Data protection is no longer just a technology issue—its political and commercial impact is far-reaching. In 2018, we saw the Europe Union introduce sweeping data protection legislation under the General Data Protection Regulation (GDPR). And in the United States, leaders of tech giants testified before Congress regarding data privacy and protection. There’s a heightened awareness of and expectation for better information security and that’s a good thing. But just as a new data protection baseline has been established, the complexity and frequency of cyber security threats is increasing. Threats that were novel a few years ago are now available as-a-service and with little technical expertise. 2018 saw an increase in hijacking IT resources for mining cryptocurrency, but ransomware, insider attacks and malware aren’t letting up. While these threats will continue, here are some key trends to keep a close eye on in the year ahead.
Mr. Ross McKercher, CISO, Sophos
Today, with cybercriminals operating like a penetration tester in the way they scope out the network looking for vulnerabilities and weak entry points, those responsible for IT security will once again need to adjust their strategy and defenses. The Sophos 2019 Threat Report detailed how criminals are now “staking out” victims, moving laterally throughout the network, manipulating internal controls to reach their objectives with stealth. As endpoint protection has improved, so criminals are on the lookout for the next weak entry point. The focus can no longer be on protection and detection, but also intelligent and automated response that provides lateral movement protection to isolate an attack moving through the network.
Security teams will need more development and engineering skills
Security teams used to focus on firewalls and endpoints and many security professionals cut their teeth as system and network administrators. Nowadays infrastructure is defined by code, breaches are increasingly caused by weak applications and automation is essential for under-staffed teams. This is changing the skillset required by security pros. We now also need to have a deep understanding of applications and an ability to build automation into our tools and processes.
Organisations will up their focus on software supply chains
Everyone relies a huge amount nowadays on Open-source libraries that are often maintained very informally by loose-knit communities that are easy to infiltrate. This used to be the domain of nation states but the criminals are getting in on the action.
AppSec will continue to grow
We are getting better at protecting Endpoints and attackers are shifting their focus. Legacy applications will continue to be a fertile hunting ground!
Threat Hunting really will be driven by ML
Bit of a cliché but ML will no longer be something that you just buy. Tools & techniques that were previously the domain of data science experts are getting easier to use. Won’t be long before larger SOC teams are using the tools directly rather than via models that are embedded in products.
Zero-trust starts to become achievable
The tools, knowledge and technologies for achieving a true Zero-trust architecture are rapidly maturing. Maybe like nuclear fusion – 15 years away and always will be but 14 years after the Jericho forum declared the end of the network perimeter we are getting close the point where many enterprises have a realistic chance of keeping their clients off “trusted” networks, particularly non-technical employees.
Mr. Michael Joseph, Director System Engineering, India & SAARC at Fortinet
Fortinet unveiled predictions from the FortiGuard Labs team about the threat landscape for 2019 and beyond. These predictions reveal methods and techniques that Fortinet researchers anticipate cybercriminals will employ in the near future, along with important strategy changes that will help organizations defend against these oncoming attacks.
Cyberattacks Will Become Smarter and More Sophisticated
For many criminal organizations, attack techniques are evaluated not only in terms of their effectiveness, but in the overhead required to develop, modify, and implement them. As a result, many of their attack strategies can be interrupted by addressing the economic model employed by cybercriminals. Strategic changes to people, processes, and technologies can force some cybercriminal organizations to rethink the financial value of targeting certain organizations. One way that organizations are doing this is by adopting new technologies and strategies such as machine learning and automation to take on tedious and time-consuming activities that normally require a high degree of human supervision and intervention. These newer defensive strategies are likely to impact cybercriminal strategies, causing them to shift attack methods and accelerate their own development efforts. In an effort to adapt to the increased use of machine learning and automation, we predict that the cybercriminal community is likely to adopt the following strategies, which the cybersecurity industry as a whole, will need to closely follow.
Artificial Intelligence Fuzzing (AIF) and Vulnerabilities: Fuzzing has traditionally been a sophisticated technique used in lab environments by professional threat researchers to discover vulnerabilities in hardware and software interfaces and applications. They do this by injecting invalid, unexpected, or semi-random data into an interface or program and then monitoring for events such as crashes, undocumented jumps to debug routines, failing code assertions, and potential memory leaks. Historically, this technique has been limited to a handful of highly skilled engineers working in lab environments. However, as machine learning models are applied to this process we predict that this technique will not only become more efficient and tailored, but available to a wider range of less technical individuals. As cybercriminals begin to leverage machine learning to develop automated fuzzing programs they will be able to accelerate the process of discovering zero-day vulnerabilities, which will lead to an increase in zero-day attacks targeting different programs and platforms.
“We are seeing significant advances in cybercriminal tools and services which leverage automation and the precursors of AI. Organizations need to rethink their strategy to better anticipate threats and to combat the economic motivations forcing cybercriminals back to the drawing board. Rather than engaging in a perpetual arms race, organizations need to embrace automation and AI to shrink the windows from intrusion-to-detection and from detection-to-containment. This can be achieved by integrating security elements into a cohesive security fabric that dynamically shares threat information for broad protection and visibility across every network segment from IoT to multi-clouds.”
Mr. Nilesh Jain, Vice President, India and Southeast Asia, Trend Micro
Cybercriminals will continue to follow a winning formula – exploiting existing flaws, social engineering and stolen credentials – to drive profits. As both the corporate attack surface and unknown cyber threats increase, it’s more important than ever for organizations to put more resources behind employee education to help protect against these growing attacks.
The role of social engineering in successful attacks against businesses and individuals will continue to increase throughout the year. Since 2015, the number of phishing URLs blocked by Trend Micro has increased by nearly 3,800 percent. This offsets the lessening reliance on exploit kits, which has decreased by 98 percent in the same time. Additionally, attackers will continue to rely on known vulnerabilities that remain unpatched in corporate networks for 99.99 percent of exploits, as this remains a successful tactic.
The full range of known and unknown threats can never be addressed by one single technology. In 2019, enterprises should not look for a silver bullet, but a mix of threat defense techniques that complement each other and work together.
Trend Micro also predicts attackers will leverage these proven methods against growing cloud adoption. More vulnerability will be found in cloud infrastructure, such as containers, and weak cloud security measures will allow greater exploitation of accounts for cryptocurrency mining. This will lead to more damaging breaches due to misconfigured systems.
Attackers will also implement emerging technologies like AI to better anticipate the movements of executives. This will lead to more convincing targeted phishing messages, which can be critical to BEC attacks. Additionally, it is likely that BEC attacks will target more employees who report to C-level executives, resulting in continued global losses.
Mr. Ravi Raj, Brand Head Director, Sales & Support at NetRack
The year 2019 will be very experimenting for all the industries. With the intrusion of cutting edge technologies and new initiatives taken up by specific organizations, we can expect an exponential growth among various businesses across the globe.
The epicenter of the IT industry is the innovation of their IT infrastructure, mainly in the data center space. We can’t deny the fact that data center is shifting to support wider platforms in the digital landscape. Considering this, the businesses of organizations seem to rely on the capabilities of the IT ecosystem for supporting the new initiatives. There is a need to fill more computing power into precious data center space. Hence companies need to organize their servers and other necessary IT infrastructure. And the backbone of that organization scheme is the data center cabinet (or rack), which is designed to bring order to a potentially chaotic mass of servers, power distribution units, cables, switches and other gear. Thus, organizations look forward for the solutions with increased intelligence designed to simplify operations, enable remote management and service, and bridge a widening skills gap.
One of the major drivers for end-user adoption is the lower cost associated with rack solutions. The manufacturers are adding new features such as corrosion protection, system expandability, self-cooling, modular DC and thermal management, compatibility and connectivity for making them economically feasible for various verticals. Also, many organizations from SMBs started to implement Modular and Colocation datacenters considering the factors such as more scalability, agility, efficiency offered with disaster recovery. However, growing investments in data centers will offer ample opportunity to the various established and new data center rack vendors in the coming years.
Mr. Kunal Nagarkatti, COO, Clover Infotech
IoT will become intelligent
IoT is advancing and evolving with each passing day. In 2019, a network of collaborative intelligent things will be created where multiple devices will work together developing IoT to its full potential. Connected to the global web and combined via wireless communication channels, things will turn into a one big integrated system driving a major shift in the human-machine interaction.
As per the Forbes report, global IoT market will grow from US$ 157 Billion in 2016 to US$ 457 Billion by 2020, attaining a Compound Annual Growth Rate (CAGR) of 28.5%.
Self-teaching Artificial Intelligence (AI) will be more confident
Since the invention of the first artificial intelligence, the field has witnessed some ground-breaking innovations. Artificial intelligence has done some revolutionary work in assisting human in tasks such as decision making, recognition of objects, emotion & speech, overall reinventing the customer experience. AI has been able to cope up with these tasks better, faster, and cheaper than people. The capability of algorithms for self-learning brings us closer to implementing the AI into many areas of human life.
Based on the forecast by Tractica, a market intelligence firm, the AI market is expected to grow more than US$ 191 Billion by 2024.
Augmented reality (AR) is one step ahead of virtual reality (VR). In augmented reality, systems combine to give you a real-time 3D vision, sound, haptics (the sense of touch), location data and even other senses such as smell. All this enable people to immerse themselves in a created physical world, react to what’s around them and alter their virtual environment in real time. Organizations are increasingly applying this technology across a wide spectrum of human activity from art & entertainment to commerce and education. 2019 will witness ground-breaking work in this field to make it readily available to people on their smart devices.
As per the Market Watch Study, Virtual and Augmented Reality market is expected to grow more than US$ 117 Billion by 2022.
In this digital world, where everyone and everything is connected, information flows through the speed of light. Due to our increased digital footprints, cyber security has emerged as the gravest concern. There will be heavy investment in this field to adapt to new technologies to enhance security.
As per the Zion Market Research, global size of Cyber Security market is expected to rise to USD 181.77 Billion by 2021.
Robotic Process Automation (RPA)
The ability of RPA to automate tedious and time consuming tasks has made it the most sought-after solution. It can automate mundane tasks, assist employees with the use of supervised automation. As a result, companies can save resource time and ensure productivity of the processes. In 2019, RPA would enable small businesses, not just enterprise business, to leverage the advantages of a digital workforce.
As per the P&S Market Research, New York, the RPA industry’s market size is expected to rise to US$ 8.6 billion by 2023, growing at a CAGR of 36.2% during 2018-2023
Mr. Vijender Yadav, CEO at Accops SystemsAccops predicts that the year 2019 will see huge focus on Mobility & Security as the growth in ICT spending continues to be driven by The Big Four: Cloud, Mobility, Big data & Artificial intelligence. This business transformation has given rise to the need of secure data access at any time, from any location and from any device.
Cloud technologies have crossed the chasm, accelerating digital transformation, but heavily regulated industries such as BFSI, Healthcare, Defense and Government have already raised concerns pertaining to privacy & security. 2019 onwards, regulated industries can expect stricter governance policies and compliance. Data protection of cloud applications such as O365, Dynamic CRM, Salesforce etc. hence becomes imperative for enterprises. At the same time, security practices will have to evolve keeping in mind ease of use, seamless access with stronger authentication policies for devices and users.
The Big Four will unleash multiplied innovation with massive data sharing and monetization, and hyper agile application deployment technologies. They will help organizations to create seamless digital work spaces that are dynamic in nature. Business operations have already started seeing benefits with chat-bots being able to solve level 1 technical support queries with help of machine learning. Accops predicts with the help of The Big Four, security teams will be able to automate & self-heal faults and provide both predictive and proactive security that is self-aware. Time-consuming tasks of IT teams such as troubleshooting, or provisioning of applications and infrastructure will be automated leading to reduced IT complexity. Digital transformation will also witness plethora of benefits with other upcoming technologies such as virtual reality, augmented reality, block chain & IOT driven industry 4.0.
Providing secure access to endpoints and business data distributed across geo diverse locations is a major challenge, while adopting any new technology. Implementation efforts on any of big four technologies will be futile until IT infrastructure is consolidated. Data, which is the key underlying element for implementation of big data or artificial intelligence or mobility, can only be brought under control with help of centralized IT infrastructure.
Mr. Rajesh Thadhani, Sales Director at Crayon Software
Drive business with Artificial Intelligence (AI)
AI itself is a vast and deep subject. AI has already paved its way in most of the industries. In the future, AI and big data will offer powerful tools to streamline business processes, get rid of legacy systems, simplify operations and expedite processes. AI will be the key enabler in innovating new products and understand the customers better to deliver the best. The future holds more disruption from AI, not less.
IoT is not a new thing. Soon, there will be thousands of devices connected from one individual, generating enormous amount of data. To leverage value out of that data is through AI tools.
Cloudification of storage
When I say, “storage cloudification”, it typically means that we need to get the right type of storage for the specific job. In 2019, companies will start utilizing storage based on the purpose/requirements. We will witness that IaaS, storage and databases will become intelligent and rule the market.
Storage and the data it houses are the two main components of every business foundation. When we cloudily the storage it gives us the freedom of data – a valuable asset — being available, accurate, reusable and secure.
2018 was a year for enterprise mobility, as organizations continued leveraging new mobile technologies to boost productivity& improve employee experience, reduce costs, and protect data. With 5G implementation round the corner, businesses should start ramping up their systems for this to make the most out of it.
Software as a Service (SaaS) a key motion to drive cloud 2020
In the upcoming year, with SaaS, we will witness more and more companies adopting SaaS as it helps in legacy application migration to the cloud. Most of the companies will be turning to cutting-edge SaaS powerful tools. Why not? Their operations will no longer depend on legacy systems as most of the performance apps say 70-80% will be hosted and maneuvered in cloud. It will benefit the companies in terms of financial savings, productivity and of course it’s easy to use.
Mr. Satish Kumar V, CEO at EverestIMS
The year 2019 can foresee huge transformation in IT industry. It is expected to see various organizations define, adapt and transform their offerings from a technology heavy design leading to service offerings with a niche in the market. Similar to how the various verticals adopted & benefitted through Cloud technologies, the focus will now all be on the “tangible services” that are relevant to both individual & corporate consumers at large scale. We can expect to see new service segments being created alongside standardization of existing offerings in a highly competitive environment. The technology companies will continue to flourish based on their roles in the chain of data generation – data aggregation – data communication – data analysis – data presentation – data generation.
AI will be the one prime technology that is bound to evolve a lot in 2019.The special focus will be on the adoption of AI in daily lives on both personal & work front. “Cloud” evolved at making IT consumption (be it individual or corporate) generic enough to scale & manage on the go before settling down to personalization of each consumer space among the service offerings (from IaaS to PaaS to SaaS). Each of the major CSPs is now offering services that can be adopted to specific / custom use-case scenario through flexibility on structuring / design / billing and delivery.
Similarly, AI will be all about personalizing the technology all over again in order to make service consumption seamless to consumers through their daily interactions / activities. Firstly it will be about identifying useful data among the plethora of data being generation from all kinds of sources & platforms. Then it will involve humans again for bringing in that natural factor to define the churning of data to come up with actionable Intel that will finally lead to service delivery with a touch of personalization.
Mr. Gaurav Ahluwalia, Managing Director at R&M India
2019 will be the year of implementation for various industries. Along with continuous acceleration of IT industry, one can expect the structured cabling industry to flourish in the global markets. Structured Cabling is one of booming industries across the world.
The global cabling market is divided into major two segments, namely Electrical and Telecom/Datacom cables which are used for various industries in various applications. In 2019, Telcos will be looking towards fiber connectivity solutions to remodel/renovate their cabling infrastructure and increase their efficiency. Also organizations/companies are revamping their data centers with structured/fibered cabling connectivity to minimize the downtime and yield more benefits. Thus, increasing demand for structured cabling solutions from Data center industry and Telecom industry will be the major market drivers in 2019.
Also, 2019 will witness the organizations adapting technology rich connectivity products to their cabling infrastructure such as Shielded cables, S/FTP products, Cat 8 cabling solutions etc., Speaking over Indian market, 2019 may also play a positive role by introducing more benefitting initiatives for cabling and manufacturing industries, proportionally increasing investment in network and building infrastructure which drives the Indian cables market.
Mr. Prashanth J, CEO at TechnoBind
According to recent Gartner report cloud market is projected to reach a staggering $206 billion in 2019, from $175 billion in 2018 and $145 billion in 2017. In a data driven society, Cloud computing has become default platform for fueling DXs and modernizing IT portfolios. Infiltrating the enterprise space, more businesses shutting their traditional data centers and making heavy investments, undoubtedly Cloud is here to stay.
Big data analytics trends are changing over past couple of years, from a departmental approach to business-driven data approach, embracing agile technologies and an increased focus on advanced analytics. As businesses are shifting from being data-generating to data-powered organizations, data and analytics implementation have become the center of gravity for many enterprises to stay ahead in the competition.
Given the advantages of cloud computing, many businesses will likely rush into it and ‘Security’ regularly ranks as the number one concern among cloud adopters. Between GDPR, WannaCry, and a handful of other high-visibility incidents, dollar figures for security breaches have grown to the point that companies cannot stay in business without serious consideration of implementation of better security solutions.
2018 was a year of fundamental change. Underpinning this was the impact of data management and analytics and of course GDPR. We have created IoT solutions and edge networks that are far too gullible and trusting. In 2019, security has to be the number one focus point for organisations to ensure the safety and efficacy of edge devices and networks accordingly. There are too much vulnerability and gaps in the security posture for IoT devices — organizations must take a proactive approach to securing devices. Organizations must use the data, metadata, device logs – treating IoT devices like any other network device to predict and accurately respond to the available signals. More data islands have been created with IoT, we are now starting to bridge the islands but we don’t speak the same collective language.
The ability to acquire data from disparate systems and align it on common ontologies so we can trust and utilize the data. The clockspeed for decision-making is increasing, while information expands exponentially underneath our feet. As AI and machine learning evolve, allowing these capabilities to organize the data, attribute it from a universe of observations, and produce auto-didactic insights, will give us opportunities not yet imagined. Lineage – “what did we know and when did we know it” will be a key capability that allows organizations to use data optimally.
Next year we will see further use cases of IoT in home spaces, smart cities and more industrial use cases in automation or autonomous vehicles. Technology ecosystems are forming so a holistic view of data across the cloud to the edge is important to maximise the benefit of the data used across these ecosystems. Cloudera can do that by making sense of the community and provide the value add and protect the data and the consumer by assuring governance and security.
The fines associated with non-compliance of the regulation are significant: up to 4% of annual global turnover or $20 million, whichever is greatest. Even if an organisation would not flinch at those kinds of numbers, the impact on their reputation would certainly get them to care about complying. GDPR to a large extend is about showing your customers and employees you are careful with their data, that it is used for the right purpose and that, ultimately, they have control. With that control also comes trust. And any organisation care about that.