Edge, GDPR, cloud and shadow IT security concerns for 2019

The prospects for next year being a quiet one on the cyber security front look pretty slim with some of the great and the good on that side of the industry already predicting challenging times ahead.

It is usual at this time of year that predictions about what lies in store in 2019 start to emerge but the contents of the security industry assessments indicate a high expectation of increased activity in that sector.

Most of that bodes well for those channel players with the expertise to help users fend off threats but it is also a reminder that vigilance needs to be maintained.

Forcepoint today launched its 2019 Forcepoint Cybersecurity Predictions Report, with the main headlines being grabbed by its comments about a cyber cold war emerging between nation states.

But there were also comments about the move by customers to the edge and the need to secure those environments, which should generate revenue for resellers.

“The cybersecurity industry and attackers expend efforts in a never-ending cycle of breach, react, and circumvent—a true cat-and-mouse game,” said Raffael Marty, vice president of research and intelligence, Forcepoint. “We need to escape this game. Researching these predictions forces us to step back and see the overall forest among the millions of trees. Cybersecurity professionals and business leaders need to adapt to changes based on the risk they represent, allowing them to free the good while still stopping the bad.”

Others in the industry have also talked about what could be expected next year with David Francis, head of security at IT services provider KCOM, also looking out for some activity on the GDPR front.

"If 2018 was the year of compliance, 2019 will be the year of retribution for everyone’s favourite data privacy regulation. The period of grace is drawing to a close, and the new year will see the ICO taking its first high-profile scalp over treatment of personally identifiable information," he said.

"That will set the precedent by which all further cases are judged – letting companies know along the way just how strictly enforced the rules are going to be, and how heavy the fines. Now is the time to check your compliance levels – don’t wait for the hammer to fall,” he added.

For Ian Kilpatrick, EVP Cyber Security, Nuvias Group, the year ahead is not only going to include more nation-state level attacks, activity on the GDPR front but also more work for resellers to do around securing shadow IT and cloud environments.

"Cloud insecurity grew in 2018 and, unfortunately, it will carry on growing even more in 2019. Increasing amounts of data are being deployed from disparate parts of organisations, with more and more of that data ending up unsecured," he said.

The challenge of keeping on top of everything that is happening across a network is also one that will cause work for channel.

"Shadow IT systems continue to proliferate, as do the number of applications and access points into systems, including legacy applications. In the case of shadow IT systems, these are indefensible as they are; and in the case of increasing applications and access points, if they relate to old or abandoned applications, they are difficult to identify and defend," he said.

"In both cases, these are an easy attack surface with significant oversight, internal politics and budget challenges, and were previously seen as a lower priority for resolution. However, there has been both an increased awareness of the opportunity for attack via this route, and an increase in the number of attacks, which will accelerate in 2019," he added.