1. Implement GDPR
The EU General Data Protection Regulation (GDPR) requires every enterprise operating in the EU to protect the privacy and personal data of EU citizens. If you don't obey the rules, you will be punished very highly. GDPR has very extensive regulations on the composition of personal data, so it will be a very heavy work. In a report on data privacy law in July 20 18, Ovum pointed out that two-thirds of enterprises thought they would have to adjust their work processes to achieve compliance, and more than half of them were worried that they might be fined for non-compliance.
2. Manage managed and unmanaged devices
With the increasing number and range of mobile devices (hosted and unmanaged) used by users, enterprise networks are facing arduous challenges in reducing related risks. The Internet of Things connects many networked devices (many of which have little or no built-in security) to the previous secure network, resulting in an exponential increase in the number of vulnerable terminals. Enterprises should grasp this trend, control the use of unmanaged equipment to a certain extent, and establish a clear agreement for managed equipment.
Make a complete list
According to a survey conducted by Ponemon in 20 18, although 97% of security professionals think that cyber attacks caused by unsafe devices may have a disastrous impact on their enterprises, only 15% of enterprises have a list of IoT devices connected to their systems, and less than half of them have security protocols that allow them to disconnect from devices considered as high-risk. Enterprises must take the initiative to take measures against these vulnerabilities. This year, we hope to see more enterprises follow NIST's best practice recommendations and establish real-time inventory for all networked devices. Not only those devices connected by wire, but also those connected by Wi-Fi and Bluetooth.
4. Targeted phishing attacks
For hackers, personal data is an increasingly profitable asset. You can buy data mined from attacks on social media sites such as Facebook from the dark net, and then use the data to provide social engineering attack engineers with the information they need to successfully target individuals. This has led APT (Advanced Persistent Threat) organizations to launch more and more complex attacks. Nowadays, few people will fall into the "Nigeria" scam, but if phishing emails come from credible sources or quote personal data that you don't think spammers will have, it will be difficult to find out. Kaspersky believes that harpoon fishing will be the biggest threat to enterprises and individuals in 20 19 years.
5. Ransom software and mining hijacking
Although ransomware attacks are decreasing, they have been replaced by mining hijacking (hijacking computer mining cryptocurrency) to some extent. These attacks use tactics similar to ransomware, but require less technical expertise. Malware works in the background without users' knowledge, so it is difficult to estimate the true scale of this problem, but all the evidence shows that this problem is getting more and more serious.
The sensational attack of 20 18 (WannaCry, NotPetya) also shows that although the number of random low-level ransomware attacks is decreasing, complex targeted attacks will remain a problem for some time. We predict that mining hijacking and targeted extortion attacks will continue to increase in 20 19 years.
6. User access rights
Effective management of user rights is one of the cornerstones of strong security measures. Granting users unnecessary data access rights or system rights will lead to accidental and intentional abuse of data, leaving loopholes for external attacks. Identification and Access Management (IAM) system is the main method to deal with this risk. It provides administrators with tools to monitor and evaluate visits to ensure compliance with government regulations and corporate agreements. Many solutions in this emerging field are still in their infancy, but they have proved their commercial value. We expect that there will be more and more solutions in the coming year.
7. Endpoint Detection and Response (EDR)
Endpoint detection and response is a new technology that can continuously monitor access points and directly respond to advanced threats. EDR solutions mainly focus on detecting events at entry points, including preventing network infection, investigating any suspicious activities and remedial measures to restore system integrity. The traditional endpoint protection platform (EPP) is mainly preventive. EDR enhances threat detection, far beyond the capabilities of traditional EPP solutions, and uses behavior monitoring and artificial intelligence tools to actively search for anomalies. The nature of network threats has changed, and we hope to have a new wave of security solutions, combining traditional EPP with emerging EDR technology.
8. Deep false video
Seeing is not necessarily believing. Automated artificial intelligence technology has been developed, which can create and detect deep false videos. Such videos may depict celebrities or politicians who engage in illegal or pornographic activities, or heads of state who make inflammatory remarks. Even if the image is proved to be false, it will cause lasting reputation damage or serious irreparable consequences. This not only highlights the importance of fact checking, but also makes people vaguely worried about this technology. Deep fake videos often spread like viruses, which makes them an excellent tool for spreading malware and launching phishing attacks. In the next year, we should all be alert to this bad trend.
9. Cloud security
Migrating services and computing solutions to the cloud has brought many benefits to enterprises. However, this has also opened up new areas of risk. Worryingly, there is still a big gap in network security skills, and a new generation of cybercriminals are actively exploring the use of cloud services to find loopholes. Many enterprises are still not sure to what extent they should be responsible for protecting data, and even the best systems may be destroyed by violating the agreement. We need to redefine the security of the cloud and take proactive measures.
10. User awareness
Almost all the above areas ultimately depend on the user's understanding. The capacity of a barrel depends on the shortest board. If we want to protect our data and network, then we must all take risks. Most importantly, we hope that all users can raise their awareness and have a more comprehensive education in limiting threats and remedial measures. Knowledge is power, which is in our hands.
(Original title: These top ten network security trends, no one can escape! But the result depends on ...)