Cyber Trends Worth Watching in 2019February 1, 2019
It's a new year, and like many of you, I’ve seen a fair number of cybersecurity predictions for 2019. In my role as director of the National Cybersecurity Federally Funded Research and Development Center, it’s my privilege to work alongside and collaborate with some of our nation's top cybersecurity experts and thought leaders. I bear witness to the myriad of technically complex cybersecurity challenges they face and the steps they are taking to mitigate the risks before them.
With all this knowledge and my unique vantage point, here’s my first cyber prediction for 2019: expect more of the same. The all-too-familiar cyber challenges such as ransomware, election security, disinformation campaigns, and vulnerabilities around the Internet of Things (IoT) will remain center stage in 2019.
As Tom Waits once said, "I like beautiful melodies telling me terrible things," and when it comes to cybersecurity, if old is still old, that’s a terrible thing. However, a new melody is emerging, which forms the basis of my next prediction
I believe that in 2019, the way organizations and governments confront the cyber risks that threaten, among other things, national security, economic prosperity, brands, reputations, and the integrity of our data and infrastructure will change. They will take a more proactive approach, and by doing so, may finally turn a corner on making it possible to confront the aforementioned cyber challenges more effectively, starting with:
- Ransomware—These attacks are profitable and don't always reflect great sophistication, and there's no shortage of potential victims because not enough enterprises are doing enough to safeguard themselves. Two reasons exist: A dearth of resources and leadership. Some organizations take an actuarial approach and calculate what it costs to have a strong cybersecurity posture compared to the price tag of a ransomware attack. If it costs less to clean up the problem than to prevent it, some enterprises choose the cheaper option. In addition, leadership at some organizations has yet to accept responsibility for the cybersecurity of their enterprise, preferring to assess the damage caused by ransomware less from the perspective of losing the trust of those whose information is put at risk, and more from the point of view of economic cost. I'm optimistic that more organizations will invest in cybersecurity programs and/or putting preventive measures in place, such as having strong backup mechanisms. Investing in cybersecurity is smart, but the other motivator is that organizations have stakeholders such as customers, regulators, board members to whom they must answer. Once an incident becomes widely known, an enterprise can find it difficult–perhaps impossible–to communicate swiftly, clearly, and consistently what it knows and what approach it’s taking to manage the situation. It can also lose its stakeholders’ trust if forced to improvise a response strategy in real time rather than having a plan in place. Given these factors, this may be the year we turn the tables on ransomware.
- Vulnerabilities around the IoT—Many of these devices are vulnerable because of the costs and technical complexity associated with security features. This lack of security features makes them more susceptible to cyber exploitation, such as being commandeered in a botnet attack. Consumers and organizations are now starting to demand more protections, such as building safeguards to defend IoT devices, on which MITRE is working with the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence.
- Social media—People are increasingly questioning the provenance of the information they see on social media. Instead of accepting information at face value, they’re asking who generated it, why they're seeing something such as a targeted ad, etc. We may also see the rise of "news as a service" where some level of trust is established to authenticate information, its source, where else the information was reported, and by whom.
- Election security—The elections ecosystem is complex, comprised of voting machines, voter database systems, election night reporting, and other components. The nation is coming to grips with potential vulnerabilities associated with this ecosystem, vulnerabilities which, if exploited, could undermine public confidence in this vital American institution. At MITRE, we’re working on ways to protect the integrity of voter registration systems, and we're studying other ways in which the election system can be made more resistant to emerging cyber threats.