With the end of the year fast approaching, industry leaders and experts are contributing their predictions for 2020. We’ve rounded up the best of the bunch, bringing you insight directly from cybersecurity, edge, blockchain and cryptocurrency experts. How might those sectors take shape over the course of next year? Let’s find out.
Deepfakes will become a serious threat to corporations
“A big trend for social media this year has been the rise of deepfakes and we’re only likely to see this increase in the year ahead. These are manipulated videos that are made to look real but are actually inaccurate representations powered by sophisticated AI. This technology has implications for past political Facebook posts. I believe we will start to see threat actors use deepfakes as a tactic for corporate cyberattacks, in a similar way to how phishing attacks operate. Cyber crooks will see this as a money-making opportunity, as they can cause serious harm on unsuspecting employees. This means it will be vital for organisations to keep validation technology up-to-date. The same tools that people use to create deepfakes will be the ones used to detect them, so we may see an arms race for who can use the technology first.”
Jesper Frederiksen, VP and GM EMEA, Okta
Achieving ROI from AI
“AI can help streamline and speed up processes that take much longer for human operators to process, as well as improving the margin for errors by many factors. AI is a long-term investment which should learn and improve as it operates. Businesses will start to see returns on investments in 2020.”
Scott Brothers, Group COO, ONVU Technologies
High costs will stop widespread Blockchain adoption
“While evangelists make great promises for blockchain, finding viable deployment scenarios is still a challenge. This will not change in 2020 – as the relatively high infrastructure cost means Blockchain can only deliver value efficiently when there are a high number of both dispersed, participating entities, and distributed ledgers. Even if this is overcome, there is still the second major challenge of secure integration with existing ERP and logistics management systems. Organisations without the resources and expertise to overcome both of these will have to wait for costs, complexity or both to fall.
“For those organisations with the necessary resources and skills, there will be opportunities to put the blockchain to use. For instance, retailers can create a full, audited history of specific products’ origins and supply chain to satisfy the curiosity of increasingly ethically- and environmentally-sensitive consumers. Similarly, manufacturers can trace components to ensure there are no flaws in a batch – and if any are detected, identify the weak link in the supply chain and either repair or replace it.”
Felix Gerdes, Director of Digital Innovation Services, Insight UK
Computing will go from the Edge to Edgeless
“In 2020, organisations will begin to fully exploit the potential of edge computing. They will use processing on devices to provide faster services for end-users; to avoid the risk of network failure or of having to create and share duplicates of sensitive data; and make their services more cost-effective when operational costs such as energy use are, at least in part, shared with the end device.
“At present, there is still a clearly defined edge and centre – with smart devices processing data but ultimately feeding information back to databases on central servers. In 2020, we will see the concept of the “edge” become less meaningful. There will be more and more use cases where the edge essentially works with itself; devices communicating with one another to run applications without the “cloud” and leaving central servers out of the equation entirely, or at most involving them to act as a data archive.
“The result will be “edgeless” computing, where the notion of an edge or centre loses relevance. As the processing power of devices will keep being eclipsed by the next generation, we will see the rapid growth of edgeless computing where processing can truly happen anywhere.”
Andrew C. Oliver, Product Director, Couchbase
Expect to See a Cyber Incident at the Edge in 2020
“The continued proliferation of IoT devices will make edge computing an essential component of enterprise IT infrastructure in 2020. To power these systems, 5G will become a bedrock for organisations looking to speed up their IT operations. With this innovation and speed will come greater digital risk. A security incident in the New Year will serve as the wake-up call for organisations leaning into edge computing. It will remind them that threat visibility across is essential as their attack surface expands and the number of edge endpoints in their network multiplies.”
Rohit Ghai, President, RSA Security
AR as a business tool
“In 2019, there have been great advancements in the world of augmented reality for business use. The technology originally sprung into headlines as consumers became immersed in the with Pokémon and other hit games. Business have taken this technology and turned it into a practical solution for bridging skills gaps in complex, tech-driven industries.
“Our future workforces have been under the microscope as a technology skills gap riddles many industries and delays the delivery of digitisation projects. AR and the HoloLens holds the key in upskilling and guiding workers, especially in extremely specialist industries like data centres that rely on accurate, fast work. In 2020, we’ll be seeing more of this immersive technology making its way into our workplaces and being a literal guiding light for training and supporting staff at all levels of skill.”
Mark Gaydos, CMO, Nlyte
The Rise of Hacking Attacks in the Cryptosphere
“No systems are “unhackable” and cryptocurrencies are no exception. The security of cryptocurrencies rests on safeguarding users’ private keys, leaving the “keys to kingdom” accessible to anyone who fails to adequately protect them. Cybercriminals usually follow the money, so we expect that cryptocurrencies will be at or near the top of attacker hit lists. These digital assets present a clear, and unregulated, point of value that can be readily monetized. As consumers look to cryptocurrencies, they have to be aware that every element of the ecosystem, from crypto wallets to centralized exchanges, can be vulnerable and lead to an undesirable downstream impact.”
Dr Zulfikar Ramzan, Chief Technology Officer, RSA Security
Taking cloud further
“Cloud migration has been gathering increasing momentum amongst enterprises in recent years – especially within DataOps. As organisations realise that cloud migration promises much greater scalability, flexibility, optimisation, and lower costs for their big data applications, beginning the cloud journey makes increasing operational sense. In 2020, we expect that not only will organisations increasingly make this transition, they will do so through a carefully planned approach after seeing how early adopters have often foundered.
“Just as organisations recognise the promise of the cloud, they see the risks too, and we expect this will be reflected in more carefully planned cloud migration journeys. For instance, organisations are now taking into consideration that a poorly-planned cloud migration can be a headache for data teams and lead to reduced efficiencies and increased costs in the short to medium term as unplanned contingencies play havok with SLAs and successful delivery. As such, organisations are more and more ‘looking before they leap’ and anticipating potential issues in their migration before starting. This is encouraging to see and a good indicator of the increasing maturity of the cloud industry.”
Kunal Agarwal, CEO and co-founder, Unravel Data
Security debacles will mount up unless it is built into applications from the beginning
“There is one area where 2020 is unlikely to differ from 2019 – there will be more high-profile security breaches that, in hindsight, would have been easily preventable. Partly, this is due to attitude. Too many organisations will still treat a security breach as an act of God – something that is essentially a random natural disaster, best addressed by ensuring adequate insurance cover and dealing with any fallout after the event.
“However, unlike most natural disasters, security breaches – or attempts at them – are preventable. Just as most of us will lock their house or car when we leave it, so organisations should be taking all the necessary precautions. Security is the ultimate cross-cutting concern for the entire business. Every decision taken at every level affects security, and vice versa.
“Security has to be built into applications from the very beginning, by experienced developers who are trained in developing secure software and know the rules to follow. This is not the method in common use today, yet deploying security after software has been developed will inevitably leave gaps that potentially leak user data in all directions. To avoid 2020 being more of the same, organisations need to change their approach and prioritise hiring trained and experienced developers.”
Andrew C. Oliver, Product Director, Couchbase
Look out for contextual access spending to spike in 2020
“In the coming decade, organisations will shake up their security budgets to account for a Zero Trust strategy. Spend on perimeter will move instead towards access points that are more dynamic. We will see a decrease in firewall and perimeter investment and in 2020, we can expect an increase in spending on context-based access management. With 97% of organisations now using cloud services, the network perimeter can no longer serve as a barometer for trust, with companies starting to operate through the lens of least privilege; analysing each authentication and authorisation deeply. As machine learning technology continues to evolve and move past heuristics towards true individualized pattern recognition, we will see that increasingly integrated into security budgets as well.”
Jesper Frederiksen, VP and GM EMEA, Okta
Doing more with less will be as true for attackers as for organisations
“Whether due to budget constraints, time pressure or simply recognising who provides the best service, more and more organisations are relying on upstream service providers to give their business-essential capabilities. Similarly, automation is becoming a significant tool for organisations that want to maximise the efficiency and effectiveness of their business processes. Yet any technology that makes things easier for the business can also make things easier for others with hostile intentions.”
“For instance, sophisticated nation-state attackers will target service providers that serve hostile governments, then use this entry spot to work their way down into more heavily-protected systems. Likewise, any automated systems are a prime target for attackers who understand their capacity to wreak havoc. The opportunity to affect multiple targets with a single attack can make these services a one-stop-shop for dedicated attackers. Businesses have to understand the threats they are potentially opening themselves up to when they adopt new technology or services, and work to close any potential points of attack. Otherwise, if the worst does happen, organisations will quickly find out that they may be able to outsource IT services, but they cannot outsource ultimate responsibility.”
To deal with a growing age and skills gap, IT security professionalisation will gather pace in 2020
“IT security recognises that it faces a worrying age gap. The average age of security personnel is creeping upwards as the industry continues to struggle to attract new talent. It’s entirely possible that more youthful talent, and fresh thinking is concentrated on the side of the attackers. Left unchecked, this trend will result in a security industry that struggles to fill skills gaps and is increasingly stretched as it fights attackers. There is already a challenge – according to the UK Government’s 2018 audit into the state of the nation’s cybersecurity workforce, more than half of all UK businesses had a “basic technical cybersecurity skills gap.
“To avoid this, professionalism will be crucial. In order to attract more applicants, and especially those from more diverse backgrounds, the industry needs to have education in place to give individuals the skills they need. It also needs to prove that security is an attractive career, through clear opportunities for progression; evidence of the importance of the role; and demonstrating how a huge range of skills can prepare individuals for a career in security. At the same time, smarter organisations will also be looking to promote internally, spotting individuals with the right aptitude for security. Without this, the industry will continue to see promising applicants lost to other careers – or even to the dark side.”
Amanda Finch, CEO, Chartered Institute of Information Security
Automate to bridge the skills gap
“In 2020, many more organisations are going to feel the effects of the cyber skills gap, and will need to rethink their cybersecurity strategies as a result. Businesses should consider using more AI and machine learning technologies to automate as many security processes as possible, taking pressure off overstretched cybersecurity teams and allowing them to focus on the biggest threats. Organisations should also be looking to under-hired groups, such as neurodiverse candidates, who are perfectly suited for cyber roles and could help to fill open positions.”
Mark Hughes, Senior VP and GM of Security, DXC Technology
Consolidate security solutions to save money
“Organisations need to start exploring the security features they are already paying for, but not using, to mitigate risk while increasing ROI. Most organisations use traditional third-party security providers while overlooking the consolidated security capabilities of widely-used platforms.
“For example, Microsoft 365 – research shows 44 per cent of users aren’t using Intune (device and application management), 37 percent are not using Azure Advanced Threat Protection (identifies, detects and investigates advanced threats), and 36 percent are not using Azure Information Protection (document protection). In practice, this means organisations using third-party tools are essentially paying twice for the same outcome. However, we expect to see adoption of integrated features rise in 2020 as users start to realise they a strong, cost-effective option.”
Andy Dunbar, Technology Services Lead, SoftwareONE