Hardware is easy to protect: lock it in a room, chain it to a desk, or buy a spare. Information poses more of a problem. It can exist in more than one place; be transported halfway across the planet in seconds; and be stolen without your knowledge.—Bruce Schneier
2018 is fast approaching and it is becoming clear that one IT trend is rising above the rest. It is affecting individuals’ feelings of freedom. It is creating doubts in the political process. It is altering how companies do business. IT security is no longer just about creating a safe password. A few jumbled characters will not keep information secure. More is required, and this is what businesses are beginning to implement into all of their practises and processes.
1. Job Title Creation
With the rise of cyber crime, organisations are being forced to pay more attention to it. So much so that the responsibility is now more than a single IT team can manage. For this reason, many companies are looking to hire new professionals or set aside specific responsibilities to a new position. CCO, or Chief Cyber Crime Officer, will likely be a position that most large companies need. The CCO will be in charge of overseeing the protection of all computer systems from any attack. Along with preventing breaches, they would also be put at the helm if a data breach did occur and would continuously make the organisation more and more cyber-ready.
2. Regulation Changes
The advancement of technology makes it necessary for laws and regulations to be changed. Cyber crimes are an entirely new territory and old regulations do not effectively address the issue. Over the coming year, governments and organisations will likely begin to at least improve, if not entirely overhaul, existing regulations that apply to cyber security. In short, the current regulations that are in place create a false sense of security for any business or government. If an attack were to occur, organisations are simply not agile enough to keep up.
3. Cyber Insurance
Cyber risk insurance already exists, but currently, it simply exists as an extension to other existing risks—more of a blanket cover. More specificity is needed. To serve this need, a new niche in the insurance industry will likely pop up. It will provide businesses with much more specific products that are tailored to unique cyber needs. These needs could include everything from the cover of improvement costs for system upgrades and security infrastructure to the cover of loss of trust and reputation with current and potential consumers.
4. Theft Is Out, Manipulation Is In
Attackers are beginning to pick up interest in causing long term damage to companies. Instead of hacking into data to steal it, they are beginning to hack websites or databases simply to lessen the integrity of the data. And this is the type of attack that damages the reputation of organisations and individuals, potentially much more harmful to a company’s bottom line than any temporary data theft could be.
5. Increased Breach Complexity
The thing about breaches and hacks is that they are just getting better and more complicated. As more is understood about code, data, and the transfer of information, more havoc can be wreaked. Ransomware and viruses that cause an exponential amount of damage have already been created. And while there are ways to catch and stop the spread of the virus, it is only a matter of time before someone creates ransomware that is unbeatable.
6. Increased Demand For Skills
With an increased threat to cyber security, companies will need to prepare. This means that the current global shortage of skills in cyber security will only worsen. And this, in turn, will make organisations without strong cyber security measures a major target for hackers. This cyclically increasing threat will force organisations to do internal skills growth and training so that those in charge of IT will have at least a basic understanding of how to keep data safe. In short, cyber security skills are only going to become more and more important over the coming years.
7. Harder-To-Find Hackers
As more pressure is being brought down on hackers, they are becoming smarter. They are learning the global cyber security laws. They are figuring out the loopholes. They are starting to organise and join together. Some of them start call centres to legitimise and commercialise their operations. Others relocate to countries that are easier on cyber crime or that have weak intelligence and police forces. Whether they are hiding in plain sight or they are disappearing to unknown places, their activities remain just as damaging.
8. IoT Security
Many Internet of Things (IoT) products state that they are ‘secure by design’. This is a nice idea but it is not really true. However, these products are undoubtedly becoming more secure and, by the beginning 2018, will start to truly deliver on this promise. Unfortunately, this will go hand in hand with more powerful artificial intelligence attacks. Automated hacks are becoming increasingly human-like, and eventually, security personnel will find it difficult to differentiate between one and a normal user.
IT Security In Asia
Due to the advancement of cyber security threats, many companies across Asia are seeing the need for the advancement of cyber defences. Honeywell Process Solutions is one company that is leading the way. They have partnered with the Singapore Economic Development Board to build a centre for the advancement of cyber security innovations. Not only will the centre provide outsourcing services for managed security, but it will also have an advanced training facility to develop cyber security skill level in the region and have a very advanced and modern cyber security research and development lab.
And Honeywell is not the only company in Singapore that is looking to increase cyber safety. NTU Singapore has reached out to GrammaTech, a cybersecurity firm in the United States. They will be working together to enhance the university’s offerings in cybersecurity. More specifically, GrammaTech will be providing the latest static and binary analysis tools in order to bolster cybersecurity research projects.
And beyond partnerships to enhance cybersecurity research, knowledge, and capabilities in Southeast Asia, more and more companies simply want to know what is the latest in cybersecurity. It is for this reason that there are multiple cybersecurity conferences in the region, like the CyberSecurity Asia 2017 Conference that was in Malaysia or the RSA Conference 2017 Asia Pacific And Japan that was held in Singapore. Companies and governments alike are preparing for the mounting cybersecurity threats.
And all of this caution and preparation is absolutely necessary. Many reports have come out stating that not only are countries in Asia at the most risk for cybersecurity threats, but they are also the least prepared—a combination that could be disastrous. In recent months especially, countries across Asia have had some close calls. In June, a massive ransomware attack hit government systems, port operations, and many businesses across the continent. Ports in India were unable to identify where shipments were coming from or going to, paralysing their operations for extended periods of time and bribing computer operators for U.S. $300 to unlock the system from the ransomware. Cybersecurity threats are no longer just a science fiction movie plot, they are real and they are growing, making it essential for businesses and individuals to prepare and protect themselves.