2018 was another year of change in the cybersecurity industry. I’ve had some interesting conversations with customers, partners, providers and analysts over the past twelve months, and I’m excited about where the industry is headed – at least from my vantage point.
I have also read a number of predictions stories and blogs that have appeared online over the last 2-3 weeks. While you may have read these articles too and seen some of the broader trends predicted for the industry that everyone agrees on (e.g., focus on endpoint security, impact of staff shortages, etc.), I offer the following predictions of my own. Some may be a bit different or take new angles compared to what you have seen before:
- GDPR Non-Compliance – In 2019 several organizations will choose not to be GDPR compliant, deciding that paying a fine or dealing with a lawsuit is easier than trying to comply with an ambiguous and undefined standard. A November 29 story in Fortune Magazine stated “There have been mostly minor enforcement actions under the new regulation. Facebook, Google and Twitter are under investigation for alleged infractions, but multibillion-dollar fines have yet to be levied.”
- Cryptojacking Moves to #1 – Cryptojacking will pass ransomware in 2019 as the premier malware threat as hackers look for ways to get closer to the money with minimum effort to monetize attacks. A recent report from Kaspersky Lab stated that there was a 400% increase in cryptojacking related cases in 2018.
- Organizational Shift – CISOs and security departments will move from reporting into IT to finance or legal, reflecting the shift from a technology focus to risk. This is a result of executive teams and Board members realizing the importance of cybersecurity to the entire organization (e.g., operations, financials/stock, brand, etc.). A December 2018 story in IT Pro Portal stated “…When it comes to placing your CISO below the chief financial officer (CFO), the most significant benefit is that it means the CISO has some serious sway when it comes to getting financial backing from the board.”
- Platform Consolidation – We will see a consolidated platform from a single vendor actually work in cybersecurity in 2019. In a Dec. 26, 2018 story in Dark Reading, Jeff Pollard, Forrester vice president and principal analyst serving security and risk professionals, stated that he expects “a wave of innovation and consolidation” as startups founded to build specific solutions see their technologies integrated into broader platforms.
- AI and ML Finally Get Real – Artificial Intelligence (AI) and Machine Learning (ML) will finally find a true useful purpose in cybersecurity this year and will move past the “marketing hype” phase. You will see real-world, practical applications and use cases of AI and ML, beyond PowerPoint slides. The future does look promising – according to a survey by PwC, 46 percent of business executives say they use AI to manage risk, fraud and cybersecurity threats.
What do you think of my five – agree or disagree? Do you have thoughts or predictions of your own? If so, let me know. I plan to revisit the predictions after six months and again at the end of the year to see how on or off the mark I am.
Either way, I think that 2019 will be an important year of change in the industry so I am excited to see how things unfold. Best of luck to all in 2019!