Disruptive Trends to Chief Security Officers
The most disruptive trends to Chief Security Officers are the Internet of Things (IoT), data manipulation, workforce gap, cloud computing, and cybersecurity’s impact on physical security.
1. INTERNET OF THINGS (IOT) AND THE BIG DATA EFFECT
- One of the main trends identified by experts is how the IoT (Internet of Things) is changing cybersecurity. Once many devices connect, CSOs have to work very closely with the business units to provide expertise and technology to minimize risks.
- In 2018, hackers used an internet-connected thermometer in an aquarium in the lobby to hack a casino, gaining access to high-rollers database and "then pulled it back across the network, out the thermostat, and up to the cloud."
- According to Chris Wilder, a senior analyst focused on the IoT and cybersecurity, organizations are being forced to take on more responsibility to ensure the integrity of their data and most of them are not yet prepared to face this new challenge.
- Scott Schafer, Chairman of the Board of the Security Industry Association (SIA) said, "modern physical security solutions are comprised of IoT devices and sensors that generate high volumes of security data. Applying analytics and AI systems make this data more actionable and increase responsiveness for security systems users."
- The IoT is predicted to continue to disrupt the security of cyber-physical systems.
- IoT has proven to be particularly dangerous when it comes to medical devices. Researchers found out that many of those devices were not properly protected, some of them were not even password protected.
- Bain & Company survey discovered that enterprise customers would buy and pay more for IoT devices if their security concerns were addressed, with over 50% stating that security was a barrier for the implementation.
- A poll with Black Hat USA attendees was made to determine their degree of concern about IoT security. Sixty percent said they were more concerned about IoT security in 2018 than in 2017, 20% said they personally encountered an IoT related attack, and 14% said that they were not sure if their devices suffered any attacks.
- The main issue with IoT security is the protection of personal data, botnets and network compromise.
2. DATA THEFT TURNING INTO DATA MANIPULATION
- More companies are shifting their data and applications to the cloud system, however, they often deploy cloud data solutions without verifying security issues, such as encryption. Hackers are changing their tactics and instead of stealing data they began to manipulate it.
- In 2018, California passed an online privacy law that requires companies to disclose, on demand, uses and sales of consumer information. The law set a trend that could change data privacy requirements in the USA.
- Data manipulation can be hard to detect since the changes can be very small and easy to miss but can have potentially big effects in the long run.
- One of the main problems with data manipulation is that the hackers do not need to exfiltrate any data from the system, therefore, typical tools and techniques security teams normally rely on could be unhelpful.
- Nation-states and terrorist groups are the most probable culprits of data manipulation attacks.
3. CLOUD COMPUTING
- McAfee released research that shows that in 2018, the sharing of sensitive data over cloud increased by 53% over the previous year. Of all files in the cloud, 21% contain sensate data and 48% are shared.
- The sensitive data was: company confidential data (27%), email data (20%), password-protected data (17%), personally identifiable information (PII) (16%), payment data (12%) and personal health data (9%).
- McAfee reported that enterprises have "an average of 14 misconfigured infrastructure-as-a-service (IaaS) instances running, resulting in an average of 2,200 misconfiguration incidents a month where data is exposed to the public".
- When it comes to cybersecurity, according to Alert Logic, hybrid had the highest number of incidents, followed by hosted private cloud, on-premises data center and public cloud.
- The most common type of incident was: web application attack (75%), brute force attack (16%), recon (5%) and server-side ransomware (2%).
- According to ShieldX, the six categories of security threats most likely to happen in 2018 are cross-cloud attack, cross-data-center attack, cross-tenant attacks, cross-workload attack, orchestration attacks, and serverless attacks.
- Most companies are starting to use clouds to store critical and proprietary company information (56%) or marketing assets (53%).
- For effective security, it is not just protecting the connections between data and users, it should also "secure literally every connection to every physical or virtual device across the distributed infrastructure".
- According to CSO, security today needs to span the distributed infrastructure, dynamically scale when application resources grow and adapt as the infrastructure adjusts to changing demands. Traditional security models are obsolete.
4. CYBERSECURITY WORKFORCE GAP
- According to the CSIS, "education and training institutions in the United States have so far found it difficult to keep pace with the growing need for cyber talent".
- The USA faces a shortage of 314,000 cybersecurity professionals in 2019 and that shortage is even more acute between highly skilled technical staff. The country’s total employed cybersecurity workforce is 716,000.
- A 2018 cybersecurity labor market analysis in California discovered that 60% or more of employers reported some or great difficulty finding qualified candidates.
- Cybersecurity job postings have grown 3x as fast as IT jobs and 75% of organizations report understaffed security teams.
- Organizations are aspiring for graduates who can "design secure systems, create new tools for defense, and hunt down hidden vulnerabilities in software and networks".
- In 2018, ISACA found that 61% of organizations believe that fewer than half of all applicants for cybersecurity positions are qualified for the job.
- According to CIO, the most in-demand cybersecurity skills are penetration testing and intrusion detection, DevSecOps, Cloud Security, and Encryption.
5. CYBERSECURITY’S IMPACT ON PHYSICAL SECURITY
- Attacks can gain access to attack the physical access control system or enterprise components.
- Cybersecurity’s Impact on Physical Security tops the 2019 Megatrends for cybersecurity.
- Cyber attacks could cause disturbances in the control of power systems and electrical grids.
- More and more industries are utilizing IoT and Industry 4.0 solutions.
- New threats could compromise physical security to production, spoilage of products and damage equipment, which would ensure financial and reputation losses.
- There are concerns that manufacturers of physical security devices do not possess enough qualified talent and this impacts cybersecurity and data protection and privacy.
- There have been multiple examples of access control systems being hacked, giving intruders access to a facility.
- As physical security becomes more and more connected to several devices, the need for cybersecurity increases and if it is often not met, the risks will continue to rise.
We started our research by determining what are the most disruptive trends to Chief Security Officers through credible and recent sources. We found the SIA forecasts for 2019 – Security Megatrends, based on survey data generated from association leadership, top security industry business leaders, and key volunteers. In order to confirm the trends, we did further research and found reports from different outlets related to the field like Security Industry, Information Age, and Forbes. These sources list similar trends. We chose the first four trends from the SIA list and included data manipulation since reports considered it to be the newest trend. Lastly, we took a deep dive into each category/trend, providing important insights from sites like Security Industry, Forbes, IoTforall, Bain, CsoOnline, CSIS, and CIO among others.