Cybersecurity: The top three predictions that will headline 2020
Ransomware has become big business and leads the top predictions of what will headline 2020 in the way cyber security trends, according to Veritas.
Ravi Rajendran, vice president and managing director of Asia South Region, Veritas, says ransomware, container technology and AIOps adoption are the top three trends in this space for the next 12 months.
Ransomware has become big business
Rajendran says cybercriminals have long relied on social engineering as one of their most successful modes of attack.
"By fooling employees to share information or download their malware, ransomware attackers acquire the credentials they need to capture a company's most important digital assets," he says.
"Without a clean backup copy of an organisations entire data catalog, users are held hostage at the mercy of criminals seeking monetary gain."
To stay ahead of the cat and mouse game, Rajendran says cybercriminals techniques will evolve in response to more rigorous company policies.
"We're already seeing the beginnings of a secondary illegal market for stolen credentials. On the dark web, ransomware is fuelling the rise of a burgeoning market that makes it quick and easy for cybercriminals to gain remote access to corporate systems," he explains.
"This boom is being supported by a shifting attack strategy that will only become more embedded in 2020. Ransomware attackers will increasingly target their efforts, not on existing employees, but on adjacent targets and other accounts with access to the systems of their intended victim," Rajendran says.
This includes outside contractors, freelancers, partners and approved vendors.
"In Singapore, the latest malware incidents that hit before we close out the year is yet another timely reminder that ransomware will no longer be a matter of data denied," he says.
"It will be a case of data compromised. Globally, the public sector, healthcare and manufacturing are emerging as some of the most likely targets. To bolster data security, the Singapore government has set up the high-level Public Sector Data Security Review Committee (PSDSRC)."
One of the key recommendations for improving transparency in the public sector's data security is to publish the government's policies and standards relating to personal data protection and provide an annual update, according to Rajendran.
"At Veritas, we believe that this is a step in the right direction as publishing these standards also allows vendors that work for the government to understand the standards that must be met. Very soon, data responsibility wont just be for internal consumption. It will be how organisations do business and choose who they work with," he explains.
The growth of containers
Rajendran says container technology will continue to make businesses more versatile in their ability to deploy and scale applications.
"This rapid deployment is leading to questions about data integrity as an increasing number of new containerised applications are designed to create and modify persistent data. This evolution is emphasising the need for mature backup and recovery processes that protect containerised data and applications wherever they reside," he says.
"Currently, container technology allows for rapid and portable deployment of environments that furthers the abstraction started with virtualisation and enables additional abstraction of the hardware," says Rajendran.
"As organisations continue to shift workloads and transition to hyperconverged infrastructure, they will need the simplicity, ease of use, faster infrastructure deployment and the ability to easily scale," he says.
In addition, Rajendran says containers allow admins to embrace the concept of a cloud experience from an on-prem infrastructure.
"It provides them with the ability to run a server for an application, rather than waiting two weeks to get access to hardware, among additional processes. While the data still needs to be compliant, safe and be interrogated as needed, container technology provides a birds eye view of the data to those who need it. This is particularly important with the continued rise in edge computing where data is being generated everywhere and becoming more siloed, as well as the constantly shifting regulatory landscape," he explains.
The year of AIOps adoption
"Many organisations have been experiencing a shift from the traditional core enterprise data center to a decentralised on-prem and cloud infrastructure. Another major trend is what I've termed Digital Users. Digital Users include machine agents, containerized applications (as above), process-oriented analytics, IoT devices and API-driven infrastructure," says Rajendran.
"Digital Users can number into the thousands and quickly expose the complexities associated with the manual processes required to deploy infrastructure, apps, and data management and protection services.
"AIOps and API automation holds the promise to abstract complexity and provide significant new levels of autonomous processes. These are significant trends that will make AIOps an imperative in 2020," he says.
Looking ahead to 2020, Rajendran says collecting data from various systems, tools and devices and the application of analytics, AI and machine learning will gain speed, simplifying the adoption of Digital Users, enhancing IT operations and information management with capabilities that will include:
- Automatic detection and self-directed, real-time action on events and issues
- Automated workload and data analysis that drives resiliency orchestration
- API enabled provisioning, management, protection and recovery
- Proactive data classification and action spotlighting potential risks and threats