How can companies better protect themselves against the growing number and complexity of cyber-attacks while equipping themselves for the opportunities of automation and digitization of the economy?

Our goal is to further promote awareness of the increasing cybersecurity risks that affect the business and security of our customers, This year, we are focusing on the areas where we see the greatest dangers and opportunities, and highlighting the implications for our increasingly interconnected world. We look at global needs and regulation efforts and confidence in cybersecurity to further strengthen it. We also look at ways to protect ourselves against “smart” cyber attacks and what we should do to close the skills gap in a world hungry for cybersecurity talent but overwhelmed by massive amounts of data.

Here are the highlights of the eight cybersecurity trends.


With the growing number of global regulations in the cyber environment, the price is rising to protect privacy. Data protection is a critical aspect in an increasingly digital world. 25 May 2018 marks a crucial turning point for data protection in Europe. This date marks the end of the transitional period for the EU GDPR, as it will be legally binding as of this date. It means a fundamental change in data governance and how information is protected by companies processing personal data of EU citizens. The regulation is the beginning of a growing worldwide regulation in the area of data protection. Violations of these can be punished with penalties of up to 4 percent of global turnover – a huge sum, which can not be disregarded. It can be assumed that the EU Commission will systematically prosecute DSGVO violations by large global companies.


The Internet of Things is driving the interplay between security, cybersecurity and data protection. In 2016, the use of Mirai malware has shown that IoT devices can form a powerful and dangerous botnet. The time-to-market needs of product development and the limited technical performance of IoT devices today make these devices critical vulnerabilities that can be easily exploited. The impact of data breaches today goes far beyond simple data monetization and also includes physical threats to health and safety as devices and systems are directly connected to open networks. It’s an open secret that IoT security is not well. Estimates assume that more than 500 such devices will be available in private homes and apartments by 2022. This makes it clear that the risks to security, cybersecurity and data protection will increase significantly.


Operational Technology as a target for cyber attacks. The Industrial Internet is already transforming the global industry and infrastructure, promising greater efficiency, productivity and security. To compete, process control devices are connected to the online world, often inadvertently exposing vulnerable components to cyber-attacks. Manufacturing equipment is also a target to gain access to intellectual property, trade secrets and technical information.
Behind attacks on the public infrastructure, on the other hand, there are financial reasons, hacktivism and dissatisfaction with government agencies. Fear of a “worst-case scenario” in which attackers trigger a collapse of systems that form the foundation of society was a topic at this year’s World Economic Forum. Industrial systems are particularly vulnerable to attacks on the supply chain. This has also recognized criminal attackers and begun to take these systems in the sights.


With cyber defense mechanisms in place, the focus shifts to threat detection and appropriate responses. Recent attacks show that in the fight against experienced and persistent cyber criminals, prevention mechanisms alone are not enough. Today, it takes an average of 191 days for a company to detect a data leak. And the longer it takes to detect and respond to a threat, the greater the financial loss and reputational loss the company suffers from the incident. Due to the enormous increase in collected security-related data, the limitations of current technologies, the inefficient use of existing threat information (Threat Intelligence),


Increasing Use of Artificial Intelligence for Cyber Attacks and Rescue. As they move toward digital transformation, businesses are becoming increasingly targeted for complex and persistent cyberattacks. Malware is getting smarter. It can adapt “intelligently” and bypass traditional detection and removal routines. With the global shortage of cybersecurity specialists, companies are losing the cyber arms race. The amount of safety data far exceeds the capacity for their efficient use. This leads to an increasing number of AI-enabled cybersecurity use cases: speeding up the detection and fight against security incidents,


Certification will be important to boost confidence in cybersecurity. There is widespread agreement that cybersecurity and data protection are integral parts of a digital and connected world. But: How can the level of protection of a company be objectively assessed? Concerns about whether and to what extent cybersecurity is actually being implemented are increasing. As a result, existing and new standards that make cybersecurity strategies internationally comparable are becoming increasingly relevant. Certification is important to CISOs and product manufacturers to prove that they did what they promised. However, the certification processes for confirming the IT security of products today focus primarily on critical infrastructures and the public sector.


Replacement of passwords by biometric authentication. Digital life is defined by a complex web of online apps, with digital identities protected by usernames and passwords. To increase the protection behind these apps, it is recommended to use hard-to-guess and complex passwords and to change them regularly. In practice, however, this rarely happens. With the exponential increase in computing power and ease of access to the cloud, passwords can be cracked in ever shorter time. What took almost four years to complete in 2000 is completed in two months’ time. When you consider that passwords are often stolen, hacked and traded, it becomes clear that they have never been more openly available than they are today. That’s why we’re seeing mobile phones today.


Selected industries targeted by the attackers: healthcare, financial services and energy. The majority of cyber attacks are committed by criminals for financial reasons. The value of data in the Darknet depends on the demand, its availability, its completeness and the possibilities for its use. Therefore, personal information from the health and financial sector is in particular demand. Medical records cost between $ 1- $ 1,000, depending on how complete they are. Credit card details are sold for $ 5 to $ 30 if the information you need is included for your use. Other cyber attacks have more political or nationalist motives. In 2018, there is an increased risk of disruption of critical services by attacks on the energy sector.