[Posted on behalf of Dan Lohrmann, Chief Strategist & Chief Security Officer Security mentor, Inc.]
“The main thing is to keep the main thing the main thing.” These wise words of world-renowned business author Stephen Covey challenge each of us as we stand on the precipice of a new decade.
But what’s the ‘main thing’ when navigating technology as we enter 2020?
The simple answer is… Cybersecurity.
As innovation explodes into every area of our lives, cybersecurity is providing the glue that can enable the good and disable the bad for implementing cutting-edge innovation as well as reducing risk from older vulnerabilities. We also see cybersecurity continue as the top priority for chief information officers (CIOs) in 2020, just as it has been for most of the past decade, with groups like the National Association of State CIOs (NASCIO).
But even as cybersecurity solutions offer a way forward to ensure privacy protections are workable and effective, most people see the data breaches, ransomware, identity theft, denial-of-service attacks and other cyberattacks as proof that cybersecurity has become the Achilles Heel, not the savior, for new innovation. Even as exciting advances occur in artificial intelligence (AI), autonomous vehicles, 5G networks cloud computing, mobile devices and the Internet of Things (IoT), these same developments seem to cause negative societal disruptions that make daily news headlines.
So what will happen next with cybersecurity? That’s what this annual security prediction roundup will cover, from the perspective of the top cybersecurity industry companies, thought leaders, executives and journalists. Every year we catalogue the evaluators to see who has made a New Year’s security prediction list and checked it twice.
And the best security industry prediction reports do much more than just make educated guesses at what might happen in the future. The top 20 security predictions for 2020 dig deep into global security incident databases, analyze what’s working and what’s not, examine new cyber solutions and use science and data to gaze into the future.
The best prediction research shows us the “who, what, when, where and how” about the cybersecurity statements made. Some forecasts even include the why — with the best offering detailed context and a wider story that crosses years and sometimes even decades and learning from history. These presentations offer their materials in professional ways to maximize end-user usefulness regarding potential answers and recommended actions for enterprises and individuals to take.
Some call them security predictions, while others refer to them as cybersecurity trends. Several researchers prefer to offer “cybersecurity forecasts,” while others refer to “growing trends” or “situational outcomes” — based upon connecting the incident dots or running various data breach scenarios. Regardless, the central questions are very similar and methodologies used are (generally) repeatable.
2020 — and the New Decade
What are the greatest threats for the coming year? What solutions will be most important? What data breaches or ransomware attacks or other threats will cause the most harm? And readers say: "The more detail the better — please."
Common prediction themes across vendors include the 2020 elections in the U.S., more targeted ransomware, more ways to attack the cloud, and an explosion of problems with deepfake technology.
There’s disagreement on the most important cyberthreats to focus on as we head into 2020, even though everyone agrees that cybersecurity is more important than ever before. Just as in 2019, we have the continuation of arguments for and against AI (i.e., how helpful is AI really and will our enemies use it or not?). Also, the continued disagreement on whether cloud versus mobile threats are more of a challenge.
For 2020, AI does show up again in a number of new ways — with several specific warnings for those who fail to use AI to counter bad actors who will be using it.
There are also many ways that you and your organization can benefit by studying these predictions and implementing recommendations, and we outline several of those career benefits here. As always, I encourage you to visit the full reports, blogs, articles, PDFs, videos, and other materials referenced (hyperlinked) to dig deeper into the details on each company prediction list.
Please note that the embedded videos are only a small part of the marketing of these wider prediction reports. I also encourage readers to review the award winners for 2020 predictions at the end of this post.
Quick Security Prediction Recap on the Teen Years within the 21st Century
I’ve been writing about security predictions for more than a decade, and this annual holiday season tradition is now exploding even faster than the overall cybersecurity industry — mainly because cyberprotections are showing up as a top priority in every other industry from finance to defense and from government elections to toys. And make no mistake, this topic carries much more weight now than in December 2009, when we were heading into the second decade of the 21st century.
As I wrote back in 2016, while some were predicting that the cybersecurity industry would diminish in importance and be automatically built into every technology product (and quietly protect us from behind the scenes), the opposite has happened. Cybersecurity predictions, and the information security market overall, continue to surge as we head into 2020. Here’s what I wrote four years ago:
“The more the security and technology industries grow, the more predictions we will have. From the Internet of Things, to new technologies to robots to self-driving cars, do you really think we will be talking about security and privacy less in 2020? I don’t.
Predictions are not new, and they are not going away. In fact, they are just getting started. Congratulations security industry, and welcome to center ring in this three-ring circus. Yes, it is a very big circus, but that’s where all the action is.”
This year has brought (by almost double) the largest and most diverse number of security predictions ever online — when measured by several metrics. I received literally hundreds of emails and thousands of individual predictions — and also went out to explore as much of “the rest” online as of mid-December 2019. If we missed you or you want to add a prediction, email me at the https://www.govtech.com/blogs/lohrmann-on-cybersecurity/ contact address listed, and you may get a mention near the end — with a link to your list of your 2020 cyber insights. Our goal is to be as comprehensive as possible with this forecast summary and be a one-stop shop for security prediction lists for 2020.
As a reminder, here are the prediction reports from the past three years for your review and to help keep score:
The Top 19 Security Predictions for 2019
The Top 18 Security Predictions for 2018
The Top 17 Security Predictions for 2017
The Top 20 Security Predictions Reports by Security Industry Company
1) Trend Micro – We lead off with another WOW prediction-report from Trend Micro – which takes the top vendor prize for best prediction report for the third year in a row. (And it wasn’t a close call.)
Here’s the Trend Micro intro: “The year 2020 marks the transition to a new decade, and recent notable events and trends signify a similar changeover in the threat landscape. Cybersecurity in 2020 and beyond will have to be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to advancing technological developments and global threat intelligence — only so defenders can keep up with and anticipate cybercrime mainstays, game changers, and new players. …”
A visit to: The New Norm: Trend Micro Security Predictions for 2020 will quickly show you the thought-provoking, creative, expert research and packaging that sets this report apart. Trend Micro groups their detailed predictions into 4 sub-headings (with explanations under each prediction) about our cybersecurity future, including:
Complex (these are only small excerpts):
Attackers will outpace incomplete and hurried patches.
Cybercriminals will turn to blockchain platforms for their transactions in the underground.
Banking systems will be in the crosshairs with open banking and ATM malware.
Deepfakes will be the next frontier for enterprise fraud.
Exposed:
Cybercriminals will home in on IoT devices for espionage and extortion.
Critical infrastructures will be plagued by more attacks and production downtimes.
Misconfigured:
Vulnerabilities in container components will be top security concerns for DevOps teams.
Serverless platforms will introduce an attack surface for misconfiguration and vulnerable codes.
User misconfigurations and unsecure third-party involvement will compound risks in cloud platforms.
Defensible:
Predictive and behavioral detection will be crucial against persistent and fileless threats.
Threat intelligence will need to be augmented with security analytics expertise for protection across security layers.
One great Trend Micro example on deepfakes: News of cybercriminals using an AI-generated voice in social engineering surfaced in 2019. An energy company was reportedly defrauded of US$243,000 by scammers who used AI to mimic the voice of the firm’s CEO. More attempts will exploit the technology, using deepfakes of decision-makers to deceive an employee into transferring funds or making critical decisions.
For 2020 the FireEye Report is entitled, The Road Ahead: Cyber Security in 2020 and Beyond. They include some insightful video from their top leaders and offer interesting perspectives from different vantage points in their organization. (However, I missed the opening letter from CEO Kevin Mandia that we saw last year, along with solid overall company predictions. See Kevin's video interview below.) For example, here are insights from Sandra Joyce, Senior Vice President of Global Intelligence:
Big Picture – We are all targets. (If you work with a high value target, you are also a high-value target.)
Ransomware Tactics Evolving - In 2020, defenders need to be looking out for new techniques involving ransomware. What we’ve been seeing in the underground is threat actors advertising their access to organizations, no matter what industry, and trying to find partners who have ransomware that they can deploy deep in those networks in a very customized fashion. We’ve also seen some of the most sophisticated criminal intrusion operations shift to this type of ransomware deployment, away from other tactics.
Steven Booth the FireEye CSO leads with: “Proof of Compliance”
In 2020 there will be a broadening push on providers to offer more proof of compliance to industry regulations and customer requirements, with clear ways for their customers to validate that vendors are doing what they say they are doing.
Overall, the FireEye's prediction report addresses these topics:
How increasing use of the cloud continues to change security
The skills gap and thinking outside the box when it comes to staffing
Threats such as ransomware and weak spots such as supply chain
Cyber activity during the upcoming U.S. elections
How organizations and vendors need to start thinking about security
The emerging role of the general counsel
The continued evolution of information operations
Geopolitics as a driver of cyber activity
Increasingly sophisticated cyber criminal operations
This interview with Jim Cramer and FireEye CEO Kevin Mandia on CNBC discusses 2020 election threats.
WatchGuard’s named their report: “A Simplified Approach to staying secure in 2020,” which is in contrast to the Trend Micro approach regarding complexity. What sets them apart (again) is the helpful video content to support each prediction, which is very professionally delivered.
Here are WatchGuard’s main predictions:
Ransomware Targets the Cloud
GDPR Comes to the USA
Voter Registration Systems Targeted During 2020 Elections
The CyberSecurity Skills Gap Widens
During 2020, 25% of All Breaches Will Happen Outside the Perimeter
Attackers Will Find New Vulnerabilities in 5G / WiFi Handover
Multi-Factor Authentication (MFA) Will Become Standard For Midsized Companies
Deepfakes was a term that was coined in 2017 and relates to fake videos being created by deep learning techniques. We expect deepfakes to make a notable impact across all aspects of our lives in 2020 as their realism and potential increases. Our prediction is fourfold:
Ransomware authors will send targeted deepfakes to ransomware targets. Recipients will see realistic videos of themselves in compromising situations and will likely pay the ransom demand in order to avoid the threat of the video being released into the public domain.
It is well known that Business Email Compromise/Business Email Spoofing has cost businesses billions of dollars as employees fall for the scams and send funds to accounts in control of cybercriminals. In 2020 deepfakes will be used to add a further degree of realism to the request to transfer money.
We have already seen deepfakes in the political arena in 2019. With the 2020 United States presidential elections due in November 2020 we expect deepfakes to be leveraged as a tool to attempt to discredit candidates and push inaccurate political messages to voters via social media.
We will see Deepfakes As A Service move to the fore in 2020 as deepfakes become widely adopted for both fun and malicious reasons.
Some other predictions from Forcepoint include (see the full report for the details):
5G offers unprecedented data theft speeds
Organizations will become “Cloud Smart” but remain “Cloud Dumb”
Organizations will mature in their approach to data/privacy protection legislation
Cybersecurity strategies will incorporate a move from Indicators of Compromise to Indicators of Behavior
Broader Deepfakes Capabilities for Less-Skilled Threat Actors
Adversaries to Generate Deepfakes to Bypass Facial Recognition
Ransomware Attacks to Morph into Two-Stage Extortion Campaigns
Application Programming Interfaces (API) Will be Exposed as The Weakest Link Leading to Cloud-Native Threats
DevSecOps Will Rise to Prominence as Growth in Containerized Workloads Causes Security Controls to ‘Shift Left’
McAfee also offers these separate privacy predictions for the coming year:
More Awareness, More Regulations
New Tricks for the New Year
Dark Web Draws in More Data
6) Splunk – Splunk again offers another very good prediction report, with several similar predictions to others. I did like the thoughtful quote at the start of their report: “It does not do to leave a live dragon out of your calculations, if you live near him.” — J. R. R. Tolkien
Splunk broke their predictions down into categories like:
Social Engineering
Deepfakes will uplevel the danger of social engineering. New ways to lie make it more imperative to instill a strong security culture.
Critical Infrastructure
Cyber attacks will hit home (literally). Hackers and nation-state attackers are targeting systems that run our day-to-day lives, and they’re already succeeding. It’ll only get worse in an election year.
Cloud Security
Hackers will find new low-hanging fruit in the cloud. The most advanced (and potentially devastating) cloud attacks will occur at machine speed in 2020.
Threat Intelligence
MITRE ATT&CK will become the go-to framework and common vocabulary for every SOC. The real-world knowledge base has made tremendous gains in security circles, and deservedly so.
7) Kaspersky Labs – Kaspersky always produces a ton of great material regarding threats for the coming year, threat reports, detailed analysis of risks, and so much more from all over the world. The problem (and reason they are not higher on this list) is that it is hard to find and very segmented and targeted towards many different audiences. While this may be a deliberate marketing tool that works for them around the world (and they are much bigger outside the USA), it is tough to find one solid list of all their predictions.
The good news, is that I have pulled from several lists and provide links here.
To begin, visit Kaspersky’s report: “Advanced Persistent Threats in 2020: abuse of personal information and more sophisticated attacks are coming.” Here are their headline items (with details at the links, as always):
The abuse of personal information: from deep fakes to DNA leaks
False flag attacks reach a whole new level. Explanation: This will develop further, with threat actors seeking not only to avoid attribution but also to actively lay the blame on someone else. Commodity malware, scripts, publicly available security tools or administrator software, mixed with a couple of false flags, where security researchers are hungry for any small clue, might be enough to divert authorship to someone else.
Ransomware shifts toward targeted threats.
New banking regulations in EU open new attack vectors.
More infrastructure attacks and attacks against non-PC targets.
Cyber-attacks focus on trade routes between Asia and Europe.
New interception capabilities and data exfiltration methods.
Mobile APTs develop faster.
Personal information abuse grows, armed with AI.
Also visit these excellent Kaspersky reports on the present and future:
IT security economics in 2019
Financial threat predictions in 2020: fintech, mobile banking and e-commerce to intensify
Ready Or Not… Balancing Future Opportunities With Future Risks.
Biometric Risks
How will the cybersecurity industry evolve in 2020?
8) Sophos really stepped up their game this year with this Sophos Labs 2020 Threat Report. Just a well-done, solid material with plenty to offer – and excellent lead-in exec summaries here. They even take a 10-year-out prediction with a bold: “Ten years out, machine learning targets our ‘wetware.’”
Top Sophos predictions (with detailed analysis on each item) include:
Ransomware attackers raise the stakes
Mobile malware trends: Dirty tricks are lucrative, Ad money feeds non-malicious scammers, Fleeceware charges consumers hundreds, Bank-credential stealers evade Play Store controls, Hidden Adware.
The growing risks of ignoring "internet background radiation" - Remote Desktop Protocol in the crosshairs, Public-facing services targeted by increasingly sophisticated automation, Why Wannacry may never totally disappear, and why you should care.
Cloud security: Little missteps lead to big breaches - The biggest problem in the cloud is the cloud itself. Misconfiguration drives the majority of incidents. Lack of visibility further obfuscates situational awareness. A hypothetical cloud security breach incident.
9) Checkpoint offers their: 2020 Vision: Check Point’s cyber-security predictions for the coming year. There are 5 global cybersecurity predictions and 10 technology cybersecurity predictions. Here are some highlights:
Global cyber-security predictions for 2020:
A new cyber ‘cold war’ – The new cold war is intensifying, and taking place online as Western and Eastern powers increasingly separate their technologies and intelligence. The ongoing trade war between the U.S. and China and the decoupling of the two huge economies, is a clear sign. Cyber-attacks will increasingly be used as proxy conflicts between smaller countries, funded and enabled by large nations looking to consolidate and extend their spheres of influence, as seen in the recent cyber operations against Iran, following attacks on Saudi Arabia’s oil facilities.
Fake news 2.0 at the U.S. 2020 elections
Cyber-attacks on utilities and critical infrastructures will continue to grow
Technology cyber-security predictions for 2020:
Targeted ransomware
Phishing attacks go beyond email
Mobile malware attacks step up
10) RSA Security (A Division of Dell) - RSA offers this easy to find and very well done report (that is very easy to use and jump around) with 20 Predictions for 2020: Preparing for the Future of Digital Risk.
They cover Business Predictions, InfoSec Predictions, Technology Predictions, Cyber Predictions, Consumer Predictions and Regulatory Predictions. While we liked RSA’s graphics and great displays, the predictions seemed a more like trends than new happenings. Still, definitely worth reviewing this report.
Here are their top 5 Predictions:
The rise of the cyber-savvy board
Authentication demands adapt to evolving needs
A focus on data sovereignty in the Middle East
Brexit brings new risk assessments
Security shifts left - Increasing demand for cloud-native apps will force security teams to work more closely with DevOps. Moving pen-testing and code analysis up in the development lifecycle will boost product security.
This separate prediction article with RSA execs is also very good.
11) AT&T - AT&T ThreatTraq came out with This Video With Predictions and Thoughtful Commentary. What I like about this is the relaxed, expert commentary which explains these three predictions in detail in a comfortable setting via a conversation.
Second, Malware Will Take Advantage of Domain Fronting
Third, IoT Security getting better.
12) Beyond Trust has a solid list of security predictions, that also go deeper into the 2020s (to 2025) with this lead in quote: “The more CISOs and other IT staff understand the security implications of evolving technologies, the better prepared they are to make the right investments for their business,” said Morey Haber, CTO and CISO at BeyondTrust.
Here are a few highlights for 2020:
Malware Auto-Updates Increase – Since many applications auto-update, cyber criminals now target cloud-based update mechanisms using a variety of techniques. Most users trust their applications to auto-update and may be unaware of the threats made possible by a compromised cloud connection. Although old-school software piracy is on the decline due to the cloud, cyber criminals’ creativity will continue to zone in on auto-updates to infect users. Expect high profile applications and operating systems to be targeted by these advanced threats in 2020.
Reruns of Old CVE’s
Identities Become the Latest Attack Vector
Here are a few Beyond Trust highlights through 2025:
End User Passwords Phase Out – Operating systems and applications will continue to push to end dependency on
Next-Gen Processors Gain Footing
Facial Recognition Transactions Increase
Cloud Offerings Triple
Comments