As 2019 approaches and budgets and plans get finalized, I like to take stock of what cybersecurity trends may emerge in the coming year. Cybercriminals constantly evolve—as does technology—so it’s important to periodically take stock of the current threat and security landscape. Today, I want to emphasize four predictions for the coming year.
The nature of work has shifted over the years. More people work remotely. Users bring personal devices to work. Executives take their work laptops—and sensitive company data—home to networks that could be insecure. And with the increasing amount of encrypted internet traffic, perimeter-level defenses offer fewer protections.
Instead, security experts will start managing risk based on users and the devices they use. For example, an employee who connects from a trusted work device from inside the company network presents less risk than an employee on a personal mobile device on their home network. In the first, the security organization may allow the user easy access, but for the mobile user, they may add safeguards like multifactor authentication.
Handling user-centric security doesn’t have to be daunting. Businesses may focus efforts on “risky users.” For example, the head of human resources who has access to private employee data needs more rigorous security requirements than a web designer who only accesses the design files. You could require that the head of HR always connect via VPN to ensure their machine is clean. The point here is that we may need to shift our thinking toward users rather than just data or IT assets.
Data breaches will continue causing problems. If cybercriminals can make money, they’ll still try to steal data. But businesses face new risks this year.
While data breaches continue, we may see an increased number of data breach reports. New laws like the General Data Protection Regulation (GDPR) may cause an increase in reported breaches. This isn’t entirely due to the reporting requirements—GDPR may shift the way we think about private and public data. For example, I consider things like my name or employer to be public data because you can find them easily via a Google search. I always considered data like medical records to be private. Under GDPR, however, you must report any personal data, which is defined as, “any information relating to an identified or identifiable natural person (‘data subject’).” This expands the scope of reportable breaches, which could lead to increased data breach reports (even if the number of breaches stays level).
New legislation could come down the pipeline using GDPR as a model. This shouldn’t immediately trigger cause for alarm—this transparency is good for consumers. However, increased fines and penalties could become major risks for businesses.
This past year, we saw fewer news reports about major ransomware attacks. Instead, we saw an increase in crytpomining-based attacks. In these attacks, cybercriminals can compromise a system, steal some processing power, add it to their farm of processors from other victims, and start making money from Bitcoin, Monero, Zcash, or another cryptocurrency.
Remember to stay vigilant against these kinds of attacks. Because they’re only stealing a small amount of processing power, it may seem like a minor nuisance compared to a ransomware attack. However, cryptominers and ransomware are merely the payloads. If someone puts a cryptominer on your systems, they could choose to change to a financial Trojan or to ransomware. Stay vigilant here with both basic cyberhygiene and, if you need to, security operations center (SOC) services.
However, don’t assume ransomware has gone away. Ransomware attacks are still profitable for cybercriminals—especially when they affect continuity for a major organization like an enterprise, a hospital, or a government agency.
With an increasing emphasis on security, MSPs may wonder if they need to become MSSPs. Ultimately, there’s not only room for both businesses but they can work synergistically.
MSPs are the CIOs of their clients. They provide IT services to help them achieve their business goals. MSSPs, on the other hand, focus on security. They monitor for intrusions, remediate threats, and provide advanced threats. MSPs focus on supporting the good guys; MSSPs focus on thwarting the bad guys. To top it off, most MSSPs don’t want to be MSPs.
MSPs that partner with MSSPs can provide even greater services to their clients and help serve more of their IT needs. If an MSP, for example, picks up a client in a regulated industry that requires 24/7 security monitoring, they could easily partner with an MSSP to deliver to the customer.
Don’t get me wrong—MSPs should still handle the fundamentals of cyberhygiene for their clients. If the MSP doesn’t help ensure systems get patched, antivirus stays up to date, and backups remain current, the customer will likely find an MSP who will.
As the new year approaches, it’s important to keep up with your security practices. Cybercriminals don’t take holidays, and your security can’t either. So, make sure to both continue with your cyberhygiene practices—and start preparing for some of the trends we may see in 2019.
If you’re interested in partnering with an MSSP, SolarWinds MSP has a new Threat Monitoring Service Program that matches MSPs with our approved MSSPs. Click here to learn more.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim’s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.
© 2019 SolarWinds MSP UK Ltd. All rights reserved.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.