We are pleased to announce the 2019 Forcepoint Cybersecurity Predictions Report, a collection of macro industry trends and threats impacting organizations in the new year. With contributions from Forcepoint’s cybersecurity research and intelligence teams, including global Security Labs, Innovation Labs, CTO, and CISO teams, this year’s report examines the concept of trust, the common thread in each of these seven predictions.
For all the damage cyber attacks are capable of—the undermining of physical systems, digital disruption, and the loss of valuable data and intellectual property (IP)—nothing is more detrimental to society than the cost of severed trust. Trust is the difference between innovation and IP loss, between an organization’s long-term success or failure.
2018 was a year of large-scale breaches, impacting user privacy in a way we’ve never seen before. In 2019, promises of advanced cybersecurity technologies are rampant, attribution becomes more difficult to prove, and new attack techniques subvert organizations not yet ready to deal with the ever-changing cyber landscape.
The 2019 Forcepoint Cybersecurity Predictions Report includes the following themes:
- The Winter of AI? Promises of machine learning and artificial intelligence enthrall marketers and media alike. If AI is about reproducing cognition, does cybersecurity AI really exist? How will attackers capitalize on a slowdown of AI funding?
- Industrial IoT Disruption at Scale. Attacks on consumer IoT are prevalent, but the possibility of disruption in manufacturing and similar industries makes the threat all the more serious. Meltdown and Spectre have given attackers a way to target hardware vulnerabilities—cloud infrastructure may be next.
- A Counterfeit Reflection. As phishing attacks persist, “SIM Swaps” undermine the effectiveness of two-factor authentication (2FA). Biometrics offer additional security by using data more unique to each end-user, but newfound vulnerabilities in facial recognition software lead experts to put faith into behavioral biometrics.
- Courtroom Face-Off. What happens when an employer sues an employee on grounds they purposefully stole data or caused a breach? Several cases have now found their way to high-level courts—including one very public incident at Tesla— publicly highlighting deficient cybersecurity measures. How might workplace monitoring help establish intent and motive?
- A Collision Course to Cyber Cold War. A result of fracturing trust between world powers, trade embargos have dominated the media in 2018. Industrial espionage presents a way for nation-states to acquire new technology they would have otherwise purchased legitimately. How will organizations keep intellectual property out of the hands of nation-state–sponsored hackers?
- Driven to the Edge. Consumers exhausted by breaches and abuse of their personal data have led organizations to introduce new user privacy needs inside of the services they provide. Edge computing offers customers more control of their data, but a lack of consumer trust may prevent any such benefit.
- Cybersecurity Cultures That Don't Adapt Will Fail. No partnership ever takes place without due diligence, which until now, has not taken a partner’s cybersecurity programs into account. The introduction of “security trust ratings” will indicate to potential partners how safe it is to permit suppliers to handle PII or other critical data. How would cybersecurity culture play a part in these ratings? How would they affect supply chains?