Enterprise security, like always, is about the data: where is it, who can access it, and how is it being protected.
The world is already entirely dependent on technology and connectivity. To keep up in today’s economy, organizations need to use every resource at its disposal. However, this dependence can also be an organization’s downfall. Information Security Forum (ISFM) recently released what they see as the Threat Horizon for 2019. In their document, ISFM grouped several major threats into three themes: Disruption, Distortion, and Deterioration.
The first theme, Disruption, is concerned with our over reliance on connectivity. According to ISFM, we should be worried about premeditated internet outages as part of economic warfare and ransomware hijacking the Internet of Things (IoT). With the precarious international relations of today, core Internet infrastructure will become a high value target for nation states and terrorist organizations aiming to cripple an economy. This can be done through ransomware attacks and hijacking the IoT, or even social engineering. To prepare for such a threat, ISFM recommends looking into alternative methods of communication such as telex, satellite, or microwave.
The second theme, Distortion, is applicable to the public’s loss of trust in the integrity of information. The daily news cycle often mentions fake news, in fact it’s mentioned so much that there is a large distrust in the media. This spread of misinformation is largely due to automated transmissions of misinformation by artificial intelligences or bots. Currently, these bots target individuals on social media to sway public opinion. However, it is likely that they will begin to target commercial organizations as well. To prepare a defense against such attacks, build scenarios covering the spread of misinformation in the organization’s overall incident management process.
The final theme, Deterioration, regards the erosion of controls by regulations and technology. This mainly has to deal with the new EU General Data Protection Regulation (GDPR) and the multiple similar regulations in the process of being adopted. With the new surveillance laws, organizations are having a difficult time defining the security arrangements around data reservoirs collected by ISPs. Attackers will exploit this to gather metadata. Furthermore, the changes to privacy regulations can get in the way of monitoring insider threats. To combat this, it is recommended to commit to inter-organizational collaboration, and take legal advice on user monitoring.
As you can see, 2019 will have a lot of threats to worry about. Don’t let these threats affect your business. Organizations need to collaborate across their supply chain more than ever. This means ISPs and Cloud as a Service providers need to consistently work closely with their clients to protect data and connectivity. If you start preparing now and keep in tune with what the analysts and experts predict, your company should come out a winner.
