Many people ask what is the future of cybersecurity. Cybersecurity is still a relatively new part of IT and has changed dramatically in recent years as it has been recognized as a separate discipline within IT security. In this article, we will look at current trends for Information security and cybersecurity in particular and try to provide some insight into what cyber security in future years might look like.
To try and work out what the future of cyber holds, it is worth looking at what the trends were in 2020 and what they are likely to be in 2021. The world of technology is very fast-moving, and not every new development stays around. You only have to recall what happened to videotapes to realize that.
What is indisputable is that technology will be running more and more of our daily lives. Not that long ago, things like driverless cars were pure science fiction, but they are already science fact. Technology is now in daily use all over the globe in devices that nobody thinks of as being IT – such as phones and audio systems. Hence the future of IT security is not just concerned with protecting traditional IT equipment such as laptops, desktops, servers, and networks. Cybersecurity is vital for protecting our data and information, no matter where it is held. Here are some of the trends that we are seeing now.
Future of Cybersecurity – Artificial Intelligence:
Artificial intelligence (AI) is no longer just being used by robots to carry out household tasks for us, like mowing the grass. Artificial intelligence approaches are being increasingly used by both cyber criminals and cybersecurity teams. In the future of cybersecurity AI is going to play a very big part.
AI is very good for analyzing massive volumes of data at speed and applying heuristic algorithms to determine patterns. Hackers are now using AI approaches to analyze stolen data such as network traffic and password credentials in order to identify vulnerabilities that they can exploit quickly. Cybersecurity teams are using AI to analyze data captured by their defense mechanisms and network traffic, looking for early warnings of cyber attacks and new attack patterns.
To crunch lots of data quickly, AI needs a large amount of computing resources. Cyber criminals are copying a technique initially developed for ethical purposes, such as analyzing the massive volumes of data generated by CERN’s large hadron collider. Grid computing is a form of distributed computing that utilizes computers and other devices all over the world accessed via the internet to harness their processing power. This effectively creates a supercomputer at a very low cost. Even mobile phones are now being used in these grids. To be used for legitimate purposes, the owner has to agree to their device being used. But hackers don’t ask for permission. Once they have breached the IT security defenses, they install their own applet and start using the device’s processing power within their dark grid. Cybersecurity teams are only just starting to realize that their scope now has to include just about anything that uses technology.
All forms of cyber attack from spam email attempts to trick us into revealing credit card details to denial-of-service attacks designed to disable critical infrastructure will grow in frequency and sophistication. AI will be the only way to handle the complexity and volume of data and information feeds that both hackers and cybersecurity teams rely on. Hence in the future of cybersecurity the use of AI by hackers and security teams will be a common theme as AI systems become more available, capable, and affordable. They will help to avoid organizations and individuals falling victim to cyber attacks by using techniques such as deep learning security algorithms, automation of systems that are vulnerable to human error, and biometric identity protection.
Future of Cybersecurity – Increasing Security Threats
The number and variety of cyber threats will continue to increase year-on-year. Here are some examples:
Organized gangs: Cyber criminals are no longer just individuals working from their bedrooms. Cybercrime is now a highly organized industry that operates across international boundaries, sharing data and information. The trend has seen gangs coming together to develop and launch coordinated ransomware attacks at a large scale, just like the 2017 Wannacry attack that saw over a quarter of a million devices affected across 150 countries. This form of attack will be more common in the future of cybersecurity.
Untrusted internet: Some people think that the Internet network can be trusted. That has never been the case; the internet is made up of many thousands of different computing resources located all over the globe and managed by thousands of different individuals and organizations. Some of these are legal entities that are obliged to comply with their national laws and regulations, which doesn’t apply to all providers. The Internet is, in essence, an unregulated network. The number of providers will continue to increase globally, some in countries with a poor history of regulation. Add to this the growth in disputes between nation-states increases, whether about trade or human rights or anything else, the risk of cyber criminals stealing data transmitted over the web will increase.
State sponsored attacks: We have already seen cyber attacks that seemed to originate from within foreign governments. The purpose may be disruption or theft, but as everything we do becomes reliant on digital, we have to ask is cybersecurity the future battleground when nations fall out? A cyber attack on power generation could quickly stop everything in a nation, forcing it to do something like removing economic sanctions from the attacking country.
Decreasing international co-operation: The trend of decreasing international co-operation on cybersecurity is likely to continue. For example, after the UK left the EU In January 2019, it stopped being part of the European cybersecurity bodies. In 2019 countries including the US, UK and Australia put bans on using equipment made by the Chinese firm Huawei into national networks due to fears over the close links between Huawei and the Chinese state. A knock-on effect was the prevention of international co-operation on both the technological and regulatory challenges of cybersecurity.
Phishing attacks: Phishing attacks continue to increase year in year and are getting increasingly sophisticated. A massive percentage of the world population now uses email, but only a small percentage have received IT security training. This makes the rest extremely vulnerable to being fooled by phishing attacks. The trend will be for more and more people and organizations to lose data, have their systems taken over by hackers, and pay ransoms to the cyber criminals. This will increase the funds that the hackers have available to develop more and more sophisticated attacks and to fund other criminal activities, such as drug production and distribution.
Increasing political interference
Using cyber methods such as social media to sway public opinion has almost become an accepted feature of democracy today. There are claims that the US presidential election, the UK election, and the UK Brexit campaign were all affected by this type of cyber use. To date, cybercrime for elections has taken one or both of two forms. The first uses the dissemination of “fake news” via social media. The second uses direct attacks against a candidate’s systems or the digital electoral infrastructure. Both Facebook and Google have invested in AI-based technology designed to identify potential “fake news” using pattern analysis.
This type of cybercrime can also be used to try and cause political unrest. For example, the Chinese government was suspected of attempting to incite unrest in Hong Kong using fake social media accounts, and the private emails of candidates were hacked and released in both the 2016 US elections and the 2017 French elections.
For the future of cybersecurity, both of these types of digital electoral interference are likely to become a growing problem over the next 12 months and will need to be countered. Hence what is the future of cybersecurity should not just be confined to the world of IT; it’s scope has to be much broader.
A growing skills gap
Implementing strong defenses against cyber attacks requires access to a skilled, experienced cybersecurity workforce. This will increasingly become a challenge. The last few years have seen a growth in the number of people taking courses in cybersecurity, and this trend is bound to continue into the future. However, the demand for staff with well-developed cybersecurity skills is growing much faster than the supply. Research conducted in 2020 highlighted that the number of unfilled cybersecurity vacancies could increase from 1 million in 2014 to 3.5 million in 2021.
Unless there are enough people with the skills to counter the growing number of cyber threats, the harm to everybody will increase. That includes fraud following the theft of personal information, political disinformation campaigns changing the course of democracy, and the inability to access systems that we rely on to carry out our lives. Millions of dollars will be lost unless significant and ever-increasing investment is made on training existing staff on how to prevent and manage cyberattacks, training new starters, and hiring cybersecurity experts with the skills to spot new threats.
IoT and vehicle hacking
Today’s vehicles are full of digital devices, including sensors, GPS tracking systems, audio systems, and control systems. Many of them are now connected to the internet and have Bluetooth capability to link with other devices. Vehicles are becoming an increasingly attractive and lucrative target for cyber criminals. This will get even worse as self-driving cars are made available.
Today’s modern homes use Internet of Things (IoT) devices to make our lives easier. Voice-activated doors, windows, and home alarm systems are now commonplace. Due in part to the lack of effective IT security adoption by the thousands of device manufacturers and service providers, hackers are now adept at hacking into these devices, which then gives them easy access to the connected private networks.
This trend of using IoT devices to circumvent IT security measures will increase and extend to include automobiles. The payback for the criminals will be greater thanks to the growing amount and variety of data that will be stored about our daily lives. For example, a criminal could detect that everybody in the household had gone out in the car, leaving the home empty and vulnerable to a burglary attack. Attackers will also be able to target the vehicles themselves, potentially using them to access email accounts and personal information or the cloud services where the data is routinely sent for storage and analysis. Large scale data harvesting and resale on the black market is highly lucrative for cybercriminals.
A very real danger is that the cyber criminals could compromise the controls and safety features of modern vehicles and home devices. The idea of hijacking self-drive cars or sabotaging the controls of cars with drivers may seem to be fiction, but these threats are being taken seriously by the automotive industry.
I hope this has given you a view on what is the future of cybersecurity. Cyber security in future years is going to be just as important as it is today, if not more so. As we rely more on digital products, then the cyber threats to our daily lives will increase. Today most citizens are either blissfully unaware of the threats from cyber attacks or have accepted the risks of putting their entire lives into digital. Publicity about identity theft, data breaches, and leaking of sensitive information and photographs doesn’t seem to have changed our willingness to store our most sensitive data in the cloud. The reality is that cyber criminals are well aware of this and will increase how they exploit our human nature, without caring if they damage us in the process.