When the Information Security Forum (ISF) released its Threat Horizon 2019 report, the publication depicted a grave rendition on the effects that expansive hyper-connectivity and IoT devices could have on disrupting the cybersecurity landscape. The report used pre-established trends and algorithms going into the 2017 year as projections to map out scenarios that could occur over the next two years. One of the report’s biggest themes was how the increase in total IoT devices being connected will correlate with the increase in frequency and sophistication of cybercrimes.
“How an organization responds to today’s increasing cybersecurity threats will vary based on a number of factors, including its unique blend of people and skills, products, and services offered and approach to risk management,” says Steve Durbin, managing director of the ISF. “However, an organization that is well-informed about emerging technologies and corresponding threats will be best placed to make winning decisions. The key differentiating factor will be the degree to which organizations are prepared to meet the challenges of a fully connected society.”
According to the ISF report, IoT devices will continue to leak sensitive information from both private individuals and corporate entities. We could see rogue governmental factions using terroristic entities to launch cyberattacks, most of which will happen to companies and individuals that are largely misinformed about the current standards and capabilities of technological devices and security protocols. By 2019, corporate entities and organizations will be subjected to an interconnected world where all degrees of technological change will have significantly accelerated during that span, compared to the rate of growth we’ve witnessed in recent years.
In addition to hostile-natured cyberattacks, corporations could also be susceptible to premeditated Internet outages, ransomware, hijackings of servers and networks, along with the distribution of compromising misinformation that could unfavorably impact surveillance laws and privacy regulations that have previously mitigated insider threats. One of the impulsive responses to exposure from such hostile cyberattacks could result in companies deploying various forms of AI that could lead to uncertain outcomes.
The report primarily highlighted the major threats corporate entities and organizations should be wary of into three main themes. “Disruptions” could simply derive from overly relying on fragile connectivity, which could completely rework how continuity of business is organized and enforced. “Deterioration” could arise from the eroding control of regulations, prompting a spike in focus on assessing and managing risks, along with an increased prevalence of AI in everyday technology. Lastly, “Distortion” would result in a sharp decline of trust in authenticity of information, cause the monitoring or access and changes on sensitive information to become vital, and make the development of incident management procedures more intricate.
The report included many ways that recommended protecting sensitive information assets. Companies can engage with stakeholders by changing existing business continuity plans so they can agree on alternative communication methods. Through lobbying, minimum security standards for IoT devices through regulations can be achieved, along with clearly establishing who can specifically access highly sensitive assets and how they should be managed. Access and changes to sensitive information can be monitored using resources like Federated Identity and Access Management (FIAM) systems, along with Content Management Systems (CMS). The report also encouraged the formation of coalitions to conduct risk assessments so the impacts of losing metadata by communications providers could be better understood.
Filed Under: Cybersecurity, M2M (machine to machine)