In 2018, many organizations were confronted and surprised by known and unknown malicious threats. The good news is that it’s relatively simple to make sure your business will not make headlines in 2019. The first step? Make sure you know what to watch!

With the continued growth of emerging technologies and innovative cybersecurity solutions under development, we have asked our security experts to provide us with feedback on cybersecurity trends in 2019.

The more Internet penetration grows, the more new technologies appear, the more actively cyber attacks develop and mutate. Cybersecurity experts must resist attacks at all stages and use all the tools in the arsenal. 

1. The Internet of Things (unsecured)

Faced with the growing use of IoT-based solutions, some IoT providers seem to favor operability over IT security. For security specialists, the question is, what is the right level of acceptable risk? By 2019, companies should transfer corporate ownership to IoT security and focus on these patch-free and vulnerable IoT devices, targeting specific areas of the security budget to manage IoT-related risks.

As the threat of botnet DDoS attacks increases, more and more IoT devices “recruited” into botnets will be used to launch DDoS attacks. With the Mirai botnet, for example, and as mentioned in our previous article  Top 5 Cyber ​​Security Threats 2019 , several Mirai derivatives are already active.

This new generation of botnet DDoS attacks means that the number of threats and their destructive potential will increase in 2019. Mitigating massive traffic volumes using effective DDoS protection solutions is therefore considered a top priority for years to come.

2. Security products move to the cloud

Cloud-based security may be the biggest cybersecurity trend to monitor in 2019. When organizations use cloud-based cybersecurity systems, such as  Cloud Security Forcepoint they benefit from faster deployment and scalable solutions that meet their specific needs. Like many other cloud applications, cloud-based security solutions incorporate open APIs that enable DevOps security teams to develop tailored solutions for cloud computing security platforms. In general, cloud providers use a ‘shared responsibility’ model. The cloud provider ensures that the data is stored properly, but it is up to the users to ensure that the appropriate security measures are in place. This aspect is often overlooked.

This means that 2019 will be an interesting year to watch as companies migrate and (partially) move their security solutions to the cloud. Content Access Security Brokers (CASBs) will also provide network  firewalls, Web Application Firewalls  (WAFs), and more advanced Secure Web Gateway (SWG) platforms.

3. Maturity of the endpoint security market

In 2017  Crowdstrike  detected an increase in malware-based attacks compared to malware-free attacks.39% of these incidents involved malware that traditional antivirus did not detect, leaving organizations vulnerable to cyber threats. This demonstrates the growing need  for next-generation endpoint protection capabilities  .

With the provision of endpoint protection platforms and security management systems that monitor and control agents, more and more organizations are attempting to coordinate device control over their networks to prevent malware and malware. intruders. This is one of the reasons why the endpoint security market has quickly turned into a mature market.

Many endpoint security providers offer comprehensive endpoint detection and response (EDR) solutions. They effectively use technologies such as artificial intelligence (AI) and Machine Learning to continuously improve efficiency and effectiveness. Another related trend is the propensity of vendors such as FireEye to move to the Endpoint Security space with SaaS endpoint protection management.

After the major mergers, acquisitions and other developments observed this year in the endpoint security services offer, sudden market changes and technological advances in this area are expected in 2019.

4. Web application firewalls

The use of firewalls and intrusion prevention systems (IPS) remains a concern as these devices are susceptible to state-of-the-art TCP attacks, as were more than half of those responding to survey conducted by Arbor Networks and revealed by its  Global Threat Landscape Report .

Securing online businesses requires a lot of care and attention. A web application firewall (WAF) protects web servers and their content against several categories of attacks such as web scraping, buffer overflow and XSS (cross-site scripting). As the demand for information on malicious traffic that threatens Web applications increases, it becomes increasingly important to determine the details of attacks in real time and to improve the visibility of the mitigation techniques used. Organizations can use this information to quickly detect (and potentially prevent) application attacks.

WAFs are deployed in front of web servers to protect web applications against external and internal attacks, to monitor and control access to web applications and to collect access logs for compliance / audit and analysis purposes. These advances fuel the growth of the web application firewall market. With the rapid growth of this market, 2019 will be an important year not only to observe market changes, but also to adopt technological advances to make your existing WAFs more efficient and effective.

5. SIEM 2.0: The power of machine learning and the flow of threats

As part of Infradata’s security audit, we assess the maturity of an organization’s security, some of which may include the implementation of a SIEM. Customers with a SIEM typically achieve nearly 80% of their deployment. This is because SIEM solutionsare based primarily on rules. Before they can detect and correlate an incident, it must be known by the system. And that means he had to be seen before. As a result, the SIEM will produce hundreds of events per day, or virtually none. In both cases, it is not very effective. With the rise of machine learning, a SIEM 2.0 can learn the normal behavior within a network and systems. The only problem is what constitutes normal behavior? If an organization is already compromised when deploying SIEM 2.0, then there may be no compromise metric. To address this problem, threat streams are added to the machine learning capability. These threat streams include known malware patterns that will help the machine learning system make the right decisions. With SIEM 2.0, SOC engineers can focus on four events per day instead of thousands, which improves the level of defense against cyber attacks.

6. “Zero Trust” maturity level

With the Zero Trust security model   applied as a foundation by many organizations, IT security teams can now develop employees’ digital fingerprints and identify digital trust models.

Cyber ​​attacks and internal threats are becoming more and more sophisticated to protect themselves on a daily basis. Therefore, the Zero Trust means that now identities must be checked and checked beforehand within or outside a network before allowing access to data or systems. One of the biggest challenges in deploying Zero Trust models is that it can be a barrier to employee productivity. Giving users “barrier-free” access to data and applications with an efficient digital fingerprint process, without the difficulties inherent in the Zero Trust approach, will be a major cybersecurity trend in 2019.

7. Security By Desig

Driven by the evolution of the regulations, also by the awareness of the risks incurred by producing products and services on which security is neglected in favor of time to market, the ‘security by design’, that is to say ie the integration of safety into projects as soon as they are defined and then at each stage of the product life cycle, is now essential in development methods.