In general, the cybersecurity market is in a positive place. With the federally-formed National Initiative for Cybersecurity Education (NICE) of 2017, we’re seeing widespread efforts to improve awareness and security capabilities across all organizations. Investments in technology grew, and we saw an improvement in behavior-based threat analytics, which is an effort to mitigate some of the insider threats and human errors which are the root of many businesses’ cybersecurity woes. As a whole, organizations began to grasp the importance of cybersecurity and are paying very close attention to it. This message of importance may have been received, but we saw a disconnect in how to best act on it.
According to the latest cybersecurity report, despite cybersecurity being the top technology priority in the past year, many organizations see it as their most underperforming IT area. Only 22% of survey takers listed ‘data security’ as significantly improved within their organization. This can be attributed to a variety of reasons, including:
Lack of appropriate funding
Need for improved data-visibility
Inadequate staffing
Lack of necessary tools and technology
What needs to change?
Ultimately, the major issue facing cybersecurity today is the disconnect between business leaders and their IT counterparts. According to the latest AT&T Cybersecurity Insights report, when posed with the statement: “Our current solutions keep us completely or very safe,” 60% of C-level executives agreed, while only 29% of IT security staff agreed. This reinforces the disconnect issue, suggesting misplaced funding and a misunderstanding on behalf of executive leadership. When conducting research for our Cybersecurity Market Report, Cyber Security Challenges, Focuses for 2019, we asked IT leaders what they thought was the one area of cybersecurity that needed to change in 2019. The top 3 responses, with a combined majority of 63%, were:
Streaming data privacy policies
Security mandates
Legislation
What to expect in 2019
In our Cybersecurity 2019 Trends Market Report, we surveyed 286 cybersecurity project owners about the cybersecurity investments their company had projected for 2019. With these answers and the 2018 developments in mind, we can look at the emergent technology of today to make some predictions about what is in store for cybersecurity in the coming year.
- Cybersecurity automation
As it relates to staffing, we may see a rise in the automation of security and data privacy. As networks become larger and the ground to cover grows, automation and artificial intelligence may start to play a more pivotal role in the day-to-day work order of cybersecurity. Many security information and event management (SIEM) companies are rolling out cybersecurity management platforms that harness the power of automation. But, our research suggests that this is highly dependent on the enterprise. Only 33% of respondents see a trend toward cybersecurity automation in 2019, while 13% say they predict very little efforts toward automation. The need is there, but it may take some time for most businesses to reach a real stress point for automation to come to fruition. At AT&T Business, we made cybersecurity a top focus, investing in advanced threat detection and analysis, threat intelligence and virtualized security functions to help protect business assets. According to our latest cybersecurity report, despite cybersecurity being the top technology priority in the past year, many organizations see it as their most underperforming IT area.
- Mobile devices as a cyberthreat
The fleet of enterprise mobile devices is growing, which means so is the number of endpoints that need to be monitored and protected. In our survey, 84% of respondents said this growth and diversity of endpoints is adding to the complexity of IT. Many companies buy and control disparate devices, often from multiple vendors, making it harder to deploy strategic and unified cybersecurity solutions. Ideally, cybersecurity leaders would like to see these endpoints in a comprehensive suite provided by a single vendor. This would imply a hole in the market for an established endpoint security brand or “next-generation” vendor, which the market may see realized in the next year.
- More data privacy regulations
Companies are preparing for more data privacy legislation in 2019. After the General Data Protection Regulation (GDPR) taking effect in 2018, a variety of U.S. and international requirements will be required in coming years. Now, 88% of respondents see their regulatory pipeline growing for data privacy in 2019.
- Security talent crisis
Also an issue in 2018, we expect the cybersecurity talent crisis to be an ongoing pain point in 2019. Cybercrime continues to rise, and so does the demand for security professionals, a demand the current workforce has just not been able to match.
- “Crypto-jacking”
Crypto-jacking is the use of computing resources by cybercriminals to mine for virtual coins. In 2018, we saw a tremendous rise in crypto-jacking attacks. Almost 55% of respondents believe that crypto-jacking is even more of a threat than ransomware. The market should expect to see increased security measures against these attacks in 2019. For example, we’re already seeing cryptocurrency mining detectors that identify unauthorized software within an enterprise.
Cybersecurity service providers
Only time will tell us what the cybersecurity world has in store for 2019. One thing is certain, however: cybersecurity is increasingly becoming a more prevalent – and more complex – factor in the business environment. However, as we’ve covered, IT professionals still face many barriers when it comes to implementing the most effective cybersecurity strategies. In an ever-changing world of new technologies and threats, businesses are finding it hard to dedicate the resources and harvest the talent needed to keep up. Because of these barriers and unknowns, many businesses are finding solace in placing their cybersecurity griefs in the care of a Managed Security Service Provider (MSSP). These dedicated cybersecurity providers are not only equipped with the latest in threat management technology, but it’s their job to understand the current environment and work toward being ahead of the curve on emerging cyberthreats. By using an MSSP, many businesses can get help with intelligently investing in the right array of technologies to help protect against, and respond to, cyberattacks – in 2019 and beyond.