter security measures that are implemented to protect only their most critical data and network system components. One of the most significant drawbacks to this tactic is that it only protects against known threats, meaning newly developed hacks and techniques will have no trouble infiltrating considerably robust protection systems.
As cyber threats advance faster than governments and organizations can keep up, the call for hardened cybersecurity comes in higher demand. To build an effective top-end cybersecurity system, there needs to be seamless coordination of the following security measure working simultaneously:
- Network security
- Application security
- Disaster recovery/incident response plans
- End-user training
- Endpoint security
- Database and infrastructure security
- Cloud security
- Data security
- Identity management
- Mobile security
With each of these parts working symbiotically, governments, organizations, corporations, and everyday people are far better prepared to battle cyber-attacks in real-time.
Shaping the Future of Cybersecurity
While the threat of cyber-attacks poses a significant challenge to organizations and individuals across all industries around the globe, the urgency will only increase as technologies such as artificial intelligence, big data analytics, and the Internet of Things further develop and reshape the ways in which we interact with the world around us. Should there be any hope in battling the rising number of attacks and associated costs, the collective attitude towards cybersecurity needs to be led from the top down.
Enterprises must do their part in wrestling with changes to the current state of cybersecurity by sharing threat data and investing in intricate, effective solutions that are near foolproof. Ultimately, the future of cybersecurity is simple; cybercrime will continue to rise and eager, mal-intended hackers will continue to seek out weak systems and extort what data they can. It lies in the hands of society’s driving orchestrators and decision-makers to make the overhaul changes necessary to better protect themselves and the public.
About the Author: Tulie Finley-Moise is a contributing writer for HP® Tech Takes. Tulie is a digital content creation specialist based in San Diego, California with a passion for the latest tech and digital media news.
[1] Risk Based Security; 2019 midyear data breach report
[2] Cybersecurity Ventures; Security Awareness Training Explosion
[3] The Guardian; Cyber-attacks eclipsing terrorism as gravest domestic threat – FBI
[4] Juniper Research; Cybercrime will Cost Businesses Over $2 Trillion by 2019
[6] Washington Post; Quest Diagnostics discloses breach of patient records
[7] IBM; Cost of a Data Breach
[8] Cybersecurity Ventures; Global Cybersecurity Spending Predicted To Exceed $1 Trillion From 2017-2021
[9] Verizon; 2019 Data Breach Investigations Report
[10] HelpNet Security; 77% of orgs lack a cybersecurity incident response plan
