2018 saw upheaval for Australian businesses with the introduction of the government’s mandatory Notifiable Data Breaches (NDB) scheme along with Europe’s General Data Protection Regulation (GDPR), which affects some businesses. 2019 promises to be an equally disruptive year for businesses that don’t prioritise their cybersecurity measures.
Sean Duca, vice president and chief security officer, Asia Pacific, Palo Alto Networks, said, “Australians have lost more than $94 million and counting since January 2018 due to online scams, with phishing scams topping the list. (1) This is an increase on 2017 when Australians lost a total of just under $91 million for the entire calendar year. (2) If this trend continues, businesses can expect 2019 to be another dangerous year. It’s therefore important to be aware of what’s on the horizon and act to protect the business.”
Palo Alto Networks has identified five key cybersecurity trends to be aware of in 2019:
1. Business emails with nasty surprises attached
As the theft of passwords and login details becomes increasingly common in enterprise environments, attackers have grown more confident and motivated, targeting small and large organisations by masquerading as partners or internal stakeholders, a pattern that will continue to plague businesses if they fail to adapt. This alarming rise in business email compromise underscores the increasingly diverse and sophisticated methods attackers use today, from mimicking corporate websites to targeting employees’ personal social media accounts to launch exploits. As attackers find increasingly crafty ways to bypass internal checks, 2019 is unlikely to be the year businesses beat cybercriminals at their own game.
2. Supply chain will be the weakest link
The digital age has helped break down barriers to create an interconnected, global supply chain, making it very easy for businesses to work with different suppliers.
Increased connectedness and sharing of data and networks have empowered organisations to embrace new efficiencies through connectivity and analytics. However, this will also prove a boon to opportunistic attackers preying on weaknesses in existing security. These risks have become more apparent in the healthcare sector, where third-party connected medical devices – such as MRI and X-ray machines – plug in to internal networks daily, providing multiple new attack surfaces and vulnerabilities over which hospitals have almost no control. Pinpointing and avoiding cybersecurity risks will soon be nearly impossible as the global supply chain becomes increasingly complex.
3. Data protection legislation gains ground
As Asia-Pacific countries pledge greater cooperation with cybersecurity initiatives, the move towards formalising data protection frameworks seem inevitable. NDB and GDPR are just the first steps in data protection legislation and countries around the APAC region are likely to follow suit. In New Zealand data breach notification legislation is on the cards for 2019 as well. As digital maturity varies across the region, the framework for these countries to roll out their own version of NDB could take some time to develop, and the path ahead is not straightforward. However, 2019 could be the year many countries take the first steps towards protecting their citizens’ data.
Sean Duca said, “All businesses, regardless of whether they’re technically subject to NDB or GDPR, need to pay attention to the data they collect and store. Compliance can provide a baseline to assess gaps and help determine an overall prevention posture. As a start, businesses should minimise unnecessary personal data collection, which could help minimise risks and exposure.”
4. Cloudy skies ahead
Implementing a cloud computing strategy often means that mission-critical data and systems will sit with third parties. These assets will need to be securely stored and transmitted, and only accessible to authorised personnel. The shared security responsibility model means enterprises must grapple with the security of data, applications, operating systems, network configurations, and more. This intertwined ecosystem has made security a much more complex undertaking, especially for organisations already dealing with the difficulty of finding cybersecurity talent and making sense of the many point products available in the market today.
5. Why Critical Infrastructure is so critical
Critical infrastructure (CI) includes public infrastructure and resources and other essential sectors such as banking and financial services, telecommunications, and the media. As CI goes digital and automated, cross-pollination between corporate and industrial networks has made them easier targets for cybercriminals. This is especially dangerous as industry systems such as supervisory control and data acquisition (SCADA) and industrial control systems (ICS), which are critical to the energy, water and public transport sectors, often rely on legacy and unpatchable systems.
Sean Duca said, “To date, infrastructure owners have primarily focused on the confidentiality of information and overlooked the other two principals of information security: integrity and availability. This will be especially crucial as countries in the region adopt industry 4.0 technologies. These innovations will rely on telemetry and always-on connectivity, putting the lives of the public in the hands of systems that rely on accurate and accessible data. As a start, CI owners, both public and private, will have to put in place zero-trust systems and segregate access.”