9 Cyber Security Priorities For 2019
Latest survey reveals top-of-mind focus areas for cyber security professionals
Cyber Security Hub recently fielded a survey to its subscribers, which revealed 9 top-of-mind challenges, trends and focus areas for cyber security professionals to tackle in 2019.
From enterprise strategy to awareness to hackers to IoT and more — here is a snapshot of the survey results providing a quick glimpse into the state of cyber security.
- Cyber Security is Strategically Important to the Enterprise: Cyber must be integrated into the corporate culture and be operationalized in all facets of the organization. Don’t treat Security and Data Privacy as a business unit or a department.
- Awareness and Education Across the Organization: “Security awareness doesn’t have a user manual,” writes LogMeIn product marketing manager Leah Bachmann. There is no magic recipe to get fellow employees smarter on security, though every day is a good day to keep your company and its data more secure using themes, memes, and compassion for human behavior.
- Staffing and Skills Training: “By 2021, there will be more unfilled cyber security jobs than the total population of Iowa, and there are currently more job openings for CISSP certification holders than CISSPs,” observes Kayne McGladrey, Director of Security and IT for Pensar Development. However, the biggest issue around staffing in cyber security may be finding people who truly have the passion and skills to be in the specialization.
- Insider Threats: Threat actors are already using stolen insider credentials, with 53% of organizations confirming “insider attacks against their organization in the previous 12 months,” according to Veratio. These risks are accelerating, not decreasing. The best defense is a “defense-in-depth,” where overlapping layers of defense support one another, and where a compromise of one defense does not lead to a complete compromise.
- Hackers: External threat actors remain the single largest concern for enterprise cyber leaders. With increased access to data and automation in the workplace, the sophistication of hacker tools has also continued to grow. The profile of a hacker is also evolving from a “who” to a “what” as software bots and the scale of distributed digital attacks.
- Unmanaged Mobile Endpoints: The proliferation of smartphones has increased employee mobility and productivity. At the same time, careful planning remains essential for BYOD and unmanaged endpoints to avoid becoming the organization’s latest vulnerability.
- GDPR and Security/Data Privacy Legislation: Whether GDPR impacts your organization or not, there is a piece of legislation in the works that you should be planning for. Anticipating new frameworks for data privacy disclosure and compliance puts the cyber team in a proactive position with the business rather than security as an afterthought.
- Cloud Security: The cloud offers enterprise cost benefits and other efficiencies. Yet, as with any technological advance, cloud computing becomes an entry point for threat actors. In fact, cloud computing, in an unsecure state, drastically widens the attack surface.
- IoT Security: IoT is already a part of the enterprise, whether cyber security administrators are ready or not. Thanks to advances in network technology, seizing control of connected devices has become an active threat to the enterprise professional. The need for more cyber awareness and oversight is quickly becoming apparent.
See Related: “Cyber Security Challenges, Focuses 2019”
While technologies such as AI and even Blockchain are continuing to emerge as trends, nearly 71% of respondents still report security awareness to be the top priority solution for 2019. Followed closely by threat intelligence (64%), cloud security (59%), and compliance (56%) — it’s no secret that there is work to be done in these areas, while further maturing current programs. Further, cyber spend is outpacing even bullish forecasts from industry analyst firms, but how are the allocations being divided in 2019?