A good read. Top discussion points from the FireEye 2019 cybersecurity predictions report includes:
Threats Targeting the Aviation Industry
While it’s important to stay attuned to cyber-enabled physical threats to aircraft and supporting systems, a far more common threat that security teams in the aviation industry must be prepared to defend against is cyber espionage.
The Restructuring of Chinese Cyber Espionage
Notable restructuring in the Chinese cyber espionage apparatus has taken place since at least 2016, resulting in a resumption in the pace of activity. This reorganization should inform the growth and geographic expansion of Chinese cyber espionage activity through 2020 and beyond. Cyber espionage activity related to China’s Belt and Road Initiative will likely include the emergence of new groups and nation-state actors. Given the range of geopolitical interests affected by this endeavour, it may be a catalyst for emerging nation-state cyber actors to use their capabilities.
Attackers Eyeing the Cloud
Adversaries go where the money is, and 2019 promises to offer an increasing number of opportunities for attackers in the cloud. With the cloud, there’s a new, and often expanding attack surface that can be left unprotected or without the proper safeguards in place to protect essential data.
Supply Chain as a Weakness
In 2019, an increase in both state-sponsored and financially motivated supply chain attacks is expected. As organizations have improved their posture and built up their perimeter defences, attackers will shift their focus to compromising third-party vendors, customers or partners with the goal of gaining access to a target’s network.
Cyber Capabilities of Nation States
In 2019 and beyond, FireEye expects to see more nations developing offensive cyber capabilities. As seen with the rise of Iran, North Korea, and Vietnam over the past few years, many other emerging cyber countries are expected to come to the forefront in 2019. Iranian attackers, in particular, will continue to improve capabilities, even as new, less capable groups emerge supporting Iranian government goals.
The Rise in Breaches Due to Lack of Attribution and Accountability
Attribution and accountability are two of the most significant sticking points when it comes to winning the war in cyberspace. Without risks and repercussions for the malicious activity carried out on the internet, attackers will keep attacking, and organizations will keep getting breached.
The Widening Skills Gap and Lack of Trained Experts to Fill Security Roles
According to various industry estimates, there are at least two million cybersecurity jobs that will go unfilled by the year 2020. However, the critical meltdown point has not quite been hit yet, when it comes to staffing. The good news is that the thinking around this challenge is changing.
A copy of the report is available here: https://content.fireeye.com/predictions/rpt-security-predictions-2019